Add conversation-based forwarding for limited visibility statuses through bearcaps
This commit is contained in:
parent
52157fdcba
commit
7cd4ed7d42
26 changed files with 430 additions and 78 deletions
16
app/controllers/activitypub/contexts_controller.rb
Normal file
16
app/controllers/activitypub/contexts_controller.rb
Normal file
|
@ -0,0 +1,16 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class ActivityPub::ContextsController < ActivityPub::BaseController
|
||||
before_action :set_conversation
|
||||
|
||||
def show
|
||||
expires_in 3.minutes, public: public_fetch_mode?
|
||||
render_with_cache json: @conversation, serializer: ActivityPub::ContextSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def set_conversation
|
||||
@conversation = Conversation.local.find(params[:id])
|
||||
end
|
||||
end
|
|
@ -25,7 +25,7 @@ module CacheConcern
|
|||
end
|
||||
|
||||
def set_cache_headers
|
||||
response.headers['Vary'] = public_fetch_mode? ? 'Accept' : 'Accept, Signature'
|
||||
response.headers['Vary'] = public_fetch_mode? ? 'Accept, Authorization' : 'Accept, Signature, Authorization'
|
||||
end
|
||||
|
||||
def cache_collection(raw, klass)
|
||||
|
|
|
@ -66,7 +66,12 @@ class StatusesController < ApplicationController
|
|||
|
||||
def set_status
|
||||
@status = @account.statuses.find(params[:id])
|
||||
authorize @status, :show?
|
||||
|
||||
if request.authorization.present? && request.authorization.match(/^Bearer /i)
|
||||
raise Mastodon::NotPermittedError unless @status.capability_tokens.find_by(token: request.authorization.gsub(/^Bearer /i, ''))
|
||||
else
|
||||
authorize @status, :show?
|
||||
end
|
||||
rescue Mastodon::NotPermittedError
|
||||
not_found
|
||||
end
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue