mastodon/app/controllers/authorize_interactions_controller.rb

# frozen_string_literal: true

class AuthorizeInteractionsController < ApplicationController
  include Authorization

  layout 'modal'

  before_action :authenticate_user!
  before_action :set_body_classes
  before_action :set_resource

  def show
    if @resource.is_a?(Account)
      render :show
    elsif @resource.is_a?(Status)
      redirect_to web_url("statuses/#{@resource.id}")
    else
      render :error
    end
  end

  def create
    if @resource.is_a?(Account) && FollowService.new.call(current_account, @resource, with_rate_limit: true)
      render :success
    else
      render :error
    end
  rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
    render :error
  end

  private

  def set_resource
    @resource = located_resource || render(:error)
    authorize(@resource, :show?) if @resource.is_a?(Status)
  end

  def located_resource
    if uri_param_is_url?
      ResolveURLService.new.call(uri_param)
    else
      account_from_remote_follow
    end
  end

  def account_from_remote_follow
    ResolveAccountService.new.call(uri_param)
  end

  def uri_param_is_url?
    parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
  end

  def parsed_uri
    Addressable::URI.parse(uri_param).normalize
  end

  def uri_param
    params[:uri] || params.fetch(:acct, '').gsub(/\Aacct:/, '')
  end

  def set_body_classes
    @body_classes = 'modal-layout'
  end
end
Add remote interaction dialog for toots (#8202) * Add remote interaction dialog for toots * Change AuthorizeFollow into AuthorizeInteraction, support statuses * Update brakeman.ignore * Adjust how interaction buttons are display on public pages * Fix tests 2018-08-18 03:03:12 +02:00			`# frozen_string_literal: true`

			`class AuthorizeInteractionsController < ApplicationController`
			`include Authorization`

			`layout 'modal'`

			`before_action :authenticate_user!`
			`before_action :set_body_classes`
			`before_action :set_resource`

			`def show`
			`if @resource.is_a?(Account)`
			`render :show`
			`elsif @resource.is_a?(Status)`
			`redirect_to web_url("statuses/#{@resource.id}")`
			`else`
			`render :error`
			`end`
			`end`

			`def create`
Add specific rate limits for posting and following (#13172) 2020-03-08 15:17:39 +01:00			`if @resource.is_a?(Account) && FollowService.new.call(current_account, @resource, with_rate_limit: true)`
Add remote interaction dialog for toots (#8202) * Add remote interaction dialog for toots * Change AuthorizeFollow into AuthorizeInteraction, support statuses * Update brakeman.ignore * Adjust how interaction buttons are display on public pages * Fix tests 2018-08-18 03:03:12 +02:00			`render :success`
			`else`
			`render :error`
			`end`
			`rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError`
			`render :error`
			`end`

			`private`

			`def set_resource`
			`@resource = located_resource \|\| render(:error)`
			`authorize(@resource, :show?) if @resource.is_a?(Status)`
			`end`

			`def located_resource`
			`if uri_param_is_url?`
			`ResolveURLService.new.call(uri_param)`
			`else`
			`account_from_remote_follow`
			`end`
			`end`

			`def account_from_remote_follow`
			`ResolveAccountService.new.call(uri_param)`
			`end`

			`def uri_param_is_url?`
			`parsed_uri.path && %w(http https).include?(parsed_uri.scheme)`
			`end`

			`def parsed_uri`
			`Addressable::URI.parse(uri_param).normalize`
			`end`

			`def uri_param`
			`params[:uri] \|\| params.fetch(:acct, '').gsub(/\Aacct:/, '')`
			`end`

			`def set_body_classes`
			`@body_classes = 'modal-layout'`
			`end`
			`end`