[feature] Implement profile API (#2926)

* Implement profile API

This Mastodon 4.2 extension provides capabilities missing from the existing Mastodon account update API: deleting an account's avatar or header.

See: https://docs.joinmastodon.org/methods/profile/

* Move profile media methods to media processor

* Remove check for moved account

docs/api/swagger.yaml

@@ -7276,6 +7276,60 @@ paths:
             summary: Return an object of user preferences.
             tags:
                 - preferences
+    /api/v1/profile/avatar:
+        delete:
+            description: If the account doesn't have an avatar, the call succeeds anyway.
+            operationId: accountAvatarDelete
+            produces:
+                - application/json
+            responses:
+                "200":
+                    description: The updated account, including profile source information.
+                    schema:
+                        $ref: '#/definitions/account'
+                "400":
+                    description: bad request
+                "401":
+                    description: unauthorized
+                "403":
+                    description: forbidden
+                "406":
+                    description: not acceptable
+                "500":
+                    description: internal server error
+            security:
+                - OAuth2 Bearer:
+                    - admin
+            summary: Delete the authenticated account's avatar.
+            tags:
+                - accounts
+    /api/v1/profile/header:
+        delete:
+            description: If the account doesn't have a header, the call succeeds anyway.
+            operationId: accountHeaderDelete
+            produces:
+                - application/json
+            responses:
+                "200":
+                    description: The updated account, including profile source information.
+                    schema:
+                        $ref: '#/definitions/account'
+                "400":
+                    description: bad request
+                "401":
+                    description: unauthorized
+                "403":
+                    description: forbidden
+                "406":
+                    description: not acceptable
+                "500":
+                    description: internal server error
+            security:
+                - OAuth2 Bearer:
+                    - admin
+            summary: Delete the authenticated account's header.
+            tags:
+                - accounts
     /api/v1/reports:
         get:
             description: |-

internal/api/client/accounts/accounts.go

@@ -56,6 +56,11 @@ const (
 	MovePath          = BasePath + "/move"
 	AliasPath         = BasePath + "/alias"
 	ThemesPath        = BasePath + "/themes"
+
+	// ProfileBasePath for the profile API, an extension of the account update API with a different path.
+	ProfileBasePath = "/v1/profile"
+	AvatarPath      = ProfileBasePath + "/avatar"
+	HeaderPath      = ProfileBasePath + "/header"
 )
 
 type Module struct {
@@ -84,6 +89,10 @@ func (m *Module) Route(attachHandler func(method string, path string, f ...gin.H
 	// modify account
 	attachHandler(http.MethodPatch, UpdatePath, m.AccountUpdateCredentialsPATCHHandler)
 
+	// modify account profile media
+	attachHandler(http.MethodDelete, AvatarPath, m.AccountAvatarDELETEHandler)
+	attachHandler(http.MethodDelete, HeaderPath, m.AccountHeaderDELETEHandler)
+
 	// get account's statuses
 	attachHandler(http.MethodGet, StatusesPath, m.AccountStatusesGETHandler)
 

internal/api/client/accounts/profile.go

@@ -0,0 +1,123 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package accounts
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
+	apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
+	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+	"github.com/superseriousbusiness/gotosocial/internal/oauth"
+)
+
+// AccountAvatarDELETEHandler swagger:operation DELETE /api/v1/profile/avatar accountAvatarDelete
+//
+// Delete the authenticated account's avatar.
+// If the account doesn't have an avatar, the call succeeds anyway.
+//
+//	---
+//	tags:
+//	- accounts
+//
+//	produces:
+//	- application/json
+//
+//	security:
+//	- OAuth2 Bearer:
+//		- admin
+//
+//	responses:
+//		'200':
+//			description: The updated account, including profile source information.
+//			schema:
+//				"$ref": "#/definitions/account"
+//		'400':
+//			description: bad request
+//		'401':
+//			description: unauthorized
+//		'403':
+//			description: forbidden
+//		'406':
+//			description: not acceptable
+//		'500':
+//			description: internal server error
+func (m *Module) AccountAvatarDELETEHandler(c *gin.Context) {
+	m.accountDeleteProfileAttachment(c, m.processor.Media().DeleteAvatar)
+}
+
+// AccountHeaderDELETEHandler swagger:operation DELETE /api/v1/profile/header accountHeaderDelete
+//
+// Delete the authenticated account's header.
+// If the account doesn't have a header, the call succeeds anyway.
+//
+//	---
+//	tags:
+//	- accounts
+//
+//	produces:
+//	- application/json
+//
+//	security:
+//	- OAuth2 Bearer:
+//		- admin
+//
+//	responses:
+//		'200':
+//			description: The updated account, including profile source information.
+//			schema:
+//				"$ref": "#/definitions/account"
+//		'400':
+//			description: bad request
+//		'401':
+//			description: unauthorized
+//		'403':
+//			description: forbidden
+//		'406':
+//			description: not acceptable
+//		'500':
+//			description: internal server error
+func (m *Module) AccountHeaderDELETEHandler(c *gin.Context) {
+	m.accountDeleteProfileAttachment(c, m.processor.Media().DeleteHeader)
+}
+
+// accountDeleteProfileAttachment checks that an authenticated account is present and allowed to alter itself,
+// runs an attachment deletion processor method, and returns the updated account.
+func (m *Module) accountDeleteProfileAttachment(c *gin.Context, processDelete func(context.Context, *gtsmodel.Account) (*apimodel.Account, gtserror.WithCode)) {
+	authed, err := oauth.Authed(c, true, true, true, true)
+	if err != nil {
+		apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGetV1)
+		return
+	}
+
+	if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
+		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
+		return
+	}
+
+	acctSensitive, errWithCode := processDelete(c, authed.Account)
+	if errWithCode != nil {
+		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
+		return
+	}
+
+	apiutil.JSON(c, http.StatusOK, acctSensitive)
+}

internal/api/client/accounts/profile_test.go

@@ -0,0 +1,141 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package accounts_test
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+	"github.com/stretchr/testify/suite"
+	"github.com/superseriousbusiness/gotosocial/internal/api/client/accounts"
+	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
+	"github.com/superseriousbusiness/gotosocial/internal/config"
+	"github.com/superseriousbusiness/gotosocial/internal/oauth"
+	"github.com/superseriousbusiness/gotosocial/testrig"
+)
+
+type AccountProfileTestSuite struct {
+	AccountStandardTestSuite
+}
+
+func (suite *AccountProfileTestSuite) deleteProfileAttachment(
+	testAccountFixtureName string,
+	profileSubpath string,
+	handler func(*gin.Context),
+	expectedHTTPStatus int,
+) (*apimodel.Account, error) {
+	// instantiate recorder + test context
+	recorder := httptest.NewRecorder()
+	ctx, _ := testrig.CreateGinTestContext(recorder, nil)
+	ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts[testAccountFixtureName])
+	ctx.Set(oauth.SessionAuthorizedToken, oauth.DBTokenToToken(suite.testTokens[testAccountFixtureName]))
+	ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
+	ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers[testAccountFixtureName])
+
+	// create the request
+	ctx.Request = httptest.NewRequest(http.MethodDelete, config.GetProtocol()+"://"+config.GetHost()+"/api"+accounts.ProfileBasePath+"/"+profileSubpath, nil)
+	ctx.Request.Header.Set("accept", "application/json")
+
+	// trigger the handler
+	handler(ctx)
+
+	// read the response
+	result := recorder.Result()
+	defer result.Body.Close()
+
+	b, err := io.ReadAll(result.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	// check code
+	if resultCode := recorder.Code; expectedHTTPStatus != resultCode {
+		return nil, fmt.Errorf("expected %d got %d", expectedHTTPStatus, resultCode)
+	}
+
+	resp := &apimodel.Account{}
+	if err := json.Unmarshal(b, resp); err != nil {
+		return nil, err
+	}
+
+	return resp, nil
+}
+
+// Delete the avatar of a user that has an avatar. Should succeed.
+func (suite *AccountProfileTestSuite) TestDeleteAvatar() {
+	account, err := suite.deleteProfileAttachment(
+		"local_account_1",
+		"avatar",
+		suite.accountsModule.AccountAvatarDELETEHandler,
+		http.StatusOK,
+	)
+	if suite.NoError(err) {
+		// An empty URL is legal *only* in the test environment, which may have no default avatars.
+		suite.True(account.Avatar == "" || strings.HasPrefix(account.Avatar, "http://localhost:8080/assets/default_avatars/"))
+	}
+}
+
+// Delete the avatar of a user that doesn't have an avatar. Should succeed.
+func (suite *AccountProfileTestSuite) TestDeleteNonexistentAvatar() {
+	account, err := suite.deleteProfileAttachment(
+		"admin_account",
+		"avatar",
+		suite.accountsModule.AccountAvatarDELETEHandler,
+		http.StatusOK,
+	)
+	if suite.NoError(err) {
+		// An empty URL is legal *only* in the test environment, which may have no default avatars.
+		suite.True(account.Avatar == "" || strings.HasPrefix(account.Avatar, "http://localhost:8080/assets/default_avatars/"))
+	}
+}
+
+// Delete the header of a user that has a header. Should succeed.
+func (suite *AccountProfileTestSuite) TestDeleteHeader() {
+	account, err := suite.deleteProfileAttachment(
+		"local_account_2",
+		"header",
+		suite.accountsModule.AccountHeaderDELETEHandler,
+		http.StatusOK,
+	)
+	if suite.NoError(err) {
+		suite.Equal("http://localhost:8080/assets/default_header.png", account.Header)
+	}
+}
+
+// Delete the header of a user that doesn't have a header. Should succeed.
+func (suite *AccountProfileTestSuite) TestDeleteNonexistentHeader() {
+	account, err := suite.deleteProfileAttachment(
+		"admin_account",
+		"header",
+		suite.accountsModule.AccountHeaderDELETEHandler,
+		http.StatusOK,
+	)
+	if suite.NoError(err) {
+		suite.Equal("http://localhost:8080/assets/default_header.png", account.Header)
+	}
+}
+
+func TestAccountProfileTestSuite(t *testing.T) {
+	suite.Run(t, new(AccountProfileTestSuite))
+}

internal/processing/media/profile.go

@@ -0,0 +1,77 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package media
+
+import (
+	"context"
+	"fmt"
+
+	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
+	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+)
+
+// DeleteAvatar deletes the account's avatar, if one exists, and returns the updated account.
+// If no avatar exists, it returns anyway with no error.
+func (p *Processor) DeleteAvatar(
+	ctx context.Context,
+	account *gtsmodel.Account,
+) (*apimodel.Account, gtserror.WithCode) {
+	attachmentID := account.AvatarMediaAttachmentID
+	account.AvatarMediaAttachmentID = ""
+	return p.deleteProfileAttachment(ctx, account, "avatar_media_attachment_id", attachmentID)
+}
+
+// DeleteHeader deletes the account's header, if one exists, and returns the updated account.
+// If no header exists, it returns anyway with no error.
+func (p *Processor) DeleteHeader(
+	ctx context.Context,
+	account *gtsmodel.Account,
+) (*apimodel.Account, gtserror.WithCode) {
+	attachmentID := account.HeaderMediaAttachmentID
+	account.HeaderMediaAttachmentID = ""
+	return p.deleteProfileAttachment(ctx, account, "header_media_attachment_id", attachmentID)
+}
+
+// deleteProfileAttachment updates an attachment ID column and then deletes the attachment.
+// Precondition: the relevant attachment ID field of the account model has already been set to the empty string.
+func (p *Processor) deleteProfileAttachment(
+	ctx context.Context,
+	account *gtsmodel.Account,
+	attachmentIDColumn string,
+	attachmentID string,
+) (*apimodel.Account, gtserror.WithCode) {
+	if attachmentID != "" {
+		// Remove attachment from account.
+		if err := p.state.DB.UpdateAccount(ctx, account, attachmentIDColumn); err != nil {
+			return nil, gtserror.NewErrorInternalError(fmt.Errorf("could not update account: %s", err))
+		}
+
+		// Delete attachment media.
+		if err := p.Delete(ctx, attachmentID); err != nil {
+			return nil, err
+		}
+	}
+
+	acctSensitive, err := p.converter.AccountToAPIAccountSensitive(ctx, account)
+	if err != nil {
+		return nil, gtserror.NewErrorInternalError(fmt.Errorf("could not convert account into apisensitive account: %s", err))
+	}
+
+	return acctSensitive, nil
+}

internal/typeutils/defaulticons.go

@@ -119,7 +119,7 @@ func (c *Converter) ensureAvatar(account *apimodel.Account) {
 	account.AvatarStatic = avatar
 }
 
-// EnsureAvatar ensures that the given account has a value set
+// ensureHeader ensures that the given account has a value set
 // for the header URL.
 //
 // If no value is set, the default header will be set.