list timeline filtration by params

2021-01-26 16:55:44 +03:00 · 2021-01-26 16:55:44 +03:00 · 2cb6dc5a3a
commit 2cb6dc5a3a
parent e21af1cfe4
4 changed files with 145 additions and 76 deletions
--- a/lib/pleroma/web/api_spec/operations/timeline_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/timeline_operation.ex
@ -25,7 +25,7 @@ defmodule Pleroma.Web.ApiSpec.TimelineOperation do
      security: [%{"oAuth" => ["read:statuses"]}],
      parameters: [
        local_param(),
-        remote_param(),
+        only_remote_param(),
        only_media_param(),
        with_muted_param(),
        exclude_visibilities_param(),
@ -134,6 +134,9 @@ defmodule Pleroma.Web.ApiSpec.TimelineOperation do
          required: true
        ),
        with_muted_param(),
+        local_param(),
+        only_remote_param(),
+        only_media_param(),
        exclude_visibilities_param() | pagination_params()
      ],
      operationId: "TimelineController.list",
@ -201,7 +204,7 @@ defmodule Pleroma.Web.ApiSpec.TimelineOperation do
    )
  end

-  defp remote_param do
+  defp only_remote_param do
    Operation.parameter(
      :only_remote,
      :query,
--- a/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex
@ -192,6 +192,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
        |> Map.put(:blocking_user, user)
        |> Map.put(:user, user)
        |> Map.put(:muting_user, user)
+        |> Map.put(:local_only, params[:local])

      # we must filter the following list for the user to avoid leaking statuses the user
      # does not actually have permission to see (for more info, peruse security issue #270).