abunchtell
/
mastodon
1
0
Fork 0
Code Issues 0 Activity
The code powering m.abunchtell.com https://m.abunchtell.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7536 Commits
1 Branch
94 MiB
 
 
 
 
Tree: c669bb42ba
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c669bb42ba'
${ noResults }
mastodon/app/controllers/statuses_controller.rb

87 lines
2.4 KiB
Raw Blame History 

  1. # frozen_string_literal: true

  2. 

  3. class StatusesController < ApplicationController

  4.   include StatusControllerConcern

  5.   include SignatureAuthentication

  6.   include Authorization

  7.   include AccountOwnedConcern

  8. 

  9.   layout 'public'

  10. 

  11.   before_action :require_signature!, only: :show, if: -> { request.format == :json && authorized_fetch_mode? }

  12.   before_action :set_status

  13.   before_action :set_instance_presenter

  14.   before_action :set_link_headers

  15.   before_action :redirect_to_original, only: :show

  16.   before_action :set_referrer_policy_header, only: :show

  17.   before_action :set_cache_headers

  18.   before_action :set_body_classes

  19.   before_action :set_autoplay, only: :embed

  20. 

  21.   content_security_policy only: :embed do |p|

  22.     p.frame_ancestors(false)

  23.   end

  24. 

  25.   def show

  26.     respond_to do |format|

  27.       format.html do

  28.         expires_in 10.seconds, public: true if current_account.nil?

  29.         set_ancestors

  30.         set_descendants

  31.       end

  32. 

  33.       format.json do

  34.         expires_in 3.minutes, public: @status.distributable? && public_fetch_mode?

  35.         render_with_cache json: @status, content_type: 'application/activity+json', serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter

  36.       end

  37.     end

  38.   end

  39. 

  40.   def activity

  41.     expires_in 3.minutes, public: @status.distributable? && public_fetch_mode?

  42.     render_with_cache json: @status, content_type: 'application/activity+json', serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter

  43.   end

  44. 

  45.   def embed

  46.     raise ActiveRecord::RecordNotFound if @status.hidden?

  47. 

  48.     expires_in 180, public: true

  49.     response.headers['X-Frame-Options'] = 'ALLOWALL'

  50. 

  51.     render layout: 'embedded'

  52.   end

  53. 

  54.   private

  55. 

  56.   def set_body_classes

  57.     @body_classes = 'with-modals'

  58.   end

  59. 

  60.   def set_link_headers

  61.     response.headers['Link'] = LinkHeader.new([[ActivityPub::TagManager.instance.uri_for(@status), [%w(rel alternate), %w(type application/activity+json)]]])

  62.   end

  63. 

  64.   def set_status

  65.     @status = @account.statuses.find(params[:id])

  66.     authorize @status, :show?

  67.   rescue Mastodon::NotPermittedError

  68.     raise ActiveRecord::RecordNotFound

  69.   end

  70. 

  71.   def set_instance_presenter

  72.     @instance_presenter = InstancePresenter.new

  73.   end

  74. 

  75.   def redirect_to_original

  76.     redirect_to ActivityPub::TagManager.instance.url_for(@status.reblog) if @status.reblog?

  77.   end

  78. 

  79.   def set_referrer_policy_header

  80.     response.headers['Referrer-Policy'] = 'origin' unless @status.distributable?

  81.   end

  82. 

  83.   def set_autoplay

  84.     @autoplay = truthy_param?(:autoplay)

  85.   end

  86. end