2018-08-17 21:03:12 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class AuthorizeInteractionsController < ApplicationController
|
|
|
|
include Authorization
|
|
|
|
|
|
|
|
before_action :authenticate_user!
|
|
|
|
before_action :set_resource
|
|
|
|
|
|
|
|
def show
|
|
|
|
if @resource.is_a?(Account)
|
2023-07-27 10:11:17 -04:00
|
|
|
redirect_to web_url("@#{@resource.pretty_acct}")
|
2018-08-17 21:03:12 -04:00
|
|
|
elsif @resource.is_a?(Status)
|
2022-04-30 18:56:34 -04:00
|
|
|
redirect_to web_url("@#{@resource.account.pretty_acct}/#{@resource.id}")
|
2018-08-17 21:03:12 -04:00
|
|
|
else
|
2023-07-27 10:11:17 -04:00
|
|
|
not_found
|
2018-08-17 21:03:12 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def set_resource
|
2022-04-30 18:56:34 -04:00
|
|
|
@resource = located_resource
|
2018-08-17 21:03:12 -04:00
|
|
|
authorize(@resource, :show?) if @resource.is_a?(Status)
|
2022-04-30 18:56:34 -04:00
|
|
|
rescue Mastodon::NotPermittedError
|
|
|
|
not_found
|
2018-08-17 21:03:12 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def located_resource
|
|
|
|
if uri_param_is_url?
|
|
|
|
ResolveURLService.new.call(uri_param)
|
|
|
|
else
|
|
|
|
account_from_remote_follow
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def account_from_remote_follow
|
|
|
|
ResolveAccountService.new.call(uri_param)
|
|
|
|
end
|
|
|
|
|
|
|
|
def uri_param_is_url?
|
|
|
|
parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
|
|
|
|
end
|
|
|
|
|
|
|
|
def parsed_uri
|
|
|
|
Addressable::URI.parse(uri_param).normalize
|
|
|
|
end
|
|
|
|
|
|
|
|
def uri_param
|
2023-05-02 15:07:45 -04:00
|
|
|
params[:uri] || params.fetch(:acct, '').delete_prefix('acct:')
|
2018-08-17 21:03:12 -04:00
|
|
|
end
|
|
|
|
end
|