Account endorsements

Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2021-11-29 12:43:29 +01:00 · 2021-11-29 12:43:29 +01:00 · a9b0027071
commit a9b0027071
parent c97f99ccf2
9 changed files with 179 additions and 18 deletions
--- a/lib/pleroma/web/api_spec/operations/account_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/account_operation.ex
@ -328,6 +328,35 @@ defmodule Pleroma.Web.ApiSpec.AccountOperation do
    }
  end

+  def endorse_operation do
+    %Operation{
+      tags: ["Account actions"],
+      summary: "Endorse",
+      operationId: "AccountController.endorse",
+      security: [%{"oAuth" => ["follow", "write:accounts"]}],
+      description:
+        "Addds the given account to endorsed accounts list.",
+      parameters: [%Reference{"$ref": "#/components/parameters/accountIdOrNickname"}],
+      responses: %{
+        200 => Operation.response("Relationship", "application/json", AccountRelationship)
+      }
+    }
+  end
+
+  def unendorse_operation do
+    %Operation{
+      tags: ["Account actions"],
+      summary: "Unendorse",
+      operationId: "AccountController.unendorse",
+      security: [%{"oAuth" => ["follow", "write:accounts"]}],
+      description: "Removes the given account from endorsed accounts list.",
+      parameters: [%Reference{"$ref": "#/components/parameters/accountIdOrNickname"}],
+      responses: %{
+        200 => Operation.response("Relationship", "application/json", AccountRelationship)
+      }
+    }
+  end
+
  def follow_by_uri_operation do
    %Operation{
      tags: ["Account actions"],
--- a/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex
@ -7,6 +7,7 @@ defmodule Pleroma.Web.ApiSpec.PleromaAccountOperation do
  alias Pleroma.Web.ApiSpec.Schemas.AccountRelationship
  alias Pleroma.Web.ApiSpec.Schemas.ApiError
  alias Pleroma.Web.ApiSpec.Schemas.FlakeID
+  alias Pleroma.Web.ApiSpec.AccountOperation
  alias Pleroma.Web.ApiSpec.StatusOperation

  import Pleroma.Web.ApiSpec.Helpers
@ -62,6 +63,27 @@ defmodule Pleroma.Web.ApiSpec.PleromaAccountOperation do
    }
  end

+  def endorsements_operation do
+    %Operation{
+      tags: ["Retrieve account information"],
+      summary: "Endorsements",
+      description: "Returns endorsed accounts",
+      operationId: "PleromaAPI.AccountController.endorsements",
+      parameters: [id_param() | pagination_params()],
+      security: [%{"oAuth" => ["read:account"]}],
+      responses: %{
+        200 =>
+          Operation.response(
+            "Array of Accounts",
+            "application/json",
+            AccountOperation.array_of_accounts()
+          ),
+        403 => Operation.response("Forbidden", "application/json", ApiError),
+        404 => Operation.response("Not Found", "application/json", ApiError)
+      }
+    }
+  end
+
  def subscribe_operation do
    %Operation{
      tags: ["Account actions"],
--- a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
@ -53,7 +53,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
    when action in [:verify_credentials, :endorsements, :identity_proofs]
  )

-  plug(OAuthScopesPlug, %{scopes: ["write:accounts"]} when action == :update_credentials)
+  plug(
+    OAuthScopesPlug,
+    %{scopes: ["write:accounts"]} when action in [:update_credentials, :endorse, :unendorse]
+  )

  plug(OAuthScopesPlug, %{scopes: ["read:lists"]} when action == :lists)

@ -79,7 +82,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
  plug(OAuthScopesPlug, %{scopes: ["follow", "write:mutes"]} when action in [:mute, :unmute])

  @relationship_actions [:follow, :unfollow]
-  @needs_account ~W(followers following lists follow unfollow mute unmute block unblock)a
+  @needs_account ~W(followers following lists follow unfollow mute unmute block unblock endorse unendorse)a

  plug(
    RateLimiter,
@ -435,6 +438,24 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
    end
  end

+  @doc "POST /api/v1/accounts/:id/mute"
+  def endorse(%{assigns: %{user: endorser, account: endorsed}} = conn, _params) do
+    with {:ok, _user_relationships} <- User.endorse(endorser, endorsed) do
+      render(conn, "relationship.json", user: endorser, target: endorsed)
+    else
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
+    end
+  end
+
+  @doc "POST /api/v1/accounts/:id/unmute"
+  def unendorse(%{assigns: %{user: endorser, account: endorsed}} = conn, _params) do
+    with {:ok, _user_relationships} <- User.unendorse(endorser, endorsed) do
+      render(conn, "relationship.json", user: endorser, target: endorsed)
+    else
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
+    end
+  end
+
  @doc "POST /api/v1/follows"
  def follow_by_uri(%{body_params: %{uri: uri}} = conn, _) do
    case User.get_cached_by_nickname(uri) do
@ -478,7 +499,21 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
  end

  @doc "GET /api/v1/endorsements"
-  def endorsements(conn, params), do: MastodonAPIController.empty_array(conn, params)
+  def endorsements(%{assigns: %{user: user}} = conn, params) do
+    users =
+      user
+      |> User.endorsed_users_relation(_restrict_deactivated = true)
+      |> Pleroma.Pagination.fetch_paginated(Map.put(params, :skip_order, true))
+
+    conn
+    |> add_link_headers(users)
+    |> render("index.json",
+      users: users,
+      for: user,
+      as: :user,
+      embed_relationships: embed_relationships?(params)
+    )
+  end

  @doc "GET /api/v1/identity_proofs"
  def identity_proofs(conn, params), do: MastodonAPIController.empty_array(conn, params)
--- a/lib/pleroma/web/mastodon_api/views/account_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/account_view.ex
@ -156,7 +156,14 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
          target,
          &User.muting_reblogs?(&1, &2)
        ),
-      endorsed: false
+      endorsed:
+        UserRelationship.exists?(
+          user_relationships,
+          :endorsement,
+          target,
+          reading_user,
+          &User.endorses?(&2, &1)
+        ),
    }
  end

--- a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
@ -6,7 +6,12 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
  use Pleroma.Web, :controller

  import Pleroma.Web.ControllerHelper,
-    only: [json_response: 3, add_link_headers: 2, assign_account_by_id: 2]
+    only: [
+      json_response: 3,
+      add_link_headers: 2,
+      embed_relationships?: 1,
+      assign_account_by_id: 2
+    ]

  alias Pleroma.User
  alias Pleroma.Web.ActivityPub.ActivityPub
@ -40,9 +45,15 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
    %{scopes: ["read:favourites"], fallback: :proceed_unauthenticated} when action == :favourites
  )

+  plug(
+    OAuthScopesPlug,
+    %{fallback: :proceed_unauthenticated, scopes: ["read:accounts"]}
+    when action == :endorsements
+  )
+
  plug(RateLimiter, [name: :account_confirmation_resend] when action == :confirmation_resend)

-  plug(:assign_account_by_id when action in [:favourites, :subscribe, :unsubscribe])
+  plug(:assign_account_by_id when action in [:favourites, :endorsements, :subscribe, :unsubscribe])

  defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaAccountOperation

@ -90,6 +101,23 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
    )
  end

+  @doc "GET /api/v1/pleroma/accounts/:id/endorsements"
+  def endorsements(%{assigns: %{user: for_user, account: user}} = conn, params) do
+    users =
+      user
+      |> User.endorsed_users_relation(_restrict_deactivated = true)
+      |> Pleroma.Pagination.fetch_paginated(Map.put(params, :skip_order, true))
+
+    conn
+    |> add_link_headers(users)
+    |> render("index.json",
+      for: for_user,
+      users: users,
+      as: :user,
+      embed_relationships: embed_relationships?(params)
+    )
+  end
+
  @doc "POST /api/v1/pleroma/accounts/:id/subscribe"
  def subscribe(%{assigns: %{user: user, account: subscription_target}} = conn, _params) do
    with {:ok, _subscription} <- User.subscribe(user, subscription_target) do
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -411,6 +411,7 @@ defmodule Pleroma.Web.Router do
    scope [] do
      pipe_through(:api)
      get("/accounts/:id/favourites", AccountController, :favourites)
+      get("/accounts/:id/endorsements", AccountController, :endorsements)
    end

    scope [] do
@ -456,6 +457,8 @@ defmodule Pleroma.Web.Router do
    post("/accounts/:id/unblock", AccountController, :unblock)
    post("/accounts/:id/mute", AccountController, :mute)
    post("/accounts/:id/unmute", AccountController, :unmute)
+    post("/accounts/:id/pin", AccountController, :endorse)
+    post("/accounts/:id/unpin", AccountController, :unendorse)

    get("/conversations", ConversationController, :index)
    post("/conversations/:id/read", ConversationController, :mark_as_read)