From 9268c0923d81926275d899063f97ca53a79c4f68 Mon Sep 17 00:00:00 2001 From: Jeremy Kescher Date: Sun, 7 May 2023 23:27:19 +0200 Subject: [PATCH] Reactions: Return 404 when status should not be visible, asynchronous unreact --- .../api/v1/statuses/reactions_controller.rb | 22 +++++++++++++++---- app/models/concerns/account_associations.rb | 1 + app/workers/unreact_worker.rb | 11 ++++++++++ 3 files changed, 30 insertions(+), 4 deletions(-) create mode 100644 app/workers/unreact_worker.rb diff --git a/app/controllers/api/v1/statuses/reactions_controller.rb b/app/controllers/api/v1/statuses/reactions_controller.rb index 333054f2a0..e90e46c507 100644 --- a/app/controllers/api/v1/statuses/reactions_controller.rb +++ b/app/controllers/api/v1/statuses/reactions_controller.rb @@ -5,21 +5,35 @@ class Api::V1::Statuses::ReactionsController < Api::BaseController before_action -> { doorkeeper_authorize! :write, :'write:favourites' } before_action :require_user! - before_action :set_status + before_action :set_status, only: [:create] def create ReactService.new.call(current_account, @status, params[:id]) - render_empty + render json: @status, serializer: REST::StatusSerializer end def destroy - UnreactService.new.call(current_account, @status, params[:id]) - render_empty + react = current_account.status_reactions.find_by(status_id: params[:status_id], name: params[:id]) + + if react + @status = react.status + UnreactWorker.perform_async(current_account.id, @status.id, params[:id]) + else + @status = Status.find(params[:status_id]) + authorize @status, :show? + end + + render json: @status, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_account.id, reactions_map: { @status.id => false }) + rescue Mastodon::NotPermittedError + not_found end private def set_status @status = Status.find(params[:status_id]) + authorize @status, :show? + rescue Mastodon::NotPermittedError + not_found end end diff --git a/app/models/concerns/account_associations.rb b/app/models/concerns/account_associations.rb index 592812e960..85ab07a723 100644 --- a/app/models/concerns/account_associations.rb +++ b/app/models/concerns/account_associations.rb @@ -13,6 +13,7 @@ module AccountAssociations # Timelines has_many :statuses, inverse_of: :account, dependent: :destroy has_many :favourites, inverse_of: :account, dependent: :destroy + has_many :status_reactions, inverse_of: :account, dependent: :destroy has_many :bookmarks, inverse_of: :account, dependent: :destroy has_many :mentions, inverse_of: :account, dependent: :destroy has_many :notifications, inverse_of: :account, dependent: :destroy diff --git a/app/workers/unreact_worker.rb b/app/workers/unreact_worker.rb new file mode 100644 index 0000000000..15f1f4dd77 --- /dev/null +++ b/app/workers/unreact_worker.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +class UnreactWorker + include Sidekiq::Worker + + def perform(account_id, status_id, emoji) + UnreactService.new.call(Account.find(account_id), Status.find(status_id), emoji) + rescue ActiveRecord::RecordNotFound + true + end +end