1f6ed4f86a
* Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope
44 lines
1 KiB
Ruby
44 lines
1 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class Api::V1::ReportsController < Api::BaseController
|
|
before_action -> { doorkeeper_authorize! :read, :'read:reports' }, except: [:create]
|
|
before_action -> { doorkeeper_authorize! :write, :'write:reports' }, only: [:create]
|
|
before_action :require_user!
|
|
|
|
respond_to :json
|
|
|
|
def index
|
|
@reports = current_account.reports
|
|
render json: @reports, each_serializer: REST::ReportSerializer
|
|
end
|
|
|
|
def create
|
|
@report = ReportService.new.call(
|
|
current_account,
|
|
reported_account,
|
|
status_ids: reported_status_ids,
|
|
comment: report_params[:comment],
|
|
forward: report_params[:forward]
|
|
)
|
|
|
|
render json: @report, serializer: REST::ReportSerializer
|
|
end
|
|
|
|
private
|
|
|
|
def reported_status_ids
|
|
Status.find(status_ids).pluck(:id)
|
|
end
|
|
|
|
def status_ids
|
|
Array(report_params[:status_ids])
|
|
end
|
|
|
|
def reported_account
|
|
Account.find(report_params[:account_id])
|
|
end
|
|
|
|
def report_params
|
|
params.permit(:account_id, :comment, :forward, status_ids: [])
|
|
end
|
|
end
|