Add conversation-based forwarding for limited visibility statuses through bearcaps

This commit is contained in:
Eugen Rochko 2020-08-26 03:16:47 +02:00
parent 52157fdcba
commit 7cd4ed7d42
26 changed files with 430 additions and 78 deletions

View file

@ -0,0 +1,16 @@
# frozen_string_literal: true
class ActivityPub::ContextsController < ActivityPub::BaseController
before_action :set_conversation
def show
expires_in 3.minutes, public: public_fetch_mode?
render_with_cache json: @conversation, serializer: ActivityPub::ContextSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
end
private
def set_conversation
@conversation = Conversation.local.find(params[:id])
end
end

View file

@ -25,7 +25,7 @@ module CacheConcern
end
def set_cache_headers
response.headers['Vary'] = public_fetch_mode? ? 'Accept' : 'Accept, Signature'
response.headers['Vary'] = public_fetch_mode? ? 'Accept, Authorization' : 'Accept, Signature, Authorization'
end
def cache_collection(raw, klass)

View file

@ -66,7 +66,12 @@ class StatusesController < ApplicationController
def set_status
@status = @account.statuses.find(params[:id])
authorize @status, :show?
if request.authorization.present? && request.authorization.match(/^Bearer /i)
raise Mastodon::NotPermittedError unless @status.capability_tokens.find_by(token: request.authorization.gsub(/^Bearer /i, ''))
else
authorize @status, :show?
end
rescue Mastodon::NotPermittedError
not_found
end