kopia lustrzana https://github.com/cloudflare/wildebeest
Merge pull request #309 from cloudflare/public-statuses
/api/v1/statuses should be public for public statusespull/321/head
commit
45e07b2bac
|
@ -49,6 +49,7 @@ export async function main(context: EventContext<Env, any, any>) {
|
||||||
if (
|
if (
|
||||||
url.pathname === '/oauth/token' ||
|
url.pathname === '/oauth/token' ||
|
||||||
url.pathname === '/oauth/authorize' || // Cloudflare Access runs on /oauth/authorize
|
url.pathname === '/oauth/authorize' || // Cloudflare Access runs on /oauth/authorize
|
||||||
|
/^\/api\/v1\/statuses\/.*(?<!(reblog|favourite))$/.test(url.pathname) || // Unless private https://docs.joinmastodon.org/methods/statuses/#get
|
||||||
url.pathname === '/api/v1/instance' ||
|
url.pathname === '/api/v1/instance' ||
|
||||||
url.pathname === '/api/v2/instance' ||
|
url.pathname === '/api/v2/instance' ||
|
||||||
url.pathname === '/api/v1/instance/peers' ||
|
url.pathname === '/api/v1/instance/peers' ||
|
||||||
|
|
|
@ -546,7 +546,7 @@ describe('Mastodon APIs', () => {
|
||||||
await insertLike(db, actor2, note)
|
await insertLike(db, actor2, note)
|
||||||
await insertLike(db, actor3, note)
|
await insertLike(db, actor3, note)
|
||||||
|
|
||||||
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain)
|
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain, actor)
|
||||||
assert.equal(res.status, 200)
|
assert.equal(res.status, 200)
|
||||||
|
|
||||||
const data = await res.json<any>()
|
const data = await res.json<any>()
|
||||||
|
@ -562,7 +562,7 @@ describe('Mastodon APIs', () => {
|
||||||
const mediaAttachments = [await createImage(domain, db, actor, properties)]
|
const mediaAttachments = [await createImage(domain, db, actor, properties)]
|
||||||
const note = await createPublicNote(domain, db, 'my first status', actor, mediaAttachments)
|
const note = await createPublicNote(domain, db, 'my first status', actor, mediaAttachments)
|
||||||
|
|
||||||
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain)
|
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain, actor)
|
||||||
assert.equal(res.status, 200)
|
assert.equal(res.status, 200)
|
||||||
|
|
||||||
const data = await res.json<any>()
|
const data = await res.json<any>()
|
||||||
|
@ -601,7 +601,7 @@ describe('Mastodon APIs', () => {
|
||||||
await insertReblog(db, actor2, note)
|
await insertReblog(db, actor2, note)
|
||||||
await insertReblog(db, actor3, note)
|
await insertReblog(db, actor3, note)
|
||||||
|
|
||||||
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain)
|
const res = await statuses_id.handleRequestGet(db, note[mastodonIdSymbol]!, domain, actor)
|
||||||
assert.equal(res.status, 200)
|
assert.equal(res.status, 200)
|
||||||
|
|
||||||
const data = await res.json<any>()
|
const data = await res.json<any>()
|
||||||
|
|
|
@ -17,9 +17,9 @@ import type { Queue, DeliverMessageBody } from 'wildebeest/backend/src/types/que
|
||||||
import * as timeline from 'wildebeest/backend/src/mastodon/timeline'
|
import * as timeline from 'wildebeest/backend/src/mastodon/timeline'
|
||||||
import { cacheFromEnv } from 'wildebeest/backend/src/cache'
|
import { cacheFromEnv } from 'wildebeest/backend/src/cache'
|
||||||
|
|
||||||
export const onRequestGet: PagesFunction<Env, any, ContextData> = async ({ params, env, request }) => {
|
export const onRequestGet: PagesFunction<Env, any, ContextData> = async ({ params, env, request, data }) => {
|
||||||
const domain = new URL(request.url).hostname
|
const domain = new URL(request.url).hostname
|
||||||
return handleRequestGet(env.DATABASE, params.id as UUID, domain)
|
return handleRequestGet(env.DATABASE, params.id as UUID, domain, data.connectedActor)
|
||||||
}
|
}
|
||||||
|
|
||||||
export const onRequestDelete: PagesFunction<Env, any, ContextData> = async ({ params, env, request, data }) => {
|
export const onRequestDelete: PagesFunction<Env, any, ContextData> = async ({ params, env, request, data }) => {
|
||||||
|
@ -35,12 +35,25 @@ export const onRequestDelete: PagesFunction<Env, any, ContextData> = async ({ pa
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function handleRequestGet(db: D1Database, id: UUID, domain: string): Promise<Response> {
|
export async function handleRequestGet(
|
||||||
|
db: D1Database,
|
||||||
|
id: UUID,
|
||||||
|
domain: string,
|
||||||
|
// eslint-disable-next-line @typescript-eslint/no-unused-vars -- To be used when we implement private statuses
|
||||||
|
connectedActor: Person
|
||||||
|
): Promise<Response> {
|
||||||
const status = await getMastodonStatusById(db, id, domain)
|
const status = await getMastodonStatusById(db, id, domain)
|
||||||
if (status === null) {
|
if (status === null) {
|
||||||
return new Response('', { status: 404 })
|
return new Response('', { status: 404 })
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// future validation for private statuses
|
||||||
|
/*
|
||||||
|
if (status.private && status.account.id !== urlToHandle(connectedActor.id)) {
|
||||||
|
return errors.notAuthorized("status is private");
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
const headers = {
|
const headers = {
|
||||||
...cors(),
|
...cors(),
|
||||||
'content-type': 'application/json; charset=utf-8',
|
'content-type': 'application/json; charset=utf-8',
|
||||||
|
|
Ładowanie…
Reference in New Issue