Hide posts that user is not allowed to view from search results
This commit is contained in:
parent
a63da82b85
commit
7d89f65b37
3 changed files with 40 additions and 3 deletions
|
@ -508,6 +508,33 @@ paths:
|
|||
type: array
|
||||
items:
|
||||
$ref: '#/components/schemas/Status'
|
||||
/api/v2/search:
|
||||
get:
|
||||
summary: Search for profiles or posts
|
||||
parameters:
|
||||
- name: q
|
||||
in: query
|
||||
description: The search query
|
||||
required: true
|
||||
schema:
|
||||
type: string
|
||||
responses:
|
||||
200:
|
||||
description: Successful operation
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
description: Search results
|
||||
type: object
|
||||
properties:
|
||||
accounts:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/components/schemas/Account'
|
||||
statuses:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/components/schemas/Status'
|
||||
|
||||
components:
|
||||
securitySchemes:
|
||||
|
|
|
@ -9,6 +9,7 @@ use crate::config::Config;
|
|||
use crate::errors::{ValidationError, HttpError};
|
||||
use crate::mastodon_api::accounts::types::Account;
|
||||
use crate::mastodon_api::statuses::types::Status;
|
||||
use crate::models::posts::helpers::can_view_post;
|
||||
use crate::models::posts::types::Post;
|
||||
use crate::models::profiles::queries::{
|
||||
search_profile,
|
||||
|
@ -18,6 +19,7 @@ use crate::models::profiles::types::DbActorProfile;
|
|||
use crate::models::users::types::{
|
||||
validate_wallet_address,
|
||||
WALLET_CURRENCY_CODE,
|
||||
User,
|
||||
};
|
||||
use super::types::SearchResults;
|
||||
|
||||
|
@ -118,6 +120,7 @@ async fn search_note(
|
|||
|
||||
pub async fn search(
|
||||
config: &Config,
|
||||
current_user: &User,
|
||||
db_client: &mut impl GenericClient,
|
||||
search_query: &str,
|
||||
) -> Result<SearchResults, HttpError> {
|
||||
|
@ -130,8 +133,10 @@ pub async fn search(
|
|||
SearchQuery::Url(url) => {
|
||||
let maybe_post = search_note(config, db_client, url).await?;
|
||||
if let Some(post) = maybe_post {
|
||||
if can_view_post(db_client, Some(current_user), &post).await? {
|
||||
posts = vec![post];
|
||||
};
|
||||
};
|
||||
},
|
||||
SearchQuery::WalletAddress(address) => {
|
||||
// Search is case insensitive
|
||||
|
|
|
@ -17,8 +17,13 @@ async fn search_view(
|
|||
query_params: web::Query<SearchQueryParams>,
|
||||
) -> Result<HttpResponse, HttpError> {
|
||||
let db_client = &mut **get_database_client(&db_pool).await?;
|
||||
get_current_user(db_client, auth.token()).await?;
|
||||
let results = search(&config, db_client, query_params.q.trim()).await?;
|
||||
let current_user = get_current_user(db_client, auth.token()).await?;
|
||||
let results = search(
|
||||
&config,
|
||||
¤t_user,
|
||||
db_client,
|
||||
query_params.q.trim(),
|
||||
).await?;
|
||||
Ok(HttpResponse::Ok().json(results))
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue