Expose history and source apis to anon users

This commit is contained in:
Tusooa Zhu 2022-06-11 10:35:36 -04:00 committed by FloatingGhost
parent a5fb36ed91
commit c6f5bae654
3 changed files with 10 additions and 8 deletions

View file

@ -197,8 +197,9 @@ def create(%{assigns: %{user: _user}, body_params: %{media_ids: _} = params} = c
end end
@doc "GET /api/v1/statuses/:id/history" @doc "GET /api/v1/statuses/:id/history"
def show_history(%{assigns: %{user: user}} = conn, %{id: id} = params) do def show_history(%{assigns: assigns} = conn, %{id: id} = params) do
with %Activity{} = activity <- Activity.get_by_id_with_object(id), with user = assigns[:user],
%Activity{} = activity <- Activity.get_by_id_with_object(id),
true <- Visibility.visible_for_user?(activity, user) do true <- Visibility.visible_for_user?(activity, user) do
try_render(conn, "history.json", try_render(conn, "history.json",
activity: activity, activity: activity,
@ -212,8 +213,9 @@ def show_history(%{assigns: %{user: user}} = conn, %{id: id} = params) do
end end
@doc "GET /api/v1/statuses/:id/source" @doc "GET /api/v1/statuses/:id/source"
def show_source(%{assigns: %{user: user}} = conn, %{id: id} = _params) do def show_source(%{assigns: assigns} = conn, %{id: id} = _params) do
with %Activity{} = activity <- Activity.get_by_id_with_object(id), with user = assigns[:user],
%Activity{} = activity <- Activity.get_by_id_with_object(id),
true <- Visibility.visible_for_user?(activity, user) do true <- Visibility.visible_for_user?(activity, user) do
try_render(conn, "source.json", try_render(conn, "source.json",
activity: activity, activity: activity,

View file

@ -547,8 +547,6 @@ defmodule Pleroma.Web.Router do
get("/bookmarks", StatusController, :bookmarks) get("/bookmarks", StatusController, :bookmarks)
post("/statuses", StatusController, :create) post("/statuses", StatusController, :create)
get("/statuses/:id/history", StatusController, :show_history)
get("/statuses/:id/source", StatusController, :show_source)
put("/statuses/:id", StatusController, :update) put("/statuses/:id", StatusController, :update)
delete("/statuses/:id", StatusController, :delete) delete("/statuses/:id", StatusController, :delete)
post("/statuses/:id/reblog", StatusController, :reblog) post("/statuses/:id/reblog", StatusController, :reblog)
@ -615,6 +613,8 @@ defmodule Pleroma.Web.Router do
get("/statuses/:id/context", StatusController, :context) get("/statuses/:id/context", StatusController, :context)
get("/statuses/:id/favourited_by", StatusController, :favourited_by) get("/statuses/:id/favourited_by", StatusController, :favourited_by)
get("/statuses/:id/reblogged_by", StatusController, :reblogged_by) get("/statuses/:id/reblogged_by", StatusController, :reblogged_by)
get("/statuses/:id/history", StatusController, :show_history)
get("/statuses/:id/source", StatusController, :show_source)
get("/custom_emojis", CustomEmojiController, :index) get("/custom_emojis", CustomEmojiController, :index)

View file

@ -2074,7 +2074,7 @@ test "posting a quote of a status that doesn't exist", %{conn: conn} do
describe "get status history" do describe "get status history" do
setup do setup do
oauth_access(["read:statuses"]) %{conn: build_conn()}
end end
test "unedited post", %{conn: conn} do test "unedited post", %{conn: conn} do
@ -2226,7 +2226,7 @@ test "should not allow translating of statuses you cannot see", %{conn: conn} do
describe "get status source" do describe "get status source" do
setup do setup do
oauth_access(["read:statuses"]) %{conn: build_conn()}
end end
test "it returns the source", %{conn: conn} do test "it returns the source", %{conn: conn} do