forked from mirrors/gotosocial
938328cd07
* settings panel restructuring * clean up old Gin handlers * colorscheme redesign, some other small css tweaks * basic router layout, error boundary * colorscheme redesign, some other small css tweaks * kebab-case consistency * superfluous padding on applist * remove unused consts * redux, whitespace changes.. * use .jsx extensions for components * login flow up till app registration * full redux oauth implementation, with basic error handling * split oauth api functions * oauth api revocation handling * basic profile change submission * move old dir * profile overview * fix keeping track of the wrong instance url (for different instance/api domains) * use redux state for profile form * delete old/index.js, old/basic.js, fully implemented * implement old/user/profile.js * implement password change * remove debug logging * support future api for removing files * customize profile css * remove unneeded wrapper components * restructure form fields * start on admin pages * admin panel settings * admin settings panel * remove old/admin files * add top-level redirect * refactor/cleanup forms * only do API checks on logged-in state * admin-status based routing * federation block routing * federation blocks * upgrade dependencies * react 18 changes * media cleanup * fix useEffect hooks * remove unused require * custom emoji base * emoji uploader * delete last old panel files * sidebar styling, remove unused page * refactor submit functions * fix sidebar boxshadow-border * fix old css variables * fix fake-toot avatar * fix non-square emoji * fix user settings redux keys * properly get admin account contact from instance response * Account.source default values * source.status_format key * mobile responsiveness * mobile element tweaks * proper redirect after removing block * add redirects for old setting panel urls * deletes * fix mobile overflow * clean up debug logging calls
153 lines
5 KiB
Go
153 lines
5 KiB
Go
/*
|
|
GoToSocial
|
|
Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
package web
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"errors"
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/superseriousbusiness/gotosocial/internal/ap"
|
|
"github.com/superseriousbusiness/gotosocial/internal/api"
|
|
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
|
|
"github.com/superseriousbusiness/gotosocial/internal/config"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
|
|
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
|
)
|
|
|
|
func (m *Module) threadGETHandler(c *gin.Context) {
|
|
ctx := c.Request.Context()
|
|
|
|
authed, err := oauth.Authed(c, false, false, false, false)
|
|
if err != nil {
|
|
api.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
// usernames on our instance will always be lowercase
|
|
username := strings.ToLower(c.Param(usernameKey))
|
|
if username == "" {
|
|
err := errors.New("no account username specified")
|
|
api.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
// status ids will always be uppercase
|
|
statusID := strings.ToUpper(c.Param(statusIDKey))
|
|
if statusID == "" {
|
|
err := errors.New("no status id specified")
|
|
api.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
host := config.GetHost()
|
|
instance, err := m.processor.InstanceGet(ctx, host)
|
|
if err != nil {
|
|
api.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
instanceGet := func(ctx context.Context, domain string) (*apimodel.Instance, gtserror.WithCode) {
|
|
return instance, nil
|
|
}
|
|
|
|
// do this check to make sure the status is actually from a local account,
|
|
// we shouldn't render threads from statuses that don't belong to us!
|
|
if _, errWithCode := m.processor.AccountGetLocalByUsername(ctx, authed, username); errWithCode != nil {
|
|
api.ErrorHandler(c, errWithCode, instanceGet)
|
|
return
|
|
}
|
|
|
|
status, errWithCode := m.processor.StatusGet(ctx, authed, statusID)
|
|
if errWithCode != nil {
|
|
api.ErrorHandler(c, errWithCode, instanceGet)
|
|
return
|
|
}
|
|
|
|
if !strings.EqualFold(username, status.Account.Username) {
|
|
err := gtserror.NewErrorNotFound(errors.New("path username not equal to status author username"))
|
|
api.ErrorHandler(c, gtserror.NewErrorNotFound(err), instanceGet)
|
|
return
|
|
}
|
|
|
|
// if we're getting an AP request on this endpoint we
|
|
// should render the status's AP representation instead
|
|
accept := c.NegotiateFormat(string(api.TextHTML), string(api.AppActivityJSON), string(api.AppActivityLDJSON))
|
|
if accept == string(api.AppActivityJSON) || accept == string(api.AppActivityLDJSON) {
|
|
m.returnAPStatus(ctx, c, username, statusID, accept)
|
|
return
|
|
}
|
|
|
|
context, errWithCode := m.processor.StatusGetContext(ctx, authed, statusID)
|
|
if errWithCode != nil {
|
|
api.ErrorHandler(c, errWithCode, instanceGet)
|
|
return
|
|
}
|
|
|
|
stylesheets := []string{
|
|
"/assets/Fork-Awesome/css/fork-awesome.min.css",
|
|
"/assets/dist/status.css",
|
|
}
|
|
if config.GetAccountsAllowCustomCSS() {
|
|
stylesheets = append(stylesheets, "/@"+username+"/custom.css")
|
|
}
|
|
|
|
c.HTML(http.StatusOK, "thread.tmpl", gin.H{
|
|
"instance": instance,
|
|
"status": status,
|
|
"context": context,
|
|
"ogMeta": ogBase(instance).withStatus(status),
|
|
"stylesheets": stylesheets,
|
|
"javascript": []string{
|
|
"/assets/dist/bundle.js",
|
|
"/assets/dist/frontend.js",
|
|
},
|
|
})
|
|
}
|
|
|
|
func (m *Module) returnAPStatus(ctx context.Context, c *gin.Context, username string, statusID string, accept string) {
|
|
verifier, signed := c.Get(string(ap.ContextRequestingPublicKeyVerifier))
|
|
if signed {
|
|
ctx = context.WithValue(ctx, ap.ContextRequestingPublicKeyVerifier, verifier)
|
|
}
|
|
|
|
signature, signed := c.Get(string(ap.ContextRequestingPublicKeySignature))
|
|
if signed {
|
|
ctx = context.WithValue(ctx, ap.ContextRequestingPublicKeySignature, signature)
|
|
}
|
|
|
|
status, errWithCode := m.processor.GetFediStatus(ctx, username, statusID, c.Request.URL)
|
|
if errWithCode != nil {
|
|
api.ErrorHandler(c, errWithCode, m.processor.InstanceGet) //nolint:contextcheck
|
|
return
|
|
}
|
|
|
|
b, mErr := json.Marshal(status)
|
|
if mErr != nil {
|
|
err := fmt.Errorf("could not marshal json: %s", mErr)
|
|
api.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGet) //nolint:contextcheck
|
|
return
|
|
}
|
|
|
|
c.Data(http.StatusOK, accept, b)
|
|
}
|