mirror of
https://github.com/mastodon/mastodon.git
synced 2024-12-12 14:16:12 +01:00
Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225)
This commit is contained in:
parent
04fef7b888
commit
8e4cf6282b
@ -1,10 +1,12 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
class ActivityPub::OutboxesController < Api::BaseController
|
class ActivityPub::OutboxesController < Api::BaseController
|
||||||
|
include SignatureVerification
|
||||||
|
|
||||||
before_action :set_account
|
before_action :set_account
|
||||||
|
|
||||||
def show
|
def show
|
||||||
@statuses = @account.statuses.permitted_for(@account, current_account).paginate_by_max_id(20, params[:max_id], params[:since_id])
|
@statuses = @account.statuses.permitted_for(@account, signed_request_account).paginate_by_max_id(20, params[:max_id], params[:since_id])
|
||||||
@statuses = cache_collection(@statuses, Status)
|
@statuses = cache_collection(@statuses, Status)
|
||||||
|
|
||||||
render json: outbox_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
|
render json: outbox_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
|
||||||
|
11
app/controllers/concerns/signature_authentication.rb
Normal file
11
app/controllers/concerns/signature_authentication.rb
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
module SignatureAuthentication
|
||||||
|
extend ActiveSupport::Concern
|
||||||
|
|
||||||
|
include SignatureVerification
|
||||||
|
|
||||||
|
def current_account
|
||||||
|
super || signed_request_account
|
||||||
|
end
|
||||||
|
end
|
@ -1,6 +1,7 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
class StatusesController < ApplicationController
|
class StatusesController < ApplicationController
|
||||||
|
include SignatureAuthentication
|
||||||
include Authorization
|
include Authorization
|
||||||
|
|
||||||
layout 'public'
|
layout 'public'
|
||||||
|
Loading…
Reference in New Issue
Block a user