abunchtell
/
mastodon
1
0
Fork 0
Code Issues 0 Activity
The code powering m.abunchtell.com https://m.abunchtell.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6484 Commits
1 Branch
94 MiB
 
 
 
 
Tree: 5d2fc6de32
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '5d2fc6de32'
${ noResults }
mastodon/app/controllers/api/base_controller.rb

88 lines
2.4 KiB
Raw Blame History 

  1. # frozen_string_literal: true

  2. 

  3. class Api::BaseController < ApplicationController

  4.   DEFAULT_STATUSES_LIMIT = 20

  5.   DEFAULT_ACCOUNTS_LIMIT = 40

  6. 

  7.   include RateLimitHeaders

  8. 

  9.   skip_before_action :store_current_location

  10.   skip_before_action :check_user_permissions

  11. 

  12.   protect_from_forgery with: :null_session

  13. 

  14.   rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|

  15.     render json: { error: e.to_s }, status: 422

  16.   end

  17. 

  18.   rescue_from ActiveRecord::RecordNotFound do

  19.     render json: { error: 'Record not found' }, status: 404

  20.   end

  21. 

  22.   rescue_from HTTP::Error, Mastodon::UnexpectedResponseError do

  23.     render json: { error: 'Remote data could not be fetched' }, status: 503

  24.   end

  25. 

  26.   rescue_from OpenSSL::SSL::SSLError do

  27.     render json: { error: 'Remote SSL certificate could not be verified' }, status: 503

  28.   end

  29. 

  30.   rescue_from Mastodon::NotPermittedError do

  31.     render json: { error: 'This action is not allowed' }, status: 403

  32.   end

  33. 

  34.   def doorkeeper_unauthorized_render_options(error: nil)

  35.     { json: { error: (error.try(:description) || 'Not authorized') } }

  36.   end

  37. 

  38.   def doorkeeper_forbidden_render_options(*)

  39.     { json: { error: 'This action is outside the authorized scopes' } }

  40.   end

  41. 

  42.   protected

  43. 

  44.   def set_pagination_headers(next_path = nil, prev_path = nil)

  45.     links = []

  46.     links << [next_path, [%w(rel next)]] if next_path

  47.     links << [prev_path, [%w(rel prev)]] if prev_path

  48.     response.headers['Link'] = LinkHeader.new(links) unless links.empty?

  49.   end

  50. 

  51.   def limit_param(default_limit)

  52.     return default_limit unless params[:limit]

  53.     [params[:limit].to_i.abs, default_limit * 2].min

  54.   end

  55. 

  56.   def params_slice(*keys)

  57.     params.slice(*keys).permit(*keys)

  58.   end

  59. 

  60.   def current_resource_owner

  61.     @current_user ||= User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token

  62.   end

  63. 

  64.   def current_user

  65.     current_resource_owner || super

  66.   rescue ActiveRecord::RecordNotFound

  67.     nil

  68.   end

  69. 

  70.   def require_user!

  71.     if current_user && !current_user.disabled? && current_user.confirmed?

  72.       set_user_activity

  73.     elsif current_user

  74.       render json: { error: 'Your login is currently disabled' }, status: 403

  75.     else

  76.       render json: { error: 'This method requires an authenticated user' }, status: 422

  77.     end

  78.   end

  79. 

  80.   def render_empty

  81.     render json: {}, status: 200

  82.   end

  83. 

  84.   def authorize_if_got_token!(*scopes)

  85.     doorkeeper_authorize!(*scopes) if doorkeeper_token

  86.   end

  87. end