Change REST API to return empty data for suspended accounts (#14765)
This commit is contained in:
parent
e6d67f85e2
commit
e6b272e5c9
22 changed files with 79 additions and 30 deletions
|
@ -57,9 +57,8 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
|
||||||
def set_statuses
|
def set_statuses
|
||||||
return unless page_requested?
|
return unless page_requested?
|
||||||
|
|
||||||
@statuses = @account.statuses.permitted_for(@account, signed_request_account)
|
|
||||||
@statuses = cache_collection_paginated_by_id(
|
@statuses = cache_collection_paginated_by_id(
|
||||||
@statuses,
|
@account.statuses.permitted_for(@account, signed_request_account),
|
||||||
Status,
|
Status,
|
||||||
LIMIT,
|
LIMIT,
|
||||||
params_slice(:max_id, :min_id, :since_id)
|
params_slice(:max_id, :min_id, :since_id)
|
||||||
|
|
|
@ -17,6 +17,6 @@ class Api::V1::Accounts::FeaturedTagsController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def set_featured_tags
|
def set_featured_tags
|
||||||
@featured_tags = @account.featured_tags
|
@featured_tags = @account.suspended? ? @account.featured_tags : []
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -25,7 +25,7 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def hide_results?
|
def hide_results?
|
||||||
(@account.hides_followers? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account))
|
@account.suspended? || (@account.hides_followers? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account))
|
||||||
end
|
end
|
||||||
|
|
||||||
def default_accounts
|
def default_accounts
|
||||||
|
|
|
@ -25,7 +25,7 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def hide_results?
|
def hide_results?
|
||||||
(@account.hides_following? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account))
|
@account.suspended? || (@account.hides_following? && current_account&.id != @account.id) || (current_account && @account.blocking?(current_account))
|
||||||
end
|
end
|
||||||
|
|
||||||
def default_accounts
|
def default_accounts
|
||||||
|
|
|
@ -5,7 +5,7 @@ class Api::V1::Accounts::IdentityProofsController < Api::BaseController
|
||||||
before_action :set_account
|
before_action :set_account
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@proofs = @account.identity_proofs.active
|
@proofs = @account.suspended? ? [] : @account.identity_proofs.active
|
||||||
render json: @proofs, each_serializer: REST::IdentityProofSerializer
|
render json: @proofs, each_serializer: REST::IdentityProofSerializer
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@ class Api::V1::Accounts::ListsController < Api::BaseController
|
||||||
before_action :set_account
|
before_action :set_account
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@lists = @account.lists.where(account: current_account)
|
@lists = @account.suspended? ? [] : @account.lists.where(account: current_account)
|
||||||
render json: @lists, each_serializer: REST::ListSerializer
|
render json: @lists, each_serializer: REST::ListSerializer
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
|
||||||
before_action :require_user!
|
before_action :require_user!
|
||||||
|
|
||||||
def index
|
def index
|
||||||
accounts = Account.where(id: account_ids).select('id')
|
accounts = Account.without_suspended.where(id: account_ids).select('id')
|
||||||
# .where doesn't guarantee that our results are in the same order
|
# .where doesn't guarantee that our results are in the same order
|
||||||
# we requested them, so return the "right" order to the requestor.
|
# we requested them, so return the "right" order to the requestor.
|
||||||
@accounts = accounts.index_by(&:id).values_at(*account_ids).compact
|
@accounts = accounts.index_by(&:id).values_at(*account_ids).compact
|
||||||
|
|
|
@ -18,7 +18,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def load_statuses
|
def load_statuses
|
||||||
cached_account_statuses
|
@account.suspended? ? [] : cached_account_statuses
|
||||||
end
|
end
|
||||||
|
|
||||||
def cached_account_statuses
|
def cached_account_statuses
|
||||||
|
|
|
@ -9,7 +9,6 @@ class Api::V1::AccountsController < Api::BaseController
|
||||||
|
|
||||||
before_action :require_user!, except: [:show, :create]
|
before_action :require_user!, except: [:show, :create]
|
||||||
before_action :set_account, except: [:create]
|
before_action :set_account, except: [:create]
|
||||||
before_action :check_account_suspension, only: [:show]
|
|
||||||
before_action :check_enabled_registrations, only: [:create]
|
before_action :check_enabled_registrations, only: [:create]
|
||||||
|
|
||||||
skip_before_action :require_authenticated_user!, only: :create
|
skip_before_action :require_authenticated_user!, only: :create
|
||||||
|
@ -73,10 +72,6 @@ class Api::V1::AccountsController < Api::BaseController
|
||||||
AccountRelationshipsPresenter.new([@account.id], current_user.account_id, options)
|
AccountRelationshipsPresenter.new([@account.id], current_user.account_id, options)
|
||||||
end
|
end
|
||||||
|
|
||||||
def check_account_suspension
|
|
||||||
gone if @account.suspended?
|
|
||||||
end
|
|
||||||
|
|
||||||
def account_params
|
def account_params
|
||||||
params.permit(:username, :email, :password, :agreement, :locale, :reason)
|
params.permit(:username, :email, :password, :agreement, :locale, :reason)
|
||||||
end
|
end
|
||||||
|
|
|
@ -18,6 +18,8 @@ class Api::V1::BlocksController < Api::BaseController
|
||||||
|
|
||||||
def paginated_blocks
|
def paginated_blocks
|
||||||
@paginated_blocks ||= Block.eager_load(target_account: :account_stat)
|
@paginated_blocks ||= Block.eager_load(target_account: :account_stat)
|
||||||
|
.joins(:target_account)
|
||||||
|
.merge(Account.without_suspended)
|
||||||
.where(account: current_account)
|
.where(account: current_account)
|
||||||
.paginate_by_max_id(
|
.paginate_by_max_id(
|
||||||
limit_param(DEFAULT_ACCOUNTS_LIMIT),
|
limit_param(DEFAULT_ACCOUNTS_LIMIT),
|
||||||
|
|
|
@ -25,7 +25,7 @@ class Api::V1::EndorsementsController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def endorsed_accounts
|
def endorsed_accounts
|
||||||
current_account.endorsed_accounts.includes(:account_stat)
|
current_account.endorsed_accounts.includes(:account_stat).without_suspended
|
||||||
end
|
end
|
||||||
|
|
||||||
def insert_pagination_headers
|
def insert_pagination_headers
|
||||||
|
|
|
@ -37,7 +37,7 @@ class Api::V1::FollowRequestsController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def default_accounts
|
def default_accounts
|
||||||
Account.includes(:follow_requests, :account_stat).references(:follow_requests)
|
Account.without_suspended.includes(:follow_requests, :account_stat).references(:follow_requests)
|
||||||
end
|
end
|
||||||
|
|
||||||
def paginated_follow_requests
|
def paginated_follow_requests
|
||||||
|
|
|
@ -37,9 +37,9 @@ class Api::V1::Lists::AccountsController < Api::BaseController
|
||||||
|
|
||||||
def load_accounts
|
def load_accounts
|
||||||
if unlimited?
|
if unlimited?
|
||||||
@list.accounts.includes(:account_stat).all
|
@list.accounts.without_suspended.includes(:account_stat).all
|
||||||
else
|
else
|
||||||
@list.accounts.includes(:account_stat).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
|
@list.accounts.without_suspended.includes(:account_stat).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -18,6 +18,8 @@ class Api::V1::MutesController < Api::BaseController
|
||||||
|
|
||||||
def paginated_mutes
|
def paginated_mutes
|
||||||
@paginated_mutes ||= Mute.eager_load(:target_account)
|
@paginated_mutes ||= Mute.eager_load(:target_account)
|
||||||
|
.joins(:target_account)
|
||||||
|
.merge(Account.without_suspended)
|
||||||
.where(account: current_account)
|
.where(account: current_account)
|
||||||
.paginate_by_max_id(
|
.paginate_by_max_id(
|
||||||
limit_param(DEFAULT_ACCOUNTS_LIMIT),
|
limit_param(DEFAULT_ACCOUNTS_LIMIT),
|
||||||
|
|
|
@ -14,7 +14,7 @@ class Api::V1::NotificationsController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def show
|
def show
|
||||||
@notification = current_account.notifications.find(params[:id])
|
@notification = current_account.notifications.without_suspended.find(params[:id])
|
||||||
render json: @notification, serializer: REST::NotificationSerializer
|
render json: @notification, serializer: REST::NotificationSerializer
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -40,7 +40,7 @@ class Api::V1::NotificationsController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def browserable_account_notifications
|
def browserable_account_notifications
|
||||||
current_account.notifications.browserable(exclude_types, from_account)
|
current_account.notifications.without_suspended.browserable(exclude_types, from_account)
|
||||||
end
|
end
|
||||||
|
|
||||||
def target_statuses_from_notifications
|
def target_statuses_from_notifications
|
||||||
|
|
|
@ -22,6 +22,7 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
|
||||||
|
|
||||||
def default_accounts
|
def default_accounts
|
||||||
Account
|
Account
|
||||||
|
.without_suspended
|
||||||
.includes(:favourites, :account_stat)
|
.includes(:favourites, :account_stat)
|
||||||
.references(:favourites)
|
.references(:favourites)
|
||||||
.where(favourites: { status_id: @status.id })
|
.where(favourites: { status_id: @status.id })
|
||||||
|
|
|
@ -21,7 +21,7 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
|
||||||
end
|
end
|
||||||
|
|
||||||
def default_accounts
|
def default_accounts
|
||||||
Account.includes(:statuses, :account_stat).references(:statuses)
|
Account.without_suspended.includes(:statuses, :account_stat).references(:statuses)
|
||||||
end
|
end
|
||||||
|
|
||||||
def paginated_statuses
|
def paginated_statuses
|
||||||
|
|
|
@ -41,8 +41,11 @@ class Notification < ApplicationRecord
|
||||||
validates :account_id, uniqueness: { scope: [:activity_type, :activity_id] }
|
validates :account_id, uniqueness: { scope: [:activity_type, :activity_id] }
|
||||||
validates :activity_type, inclusion: { in: TYPE_CLASS_MAP.values }
|
validates :activity_type, inclusion: { in: TYPE_CLASS_MAP.values }
|
||||||
|
|
||||||
|
scope :without_suspended, -> { joins(:from_account).merge(Account.without_suspended) }
|
||||||
|
|
||||||
scope :browserable, ->(exclude_types = [], account_id = nil) {
|
scope :browserable, ->(exclude_types = [], account_id = nil) {
|
||||||
types = TYPE_CLASS_MAP.values - activity_types_from_types(exclude_types)
|
types = TYPE_CLASS_MAP.values - activity_types_from_types(exclude_types)
|
||||||
|
|
||||||
if account_id.nil?
|
if account_id.nil?
|
||||||
where(activity_type: types)
|
where(activity_type: types)
|
||||||
else
|
else
|
||||||
|
|
|
@ -12,6 +12,8 @@ class StatusPolicy < ApplicationPolicy
|
||||||
end
|
end
|
||||||
|
|
||||||
def show?
|
def show?
|
||||||
|
return false if author.suspended?
|
||||||
|
|
||||||
if requires_mention?
|
if requires_mention?
|
||||||
owned? || mention_exists?
|
owned? || mention_exists?
|
||||||
elsif private?
|
elsif private?
|
||||||
|
|
|
@ -8,8 +8,11 @@ class REST::AccountSerializer < ActiveModel::Serializer
|
||||||
:followers_count, :following_count, :statuses_count, :last_status_at
|
:followers_count, :following_count, :statuses_count, :last_status_at
|
||||||
|
|
||||||
has_one :moved_to_account, key: :moved, serializer: REST::AccountSerializer, if: :moved_and_not_nested?
|
has_one :moved_to_account, key: :moved, serializer: REST::AccountSerializer, if: :moved_and_not_nested?
|
||||||
|
|
||||||
has_many :emojis, serializer: REST::CustomEmojiSerializer
|
has_many :emojis, serializer: REST::CustomEmojiSerializer
|
||||||
|
|
||||||
|
attribute :suspended, if: :suspended?
|
||||||
|
|
||||||
class FieldSerializer < ActiveModel::Serializer
|
class FieldSerializer < ActiveModel::Serializer
|
||||||
attributes :name, :value, :verified_at
|
attributes :name, :value, :verified_at
|
||||||
|
|
||||||
|
@ -29,7 +32,7 @@ class REST::AccountSerializer < ActiveModel::Serializer
|
||||||
end
|
end
|
||||||
|
|
||||||
def note
|
def note
|
||||||
Formatter.instance.simplified_format(object)
|
object.suspended? ? '' : Formatter.instance.simplified_format(object)
|
||||||
end
|
end
|
||||||
|
|
||||||
def url
|
def url
|
||||||
|
@ -37,26 +40,60 @@ class REST::AccountSerializer < ActiveModel::Serializer
|
||||||
end
|
end
|
||||||
|
|
||||||
def avatar
|
def avatar
|
||||||
full_asset_url(object.avatar_original_url)
|
full_asset_url(object.suspended? ? object.avatar.default_url : object.avatar_original_url)
|
||||||
end
|
end
|
||||||
|
|
||||||
def avatar_static
|
def avatar_static
|
||||||
full_asset_url(object.avatar_static_url)
|
full_asset_url(object.suspended? ? object.avatar.default_url : object.avatar_static_url)
|
||||||
end
|
end
|
||||||
|
|
||||||
def header
|
def header
|
||||||
full_asset_url(object.header_original_url)
|
full_asset_url(object.suspended? ? object.header.default_url : object.header_original_url)
|
||||||
end
|
end
|
||||||
|
|
||||||
def header_static
|
def header_static
|
||||||
full_asset_url(object.header_static_url)
|
full_asset_url(object.suspended? ? object.header.default_url : object.header_static_url)
|
||||||
end
|
|
||||||
|
|
||||||
def moved_and_not_nested?
|
|
||||||
object.moved? && object.moved_to_account.moved_to_account_id.nil?
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def last_status_at
|
def last_status_at
|
||||||
object.last_status_at&.to_date&.iso8601
|
object.last_status_at&.to_date&.iso8601
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def display_name
|
||||||
|
object.suspended? ? '' : object.display_name
|
||||||
|
end
|
||||||
|
|
||||||
|
def locked
|
||||||
|
object.suspended? ? false : object.locked
|
||||||
|
end
|
||||||
|
|
||||||
|
def bot
|
||||||
|
object.suspended? ? false : object.bot
|
||||||
|
end
|
||||||
|
|
||||||
|
def discoverable
|
||||||
|
object.suspended? ? false : object.discoverable
|
||||||
|
end
|
||||||
|
|
||||||
|
def moved_to_account
|
||||||
|
object.suspended? ? nil : object.moved_to_account
|
||||||
|
end
|
||||||
|
|
||||||
|
def emojis
|
||||||
|
object.suspended? ? [] : object.emojis
|
||||||
|
end
|
||||||
|
|
||||||
|
def fields
|
||||||
|
object.suspended? ? [] : object.fields
|
||||||
|
end
|
||||||
|
|
||||||
|
def suspended
|
||||||
|
object.suspended?
|
||||||
|
end
|
||||||
|
|
||||||
|
delegate :suspended?, to: :object
|
||||||
|
|
||||||
|
def moved_and_not_nested?
|
||||||
|
object.moved? && object.moved_to_account.moved_to_account_id.nil?
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -35,6 +35,10 @@ module Paperclip
|
||||||
|
|
||||||
formats.include?(other_extension.delete('.')) && File.basename(other_filename, other_extension) == File.basename(original_filename, File.extname(original_filename))
|
formats.include?(other_extension.delete('.')) && File.basename(other_filename, other_extension) == File.basename(original_filename, File.extname(original_filename))
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def default_url(style_name = default_style)
|
||||||
|
@url_generator.for_as_default(style_name)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,10 @@ module Paperclip
|
||||||
Addressable::URI.parse(url).normalize.to_str.gsub(escape_regex) { |m| "%#{m.ord.to_s(16).upcase}" }
|
Addressable::URI.parse(url).normalize.to_str.gsub(escape_regex) { |m| "%#{m.ord.to_s(16).upcase}" }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def for_as_default(style_name)
|
||||||
|
attachment_options[:interpolator].interpolate(default_url, @attachment, style_name)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue