mastodon/config/routes.rb

503 lines
15 KiB
Ruby
Raw Normal View History

2016-11-28 13:36:47 +01:00
# frozen_string_literal: true
require 'sidekiq_unique_jobs/web'
2017-05-08 03:52:57 +02:00
require 'sidekiq-scheduler/web'
Sidekiq::Web.set :session_secret, Rails.application.secrets[:secret_key_base]
2016-02-20 22:53:20 +01:00
Rails.application.routes.draw do
root 'home#index'
2017-01-21 22:19:13 +01:00
mount LetterOpenerWeb::Engine, at: 'letter_opener' if Rails.env.development?
2016-08-18 15:49:51 +02:00
health_check_routes
authenticate :user, lambda { |u| u.admin? } do
2016-12-13 13:42:10 +01:00
mount Sidekiq::Web, at: 'sidekiq', as: :sidekiq
mount PgHero::Engine, at: 'pghero', as: :pghero
end
use_doorkeeper do
controllers authorizations: 'oauth/authorizations',
authorized_applications: 'oauth/authorized_applications',
tokens: 'oauth/tokens'
end
get '.well-known/host-meta', to: 'well_known/host_meta#show', as: :host_meta, defaults: { format: 'xml' }
get '.well-known/nodeinfo', to: 'well_known/nodeinfo#index', as: :nodeinfo, defaults: { format: 'json' }
get '.well-known/webfinger', to: 'well_known/webfinger#show', as: :webfinger
get '.well-known/change-password', to: redirect('/auth/edit')
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
2019-03-18 21:00:55 +01:00
get '.well-known/keybase-proof-config', to: 'well_known/keybase_proof_config#show'
get '/nodeinfo/2.0', to: 'well_known/nodeinfo#show', as: :nodeinfo_schema
get 'manifest', to: 'manifests#show', defaults: { format: 'json' }
get 'intent', to: 'intents#show'
get 'custom.css', to: 'custom_css#show', as: :custom_css
2016-02-22 16:00:20 +01:00
resource :instance_actor, path: 'actor', only: [:show] do
resource :inbox, only: [:create], module: :activitypub
end
devise_scope :user do
get '/invite/:invite_code', to: 'auth/registrations#new', as: :public_invite
namespace :auth do
resource :setup, only: [:show, :update], controller: :setup
resource :challenge, only: [:create], controller: :challenges
end
end
devise_for :users, path: 'auth', controllers: {
omniauth_callbacks: 'auth/omniauth_callbacks',
sessions: 'auth/sessions',
registrations: 'auth/registrations',
2016-10-03 16:38:22 +02:00
passwords: 'auth/passwords',
2016-11-28 13:36:47 +01:00
confirmations: 'auth/confirmations',
}
2016-03-05 13:12:24 +01:00
get '/users/:username', to: redirect('/@%{username}'), constraints: lambda { |req| req.format.nil? || req.format.html? }
get '/authorize_follow', to: redirect { |_, request| "/authorize_interaction?#{request.params.to_query}" }
2017-03-22 19:26:22 +01:00
resources :accounts, path: 'users', only: [:show], param: :username do
2017-01-01 19:52:25 +01:00
get :remote_follow, to: 'remote_follow#new'
post :remote_follow, to: 'remote_follow#create'
resources :statuses, only: [:show] do
member do
get :activity
get :embed
end
resources :replies, only: [:index], module: :activitypub
end
resources :followers, only: [:index], controller: :follower_accounts
resources :following, only: [:index], controller: :following_accounts
2018-01-08 10:57:52 +01:00
resource :follow, only: [:create], controller: :account_follow
resource :unfollow, only: [:create], controller: :account_unfollow
resource :outbox, only: [:show], module: :activitypub
resource :inbox, only: [:create], module: :activitypub
2020-06-02 19:24:53 +02:00
resource :claim, only: [:create], module: :activitypub
resources :collections, only: [:show], module: :activitypub
end
2016-02-22 16:00:20 +01:00
2017-08-31 00:02:59 +02:00
resource :inbox, only: [:create], module: :activitypub
2017-03-22 19:26:22 +01:00
get '/@:username', to: 'accounts#show', as: :short_account
get '/@:username/with_replies', to: 'accounts#show', as: :short_account_with_replies
get '/@:username/media', to: 'accounts#show', as: :short_account_media
get '/@:username/tagged/:tag', to: 'accounts#show', as: :short_account_tag
2017-03-22 19:26:22 +01:00
get '/@:account_username/:id', to: 'statuses#show', as: :short_account_status
get '/@:account_username/:id/embed', to: 'statuses#embed', as: :embed_short_account_status
2017-03-22 19:26:22 +01:00
get '/interact/:id', to: 'remote_interaction#new', as: :remote_interaction
post '/interact/:id', to: 'remote_interaction#create'
get '/explore', to: 'directories#index', as: :explore
get '/explore/:id', to: 'directories#show', as: :explore_hashtag
get '/settings', to: redirect('/settings/profile')
2016-10-14 02:28:49 +02:00
namespace :settings do
resource :profile, only: [:show, :update] do
resources :pictures, only: :destroy
end
get :preferences, to: redirect('/settings/preferences/appearance')
2017-03-19 20:29:41 +01:00
namespace :preferences do
resource :appearance, only: [:show, :update], controller: :appearance
resource :notifications, only: [:show, :update]
resource :other, only: [:show, :update], controller: :other
end
resource :import, only: [:show, :create]
resource :export, only: [:show, :create]
namespace :exports, constraints: { format: :csv } do
resources :follows, only: :index, controller: :following_accounts
resources :blocks, only: :index, controller: :blocked_accounts
resources :mutes, only: :index, controller: :muted_accounts
resources :lists, only: :index, controller: :lists
resources :domain_blocks, only: :index, controller: :blocked_domains
2017-03-19 20:29:41 +01:00
end
resource :two_factor_authentication, only: [:show, :create, :destroy]
namespace :two_factor_authentication do
resources :recovery_codes, only: [:create]
resource :confirmation, only: [:new, :create]
end
resources :identity_proofs, only: [:index, :new, :create, :destroy]
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
2019-03-18 21:00:55 +01:00
resources :applications, except: [:edit] do
member do
post :regenerate
end
end
resource :delete, only: [:show, :destroy]
resource :migration, only: [:show, :create]
2017-07-19 04:59:04 +02:00
namespace :migration do
resource :redirect, only: [:new, :create, :destroy]
end
resources :aliases, only: [:index, :create, :destroy]
2017-07-19 04:59:04 +02:00
resources :sessions, only: [:destroy]
resources :featured_tags, only: [:index, :create, :destroy]
2016-10-14 02:28:49 +02:00
end
resources :media, only: [:show] do
get :player
end
resources :tags, only: [:show]
resources :emojis, only: [:show]
resources :invites, only: [:index, :create, :destroy]
resources :filters, except: [:show]
2019-03-16 11:23:22 +01:00
resource :relationships, only: [:show, :update]
2019-03-12 17:34:00 +01:00
get '/public', to: 'public_timelines#show', as: :public_timeline
get '/media_proxy/:id/(*any)', to: 'media_proxy#show', as: :media_proxy
resource :authorize_interaction, only: [:show, :create]
resource :share, only: [:show, :create]
namespace :admin do
2018-07-16 01:11:53 +02:00
get '/dashboard', to: 'dashboard#index'
2019-07-30 11:10:46 +02:00
resources :domain_allows, only: [:new, :create, :show, :destroy]
resources :domain_blocks, only: [:new, :create, :show, :destroy, :update] do
member do
get :edit
end
end
resources :email_domain_blocks, only: [:index, :new, :create, :destroy]
resources :action_logs, only: [:index]
resources :warning_presets, except: [:new]
resources :announcements, except: [:show] do
member do
post :publish
post :unpublish
end
end
resource :settings, only: [:edit, :update]
resources :site_uploads, only: [:destroy]
resources :invites, only: [:index, :create, :destroy] do
collection do
post :deactivate_all
end
end
resources :relays, only: [:index, :new, :create, :destroy] do
member do
post :enable
post :disable
end
end
2019-01-08 13:39:49 +01:00
resources :instances, only: [:index, :show], constraints: { id: /[^\/]+/ }
resources :reports, only: [:index, :show] do
member do
post :assign_to_self
post :unassign
post :reopen
post :resolve
end
resources :reported_statuses, only: [:create]
end
resources :report_notes, only: [:create, :destroy]
2017-02-15 00:22:58 +01:00
resources :accounts, only: [:index, :show] do
member do
post :enable
post :unsilence
post :unsuspend
post :redownload
post :remove_avatar
post :remove_header
post :memorialize
post :approve
post :reject
end
resource :change_email, only: [:show, :update]
resource :reset, only: [:create]
resource :action, only: [:new, :create], controller: 'account_actions'
resources :statuses, only: [:index, :show, :create, :update, :destroy]
resources :relationships, only: [:index]
resource :confirmation, only: [:create] do
collection do
post :resend
end
end
resource :role, only: [] do
member do
post :promote
post :demote
end
end
end
resources :pending_accounts, only: [:index] do
collection do
post :approve_all
post :reject_all
post :batch
end
end
resources :users, only: [] do
resource :two_factor_authentication, only: [:destroy]
end
resources :custom_emojis, only: [:index, :new, :create] do
collection do
post :batch
end
end
resources :account_moderation_notes, only: [:create, :destroy]
resources :tags, only: [:index, :show, :update] do
collection do
post :approve_all
post :reject_all
post :batch
end
end
end
2018-07-16 01:11:53 +02:00
get '/admin', to: redirect('/admin/dashboard', status: 302)
namespace :api do
# OEmbed
get '/oembed', to: 'oembed#show', as: :oembed
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
2019-03-18 21:00:55 +01:00
# Identity proofs
get :proofs, to: 'proofs#index'
# JSON / REST API
2016-09-27 16:58:23 +02:00
namespace :v1 do
resources :statuses, only: [:create, :show, :destroy] do
scope module: :statuses do
resources :reblogged_by, controller: :reblogged_by_accounts, only: :index
resources :favourited_by, controller: :favourited_by_accounts, only: :index
resource :reblog, only: :create
post :unreblog, to: 'reblogs#destroy'
resource :favourite, only: :create
post :unfavourite, to: 'favourites#destroy'
resource :bookmark, only: :create
post :unbookmark, to: 'bookmarks#destroy'
resource :mute, only: :create
post :unmute, to: 'mutes#destroy'
resource :pin, only: :create
post :unpin, to: 'pins#destroy'
end
2016-09-27 16:58:23 +02:00
member do
get :context
end
end
namespace :timelines do
resource :home, only: :show, controller: :home
resource :public, only: :show, controller: :public
resources :tag, only: :show
resources :list, only: :show
end
resources :streaming, only: [:index]
resources :custom_emojis, only: [:index]
resources :suggestions, only: [:index, :destroy]
resources :scheduled_statuses, only: [:index, :show, :update, :destroy]
resources :preferences, only: [:index]
resources :announcements, only: [:index] do
scope module: :announcements do
resources :reactions, only: [:update, :destroy]
end
member do
post :dismiss
end
end
# namespace :crypto do
# resources :deliveries, only: :create
# namespace :keys do
# resource :upload, only: [:create]
# resource :query, only: [:create]
# resource :claim, only: [:create]
# resource :count, only: [:show]
# end
# resources :encrypted_messages, only: [:index] do
# collection do
# post :clear
# end
# end
# end
2020-06-02 19:24:53 +02:00
resources :conversations, only: [:index, :destroy] do
member do
post :read
end
end
resources :media, only: [:create, :update, :show]
resources :blocks, only: [:index]
resources :mutes, only: [:index]
resources :favourites, only: [:index]
resources :bookmarks, only: [:index]
resources :reports, only: [:create]
resources :trends, only: [:index]
resources :filters, only: [:index, :create, :show, :update, :destroy]
resources :endorsements, only: [:index]
resources :markers, only: [:index, :create]
namespace :apps do
get :verify_credentials, to: 'credentials#show'
end
resources :apps, only: [:create]
resource :instance, only: [:show] do
resources :peers, only: [:index], controller: 'instances/peers'
resource :activity, only: [:show], controller: 'instances/activity'
end
Account domain blocks (#2381) * Add <ostatus:conversation /> tag to Atom input/output Only uses ref attribute (not href) because href would be the alternate link that's always included also. Creates new conversation for every non-reply status. Carries over conversation for every reply. Keeps remote URIs verbatim, generates local URIs on the fly like the rest of them. * Conversation muting - prevents notifications that reference a conversation (including replies, favourites, reblogs) from being created. API endpoints /api/v1/statuses/:id/mute and /api/v1/statuses/:id/unmute Currently no way to tell when a status/conversation is muted, so the web UI only has a "disable notifications" button, doesn't work as a toggle * Display "Dismiss notifications" on all statuses in notifications column, not just own * Add "muted" as a boolean attribute on statuses JSON For now always false on contained reblogs, since it's only relevant for statuses returned from the notifications endpoint, which are not nested Remove "Disable notifications" from detailed status view, since it's only relevant in the notifications column * Up max class length * Remove pending test for conversation mute * Add tests, clean up * Rename to "mute conversation" and "unmute conversation" * Raise validation error when trying to mute/unmute status without conversation * Adding account domain blocks that filter notifications and public timelines * Add tests for domain blocks in notifications, public timelines Filter reblogs of blocked domains from home * Add API for listing and creating account domain blocks * API for creating/deleting domain blocks, tests for Status#ancestors and Status#descendants, filter domain blocks from them * Filter domains in streaming API * Update account_domain_block_spec.rb
2017-05-19 01:14:30 +02:00
resource :domain_blocks, only: [:show, :create, :destroy]
resource :directory, only: [:show]
2016-12-26 19:30:45 +01:00
resources :follow_requests, only: [:index] do
member do
post :authorize
post :reject
end
end
resources :notifications, only: [:index, :show] do
collection do
post :clear
end
member do
post :dismiss
end
end
namespace :accounts do
get :verify_credentials, to: 'credentials#show'
patch :update_credentials, to: 'credentials#update'
resource :search, only: :show, controller: :search
resources :relationships, only: :index
end
resources :accounts, only: [:create, :show] do
resources :statuses, only: :index, controller: 'accounts/statuses'
resources :followers, only: :index, controller: 'accounts/follower_accounts'
resources :following, only: :index, controller: 'accounts/following_accounts'
resources :lists, only: :index, controller: 'accounts/lists'
resources :identity_proofs, only: :index, controller: 'accounts/identity_proofs'
2016-09-27 16:58:23 +02:00
member do
post :follow
post :unfollow
2016-10-03 18:17:06 +02:00
post :block
post :unblock
post :mute
post :unmute
2016-09-27 16:58:23 +02:00
end
resource :pin, only: :create, controller: 'accounts/pins'
post :unpin, to: 'accounts/pins#destroy'
resource :note, only: :create, controller: 'accounts/notes'
end
resources :lists, only: [:index, :create, :show, :update, :destroy] do
resource :accounts, only: [:show, :create, :destroy], controller: 'lists/accounts'
end
namespace :featured_tags do
get :suggestions, to: 'suggestions#index'
end
resources :featured_tags, only: [:index, :create, :destroy]
resources :polls, only: [:create, :show] do
resources :votes, only: :create, controller: 'polls/votes'
end
namespace :push do
resource :subscription, only: [:create, :show, :update, :destroy]
end
namespace :admin do
resources :accounts, only: [:index, :show] do
member do
post :enable
post :unsilence
post :unsuspend
post :approve
post :reject
end
resource :action, only: [:create], controller: 'account_actions'
end
resources :reports, only: [:index, :show] do
member do
post :assign_to_self
post :unassign
post :reopen
post :resolve
end
end
end
end
namespace :v2 do
resources :media, only: [:create]
get '/search', to: 'search#index', as: :search
end
namespace :web do
resource :settings, only: [:update]
resource :embed, only: [:create]
Web Push Notifications (#3243) * feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
2017-07-13 22:15:32 +02:00
resources :push_subscriptions, only: [:create] do
member do
put :update
end
end
end
end
2016-02-22 16:00:20 +01:00
2017-01-04 15:35:36 +01:00
get '/web/(*any)', to: 'home#index', as: :web
get '/about', to: 'about#show'
get '/about/more', to: 'about#more'
get '/terms', to: 'about#terms'
match '/', via: [:post, :put, :patch, :delete], to: 'application#raise_not_found', format: false
match '*unmatched_route', via: :all, to: 'application#raise_not_found', format: false
2016-02-20 22:53:20 +01:00
end