akkoma/lib/pleroma/web/twitter_api/twitter_api_controller.ex

# Pleroma: A lightweight social networking server
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.TwitterAPI.Controller do
  use Pleroma.Web, :controller

  alias Pleroma.Notification
  alias Pleroma.Plugs.OAuthScopesPlug
  alias Pleroma.User
  alias Pleroma.Web.OAuth.Token
  alias Pleroma.Web.TwitterAPI.TokenView

  require Logger

  plug(OAuthScopesPlug, %{scopes: ["write:notifications"]} when action == :notifications_read)

  plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)

  action_fallback(:errors)

  def confirm_email(conn, %{"user_id" => uid, "token" => token}) do
    new_info = [need_confirmation: false]

    with %User{info: info} = user <- User.get_cached_by_id(uid),
         true <- user.local and info.confirmation_pending and info.confirmation_token == token,
         {:ok, _} <- User.update_info(user, &User.Info.confirmation_changeset(&1, new_info)) do
      redirect(conn, to: "/")
    end
  end

  def oauth_tokens(%{assigns: %{user: user}} = conn, _params) do
    with oauth_tokens <- Token.get_user_tokens(user) do
      conn
      |> put_view(TokenView)
      |> render("index.json", %{tokens: oauth_tokens})
    end
  end

  def revoke_token(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
    Token.delete_user_token(user, id)

    json_reply(conn, 201, "")
  end

  def errors(conn, {:param_cast, _}) do
    conn
    |> put_status(400)
    |> json("Invalid parameters")
  end

  def errors(conn, _) do
    conn
    |> put_status(500)
    |> json("Something went wrong")
  end

  defp json_reply(conn, status, json) do
    conn
    |> put_resp_content_type("application/json")
    |> send_resp(status, json)
  end

  def notifications_read(%{assigns: %{user: user}} = conn, %{"latest_id" => latest_id} = params) do
    Notification.set_read_up_to(user, latest_id)

    notifications = Notification.for_user(user, params)

    conn
    # XXX: This is a hack because pleroma-fe still uses that API.
    |> put_view(Pleroma.Web.MastodonAPI.NotificationView)
    |> render("index.json", %{notifications: notifications, for: user})
  end

  def notifications_read(%{assigns: %{user: _user}} = conn, _) do
    bad_request_reply(conn, "You need to specify latest_id")
  end

  defp bad_request_reply(conn, error_message) do
    json = error_json(conn, error_message)
    json_reply(conn, 400, json)
  end

  defp error_json(conn, error_message) do
    %{"error" => error_message, "request" => conn.request_path} |> Jason.encode!()
  end
end
add license boilerplate to pleroma core 2018-12-23 13:04:54 -07:00			`# Pleroma: A lightweight social networking server`
update copyright years to 2019 2018-12-31 08:41:47 -07:00			`# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>`
add license boilerplate to pleroma core 2018-12-23 13:04:54 -07:00			`# SPDX-License-Identifier: AGPL-3.0-only`

Add Twitter API verify_credentials endpoint. 2017-03-20 14:30:44 -06:00			`defmodule Pleroma.Web.TwitterAPI.Controller do`
			`use Pleroma.Web, :controller`
[#114] Initial implementation of user password reset emails (user-initiated). 2018-12-11 10:17:49 -07:00
Add back /api/qvitter/statuses/notifications/read.json 2019-08-31 02:40:04 -06:00			`alias Pleroma.Notification`
[#1234] Permissions-related fixes / new functionality (Masto 2.4.3 scopes). 2019-09-15 09:22:08 -06:00			`alias Pleroma.Plugs.OAuthScopesPlug`
credo fixes 2019-08-31 04:08:43 -06:00			`alias Pleroma.User`
[Credo] fix Credo.Check.Readability.AliasOrder 2019-03-04 19:52:23 -07:00			`alias Pleroma.Web.OAuth.Token`
			`alias Pleroma.Web.TwitterAPI.TokenView`
Add Twitter API verify_credentials endpoint. 2017-03-20 14:30:44 -06:00
Add profile update. 2017-08-29 07:14:00 -06:00			`require Logger`

[#1234] Permissions-related fixes / new functionality (Masto 2.4.3 scopes). 2019-09-15 09:22:08 -06:00			`plug(OAuthScopesPlug, %{scopes: ["write:notifications"]} when action == :notifications_read)`

[#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes # Conflicts: # CHANGELOG.md # lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex # lib/pleroma/web/router.ex 2019-10-02 11:42:40 -06:00			`plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)`

Better error handling in TwitterApiController. 2018-06-03 11:11:22 -06:00			`action_fallback(:errors)`

[#114] Added :user_id component to email confirmation path to improve the security. Added tests for `confirm_email` action. 2018-12-20 03:41:30 -07:00			`def confirm_email(conn, %{"user_id" => uid, "token" => token}) do`
Fix Credo warnings 2019-09-24 01:49:02 -06:00			`new_info = [need_confirmation: false]`

Add User.change_info/2 and User.update_info/2 2019-09-24 06:50:07 -06:00			`with %User{info: info} = user <- User.get_cached_by_id(uid),`
Cleanup Pleroma.User 2019-09-24 01:14:34 -06:00			`true <- user.local and info.confirmation_pending and info.confirmation_token == token,`
Fix Credo warnings 2019-09-24 01:49:02 -06:00			`{:ok, _} <- User.update_info(user, &User.Info.confirmation_changeset(&1, new_info)) do`
Cleanup Pleroma.User 2019-09-24 01:14:34 -06:00			`redirect(conn, to: "/")`
[#114] Email confirmation route, action, node setting, User.Info fields. 2018-12-14 06:38:56 -07:00			`end`
			`end`

Add OAuth tokens endpoint 2019-02-10 12:41:06 -07:00			`def oauth_tokens(%{assigns: %{user: user}} = conn, _params) do`
			`with oauth_tokens <- Token.get_user_tokens(user) do`
			`conn`
			`\|> put_view(TokenView)`
			`\|> render("index.json", %{tokens: oauth_tokens})`
			`end`
			`end`

Add revoke token 2019-02-10 14:49:56 -07:00			`def revoke_token(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do`
			`Token.delete_user_token(user, id)`

			`json_reply(conn, 201, "")`
			`end`

Better error handling in TwitterApiController. 2018-06-03 11:11:22 -06:00			`def errors(conn, {:param_cast, _}) do`
			`conn`
			`\|> put_status(400)`
			`\|> json("Invalid parameters")`
			`end`

			`def errors(conn, _) do`
			`conn`
			`\|> put_status(500)`
			`\|> json("Something went wrong")`
			`end`
Remove most of TwitterAPIController 2019-08-27 03:29:19 -06:00
			`defp json_reply(conn, status, json) do`
			`conn`
			`\|> put_resp_content_type("application/json")`
			`\|> send_resp(status, json)`
			`end`
Add back /api/qvitter/statuses/notifications/read.json 2019-08-31 02:40:04 -06:00
			`def notifications_read(%{assigns: %{user: user}} = conn, %{"latest_id" => latest_id} = params) do`
			`Notification.set_read_up_to(user, latest_id)`

			`notifications = Notification.for_user(user, params)`

			`conn`
			`# XXX: This is a hack because pleroma-fe still uses that API.`
			`\|> put_view(Pleroma.Web.MastodonAPI.NotificationView)`
			`\|> render("index.json", %{notifications: notifications, for: user})`
			`end`

			`def notifications_read(%{assigns: %{user: _user}} = conn, _) do`
			`bad_request_reply(conn, "You need to specify latest_id")`
			`end`

			`defp bad_request_reply(conn, error_message) do`
			`json = error_json(conn, error_message)`
			`json_reply(conn, 400, json)`
			`end`

			`defp error_json(conn, error_message) do`
			`%{"error" => error_message, "request" => conn.request_path} \|> Jason.encode!()`
			`end`
Add Twitter API verify_credentials endpoint. 2017-03-20 14:30:44 -06:00			`end`