diff --git a/app/controllers/api/v1/statuses/base_controller.rb b/app/controllers/api/v1/statuses/base_controller.rb
new file mode 100644
index 0000000000..3f56b68bcf
--- /dev/null
+++ b/app/controllers/api/v1/statuses/base_controller.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class Api::V1::Statuses::BaseController < Api::BaseController
+ include Authorization
+
+ before_action :set_status
+
+ private
+
+ def set_status
+ @status = Status.find(params[:status_id])
+ authorize @status, :show?
+ rescue Mastodon::NotPermittedError
+ not_found
+ end
+end
diff --git a/app/controllers/api/v1/statuses/bookmarks_controller.rb b/app/controllers/api/v1/statuses/bookmarks_controller.rb
index 19963c002a..109b12f467 100644
--- a/app/controllers/api/v1/statuses/bookmarks_controller.rb
+++ b/app/controllers/api/v1/statuses/bookmarks_controller.rb
@@ -1,11 +1,9 @@
# frozen_string_literal: true
-class Api::V1::Statuses::BookmarksController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::BookmarksController < Api::V1::Statuses::BaseController
before_action -> { doorkeeper_authorize! :write, :'write:bookmarks' }
before_action :require_user!
- before_action :set_status, only: [:create]
+ skip_before_action :set_status, only: [:destroy]
def create
current_account.bookmarks.find_or_create_by!(account: current_account, status: @status)
@@ -28,13 +26,4 @@ class Api::V1::Statuses::BookmarksController < Api::BaseController
rescue Mastodon::NotPermittedError
not_found
end
-
- private
-
- def set_status
- @status = Status.find(params[:status_id])
- authorize @status, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
end
diff --git a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
index 73eb11e711..3cca246ce8 100644
--- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
@@ -1,10 +1,7 @@
# frozen_string_literal: true
-class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::FavouritedByAccountsController < Api::V1::Statuses::BaseController
before_action -> { authorize_if_got_token! :read, :'read:accounts' }
- before_action :set_status
after_action :insert_pagination_headers
def index
@@ -61,13 +58,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
@accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
end
- def set_status
- @status = Status.find(params[:status_id])
- authorize @status, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
-
def pagination_params(core_params)
params.slice(:limit).permit(:limit).merge(core_params)
end
diff --git a/app/controllers/api/v1/statuses/favourites_controller.rb b/app/controllers/api/v1/statuses/favourites_controller.rb
index f3428e3df4..dbc75a0364 100644
--- a/app/controllers/api/v1/statuses/favourites_controller.rb
+++ b/app/controllers/api/v1/statuses/favourites_controller.rb
@@ -1,11 +1,9 @@
# frozen_string_literal: true
-class Api::V1::Statuses::FavouritesController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::FavouritesController < Api::V1::Statuses::BaseController
before_action -> { doorkeeper_authorize! :write, :'write:favourites' }
before_action :require_user!
- before_action :set_status, only: [:create]
+ skip_before_action :set_status, only: [:destroy]
def create
FavouriteService.new.call(current_account, @status)
@@ -30,13 +28,4 @@ class Api::V1::Statuses::FavouritesController < Api::BaseController
rescue Mastodon::NotPermittedError
not_found
end
-
- private
-
- def set_status
- @status = Status.find(params[:status_id])
- authorize @status, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
end
diff --git a/app/controllers/api/v1/statuses/histories_controller.rb b/app/controllers/api/v1/statuses/histories_controller.rb
index 2913472b04..dcb21ef043 100644
--- a/app/controllers/api/v1/statuses/histories_controller.rb
+++ b/app/controllers/api/v1/statuses/histories_controller.rb
@@ -1,10 +1,7 @@
# frozen_string_literal: true
-class Api::V1::Statuses::HistoriesController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::HistoriesController < Api::V1::Statuses::BaseController
before_action -> { authorize_if_got_token! :read, :'read:statuses' }
- before_action :set_status
def show
cache_if_unauthenticated!
@@ -16,11 +13,4 @@ class Api::V1::Statuses::HistoriesController < Api::BaseController
def status_edits
@status.edits.includes(:account, status: [:account]).to_a.presence || [@status.build_snapshot(at_time: @status.edited_at || @status.created_at)]
end
-
- def set_status
- @status = Status.find(params[:status_id])
- authorize @status, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
end
diff --git a/app/controllers/api/v1/statuses/mutes_controller.rb b/app/controllers/api/v1/statuses/mutes_controller.rb
index 87071a2b9a..26b92bb8af 100644
--- a/app/controllers/api/v1/statuses/mutes_controller.rb
+++ b/app/controllers/api/v1/statuses/mutes_controller.rb
@@ -1,11 +1,8 @@
# frozen_string_literal: true
-class Api::V1::Statuses::MutesController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::MutesController < Api::V1::Statuses::BaseController
before_action -> { doorkeeper_authorize! :write, :'write:mutes' }
before_action :require_user!
- before_action :set_status
before_action :set_conversation
def create
@@ -24,13 +21,6 @@ class Api::V1::Statuses::MutesController < Api::BaseController
private
- def set_status
- @status = Status.find(params[:status_id])
- authorize @status, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
-
def set_conversation
@conversation = @status.conversation
raise Mastodon::ValidationError if @conversation.nil?
diff --git a/app/controllers/api/v1/statuses/pins_controller.rb b/app/controllers/api/v1/statuses/pins_controller.rb
index 51b1621b6f..7107890af1 100644
--- a/app/controllers/api/v1/statuses/pins_controller.rb
+++ b/app/controllers/api/v1/statuses/pins_controller.rb
@@ -1,11 +1,8 @@
# frozen_string_literal: true
-class Api::V1::Statuses::PinsController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::PinsController < Api::V1::Statuses::BaseController
before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
before_action :require_user!
- before_action :set_status
def create
StatusPin.create!(account: current_account, status: @status)
@@ -26,10 +23,6 @@ class Api::V1::Statuses::PinsController < Api::BaseController
private
- def set_status
- @status = Status.find(params[:status_id])
- end
-
def distribute_add_activity!
json = ActiveModelSerializers::SerializableResource.new(
@status,
diff --git a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
index 41672e7539..dd3e60846b 100644
--- a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
@@ -1,10 +1,7 @@
# frozen_string_literal: true
-class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::RebloggedByAccountsController < Api::V1::Statuses::BaseController
before_action -> { authorize_if_got_token! :read, :'read:accounts' }
- before_action :set_status
after_action :insert_pagination_headers
def index
@@ -57,13 +54,6 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
@accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
end
- def set_status
- @status = Status.find(params[:status_id])
- authorize @status, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
-
def pagination_params(core_params)
params.slice(:limit).permit(:limit).merge(core_params)
end
diff --git a/app/controllers/api/v1/statuses/reblogs_controller.rb b/app/controllers/api/v1/statuses/reblogs_controller.rb
index 3ca6231178..971b054c54 100644
--- a/app/controllers/api/v1/statuses/reblogs_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogs_controller.rb
@@ -1,13 +1,13 @@
# frozen_string_literal: true
-class Api::V1::Statuses::ReblogsController < Api::BaseController
- include Authorization
+class Api::V1::Statuses::ReblogsController < Api::V1::Statuses::BaseController
include Redisable
include Lockable
before_action -> { doorkeeper_authorize! :write, :'write:statuses' }
before_action :require_user!
before_action :set_reblog, only: [:create]
+ skip_before_action :set_status
override_rate_limit_headers :create, family: :statuses
diff --git a/app/controllers/api/v1/statuses/sources_controller.rb b/app/controllers/api/v1/statuses/sources_controller.rb
index 4340864513..5ceda4c7ef 100644
--- a/app/controllers/api/v1/statuses/sources_controller.rb
+++ b/app/controllers/api/v1/statuses/sources_controller.rb
@@ -1,21 +1,9 @@
# frozen_string_literal: true
-class Api::V1::Statuses::SourcesController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::SourcesController < Api::V1::Statuses::BaseController
before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
- before_action :set_status
def show
render json: @status, serializer: REST::StatusSourceSerializer
end
-
- private
-
- def set_status
- @status = Status.find(params[:status_id])
- authorize @status, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
end
diff --git a/app/controllers/api/v1/statuses/translations_controller.rb b/app/controllers/api/v1/statuses/translations_controller.rb
index ec5ea5b85b..7d406b0a36 100644
--- a/app/controllers/api/v1/statuses/translations_controller.rb
+++ b/app/controllers/api/v1/statuses/translations_controller.rb
@@ -1,10 +1,7 @@
# frozen_string_literal: true
-class Api::V1::Statuses::TranslationsController < Api::BaseController
- include Authorization
-
+class Api::V1::Statuses::TranslationsController < Api::V1::Statuses::BaseController
before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
- before_action :set_status
before_action :set_translation
rescue_from TranslationService::NotConfiguredError, with: :not_found
@@ -24,13 +21,6 @@ class Api::V1::Statuses::TranslationsController < Api::BaseController
private
- def set_status
- @status = Status.find(params[:status_id])
- authorize @status, :show?
- rescue Mastodon::NotPermittedError
- not_found
- end
-
def set_translation
@translation = TranslateStatusService.new.call(@status, content_locale)
end