mirror of
https://git.pleroma.social/pleroma/pleroma.git
synced 2025-01-10 17:25:26 +00:00
mastodon api: add support for user-supplied html policy
This commit is contained in:
parent
2f5b026548
commit
958e085acb
3 changed files with 22 additions and 18 deletions
|
@ -98,7 +98,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
CommonAPI.update(user)
|
||||
end
|
||||
|
||||
json(conn, AccountView.render("account.json", %{user: user}))
|
||||
json(conn, AccountView.render("account.json", %{user: user, for: user}))
|
||||
else
|
||||
_e ->
|
||||
conn
|
||||
|
@ -108,13 +108,13 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
end
|
||||
|
||||
def verify_credentials(%{assigns: %{user: user}} = conn, _) do
|
||||
account = AccountView.render("account.json", %{user: user})
|
||||
account = AccountView.render("account.json", %{user: user, for: user})
|
||||
json(conn, account)
|
||||
end
|
||||
|
||||
def user(conn, %{"id" => id}) do
|
||||
def user(%{assigns: %{user: for_user}} = conn, %{"id" => id}) do
|
||||
with %User{} = user <- Repo.get(User, id) do
|
||||
account = AccountView.render("account.json", %{user: user})
|
||||
account = AccountView.render("account.json", %{user: user, for: for_user})
|
||||
json(conn, account)
|
||||
else
|
||||
_e ->
|
||||
|
@ -588,7 +588,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
with %User{} = followed <- Repo.get_by(User, nickname: uri),
|
||||
{:ok, follower} <- User.maybe_direct_follow(follower, followed),
|
||||
{:ok, _activity} <- ActivityPub.follow(follower, followed) do
|
||||
render(conn, AccountView, "account.json", %{user: followed})
|
||||
render(conn, AccountView, "account.json", %{user: followed, for: follower})
|
||||
else
|
||||
{:error, message} ->
|
||||
conn
|
||||
|
@ -858,7 +858,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
|
||||
if user && token do
|
||||
mastodon_emoji = mastodonized_emoji()
|
||||
accounts = Map.put(%{}, user.id, AccountView.render("account.json", %{user: user}))
|
||||
accounts = Map.put(%{}, user.id, AccountView.render("account.json", %{user: user, for: user}))
|
||||
|
||||
initial_state =
|
||||
%{
|
||||
|
@ -1038,7 +1038,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
id: id,
|
||||
type: "mention",
|
||||
created_at: created_at,
|
||||
account: AccountView.render("account.json", %{user: actor}),
|
||||
account: AccountView.render("account.json", %{user: actor, for: user}),
|
||||
status: StatusView.render("status.json", %{activity: activity, for: user})
|
||||
}
|
||||
|
||||
|
@ -1049,7 +1049,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
id: id,
|
||||
type: "favourite",
|
||||
created_at: created_at,
|
||||
account: AccountView.render("account.json", %{user: actor}),
|
||||
account: AccountView.render("account.json", %{user: actor, for: user}),
|
||||
status: StatusView.render("status.json", %{activity: liked_activity, for: user})
|
||||
}
|
||||
|
||||
|
@ -1060,7 +1060,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
id: id,
|
||||
type: "reblog",
|
||||
created_at: created_at,
|
||||
account: AccountView.render("account.json", %{user: actor}),
|
||||
account: AccountView.render("account.json", %{user: actor, for: user}),
|
||||
status: StatusView.render("status.json", %{activity: announced_activity, for: user})
|
||||
}
|
||||
|
||||
|
@ -1069,7 +1069,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
|||
id: id,
|
||||
type: "follow",
|
||||
created_at: created_at,
|
||||
account: AccountView.render("account.json", %{user: actor})
|
||||
account: AccountView.render("account.json", %{user: actor, for: user})
|
||||
}
|
||||
|
||||
_ ->
|
||||
|
|
|
@ -10,7 +10,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
|
|||
render_many(users, AccountView, "account.json", opts)
|
||||
end
|
||||
|
||||
def render("account.json", %{user: user}) do
|
||||
def render("account.json", %{user: user} = opts) do
|
||||
image = User.avatar_url(user) |> MediaProxy.url()
|
||||
header = User.banner_url(user) |> MediaProxy.url()
|
||||
user_info = User.user_info(user)
|
||||
|
@ -33,6 +33,8 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
|
|||
|> Enum.filter(fn %{"type" => t} -> t == "PropertyValue" end)
|
||||
|> Enum.map(fn fields -> Map.take(fields, ["name", "value"]) end)
|
||||
|
||||
bio = HTML.filter_tags(user.bio, User.html_filter_policy(opts[:for]))
|
||||
|
||||
%{
|
||||
id: to_string(user.id),
|
||||
username: username_from_nickname(user.nickname),
|
||||
|
@ -43,7 +45,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
|
|||
followers_count: user_info.follower_count,
|
||||
following_count: user_info.following_count,
|
||||
statuses_count: user_info.note_count,
|
||||
note: HTML.filter_tags(user.bio) || "",
|
||||
note: bio || "",
|
||||
url: user.ap_id,
|
||||
avatar: image,
|
||||
avatar_static: image,
|
||||
|
|
|
@ -122,6 +122,10 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
|
|||
%{shortcode: name, url: url, static_url: url, visible_in_picker: false}
|
||||
end)
|
||||
|
||||
content =
|
||||
render_content(object)
|
||||
|> HTML.filter_tags(User.html_filter_policy(opts[:for]))
|
||||
|
||||
%{
|
||||
id: to_string(activity.id),
|
||||
uri: object["id"],
|
||||
|
@ -130,7 +134,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
|
|||
in_reply_to_id: reply_to && to_string(reply_to.id),
|
||||
in_reply_to_account_id: reply_to_user && to_string(reply_to_user.id),
|
||||
reblog: nil,
|
||||
content: render_content(object),
|
||||
content: content,
|
||||
created_at: created_at,
|
||||
reblogs_count: announcement_count,
|
||||
replies_count: 0,
|
||||
|
@ -224,7 +228,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
|
|||
object["content"]
|
||||
end
|
||||
|
||||
HTML.filter_tags(content)
|
||||
content
|
||||
end
|
||||
|
||||
def render_content(%{"type" => "Article"} = object) do
|
||||
|
@ -237,10 +241,8 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do
|
|||
object["content"]
|
||||
end
|
||||
|
||||
HTML.filter_tags(content)
|
||||
content
|
||||
end
|
||||
|
||||
def render_content(object) do
|
||||
HTML.filter_tags(object["content"])
|
||||
end
|
||||
def render_content(object), do: object["content"]
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue