Disable reposts and reactions if post is not public

This commit is contained in:
silverpill 2022-01-15 15:25:37 +00:00
parent eed648f140
commit 5676d53cbb
2 changed files with 30 additions and 2 deletions

View file

@ -319,6 +319,34 @@ paths:
description: Post does not belong to user description: Post does not belong to user
404: 404:
description: Post not found description: Post not found
/api/v1/statuses/{status_id}/favourite:
post:
summary: Add post to your favourites list
parameters:
- $ref: '#/components/parameters/status_id'
responses:
200:
description: Successful operation
content:
application/json:
schema:
$ref: '#/components/schemas/Status'
404:
description: Post does not exist or is not public
/api/v1/statuses/{status_id}/reblog:
post:
summary: Repost a post
parameters:
- $ref: '#/components/parameters/status_id'
responses:
200:
description: Successful operation
content:
application/json:
schema:
$ref: '#/components/schemas/Status'
404:
description: Post does not exist or is not public
/api/v1/statuses/{status_id}/make_permanent: /api/v1/statuses/{status_id}/make_permanent:
post: post:
summary: Save post to IPFS summary: Save post to IPFS

View file

@ -220,7 +220,7 @@ async fn favourite(
let db_client = &mut **get_database_client(&db_pool).await?; let db_client = &mut **get_database_client(&db_pool).await?;
let current_user = get_current_user(db_client, auth.token()).await?; let current_user = get_current_user(db_client, auth.token()).await?;
let mut post = get_post_by_id(db_client, &status_id).await?; let mut post = get_post_by_id(db_client, &status_id).await?;
if !can_view_post(db_client, Some(&current_user), &post).await? { if !post.is_public() {
return Err(HttpError::NotFoundError("post")); return Err(HttpError::NotFoundError("post"));
}; };
let maybe_reaction_created = match create_reaction( let maybe_reaction_created = match create_reaction(
@ -305,7 +305,7 @@ async fn reblog(
let db_client = &mut **get_database_client(&db_pool).await?; let db_client = &mut **get_database_client(&db_pool).await?;
let current_user = get_current_user(db_client, auth.token()).await?; let current_user = get_current_user(db_client, auth.token()).await?;
let mut post = get_post_by_id(db_client, &status_id).await?; let mut post = get_post_by_id(db_client, &status_id).await?;
if !can_view_post(db_client, Some(&current_user), &post).await? { if !post.is_public() {
return Err(HttpError::NotFoundError("post")); return Err(HttpError::NotFoundError("post"));
}; };
let repost_data = PostCreateData { let repost_data = PostCreateData {