mirror
/
wildebeest
kopia lustrzana https://github.com/cloudflare/wildebeest
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Merge pull request #309 from cloudflare/public-statuses 

/api/v1/statuses should be public for public statuses
pull/321/head
Sven Sauleau 2023-02-20 14:39:03 +00:00 zatwierdzone przez GitHub
rodzic e464d6f988 2937e9ffc9
commit 45e07b2bac
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 4AEE18F83AFDEB23
3 zmienionych plików z 20 dodań i 6 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

1
backend/src/middleware/main.ts
Wyświetl plik

@ -49,6 +49,7 @@ export async function main(context: EventContext<Env, any, any>) {
if (
url.pathname === '/oauth/token' ||
url.pathname === '/oauth/authorize' || // Cloudflare Access runs on /oauth/authorize
/^\/api\/v1\/statuses\/.*(?<!(reblog|favourite))$/.test(url.pathname) || // Unless private https://docs.joinmastodon.org/methods/statuses/#get
url.pathname === '/api/v1/instance' ||
url.pathname === '/api/v2/instance' ||
url.pathname === '/api/v1/instance/peers' ||

6
backend/test/mastodon/statuses.spec.ts
Wyświetl plik

@ -546,7 +546,7 @@ describe('Mastodon APIs', () => {
await insertLike(db, actor2, note)
await insertLike(db, actor3, note)
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain)
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain, actor)
assert.equal(res.status, 200)
const data = await res.json<any>()
@ -562,7 +562,7 @@ describe('Mastodon APIs', () => {
const mediaAttachments = [await createImage(domain, db, actor, properties)]
const note = await createPublicNote(domain, db, 'my first status', actor, mediaAttachments)
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain)
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain, actor)
assert.equal(res.status, 200)
const data = await res.json<any>()
@ -601,7 +601,7 @@ describe('Mastodon APIs', () => {
await insertReblog(db, actor2, note)
await insertReblog(db, actor3, note)
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain)
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain, actor)
assert.equal(res.status, 200)
const data = await res.json<any>()

19
functions/api/v1/statuses/[id].ts
Wyświetl plik

@ -17,9 +17,9 @@ import type { Queue, DeliverMessageBody } from 'wildebeest/backend/src/types/que
import * as timeline from 'wildebeest/backend/src/mastodon/timeline'
import { cacheFromEnv } from 'wildebeest/backend/src/cache'
export const onRequestGet: PagesFunction<Env, any, ContextData> = async ({ params, env, request }) => {
export const onRequestGet: PagesFunction<Env, any, ContextData> = async ({ params, env, request, data }) => {
const domain = new URL(request.url).hostname
return handleRequestGet(env.DATABASE, params.id as UUID, domain)
return handleRequestGet(env.DATABASE, params.id as UUID, domain, data.connectedActor)
}
export const onRequestDelete: PagesFunction<Env, any, ContextData> = async ({ params, env, request, data }) => {
@ -35,12 +35,25 @@ export const onRequestDelete: PagesFunction<Env, any, ContextData> = async ({ pa
)
}
export async function handleRequestGet(db: D1Database, id: UUID, domain: string): Promise<Response> {
export async function handleRequestGet(
db: D1Database,
id: UUID,
domain: string,
// eslint-disable-next-line @typescript-eslint/no-unused-vars -- To be used when we implement private statuses
connectedActor: Person
): Promise<Response> {
const status = await getMastodonStatusById(db, id, domain)
if (status === null) {
return new Response('', { status: 404 })
}
// future validation for private statuses
/*
if (status.private && status.account.id !== urlToHandle(connectedActor.id)) {
return errors.notAuthorized("status is private");
}
*/
const headers = {
...cors(),
'content-type': 'application/json; charset=utf-8',