logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git

o_status_controller.ex (4552B)

    

  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  5. defmodule Pleroma.Web.OStatus.OStatusController do
  6.   use Pleroma.Web, :controller
  8.   alias Pleroma.Activity
  9.   alias Pleroma.Object
  10.   alias Pleroma.User
  11.   alias Pleroma.Web.ActivityPub.ActivityPubController
  12.   alias Pleroma.Web.ActivityPub.Visibility
  13.   alias Pleroma.Web.Endpoint
  14.   alias Pleroma.Web.Fallback.RedirectController
  15.   alias Pleroma.Web.Metadata.PlayerView
  16.   alias Pleroma.Web.Plugs.RateLimiter
  17.   alias Pleroma.Web.Router
  19.   plug(
  20.     RateLimiter,
  21.     [name: :ap_routes, params: ["uuid"]] when action in [:object, :activity]
  22.   )
  24.   plug(
  25.     Pleroma.Web.Plugs.SetFormatPlug
  26.     when action in [:object, :activity, :notice]
  27.   )
  29.   action_fallback(:errors)
  31.   def object(%{assigns: %{format: format}} = conn, _params)
  32.       when format in ["json", "activity+json"] do
  33.     ActivityPubController.call(conn, :object)
  34.   end
  36.   def object(conn, _params) do
  37.     with id <- Endpoint.url() <> conn.request_path,
  38.          {_, %Activity{} = activity} <-
  39.            {:activity, Activity.get_create_by_object_ap_id_with_object(id)},
  40.          {_, true} <- {:public?, Visibility.public?(activity)} do
  41.       redirect(conn, to: "/notice/#{activity.id}")
  42.     else
  43.       reason when reason in [{:public?, false}, {:activity, nil}] ->
  44.         {:error, :not_found}
  46.       e ->
  47.         e
  48.     end
  49.   end
  51.   def activity(%{assigns: %{format: format}} = conn, _params)
  52.       when format in ["json", "activity+json"] do
  53.     ActivityPubController.call(conn, :activity)
  54.   end
  56.   def activity(conn, _params) do
  57.     with id <- Endpoint.url() <> conn.request_path,
  58.          {_, %Activity{} = activity} <- {:activity, Activity.normalize(id)},
  59.          {_, true} <- {:public?, Visibility.public?(activity)} do
  60.       redirect(conn, to: "/notice/#{activity.id}")
  61.     else
  62.       reason when reason in [{:public?, false}, {:activity, nil}] ->
  63.         {:error, :not_found}
  65.       e ->
  66.         e
  67.     end
  68.   end
  70.   def notice(%{assigns: %{format: format}} = conn, %{"id" => id}) do
  71.     with {_, %Activity{} = activity} <- {:activity, Activity.get_by_id_with_object(id)},
  72.          {_, true} <- {:public?, Visibility.public?(activity)},
  73.          %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do
  74.       cond do
  75.         format in ["json", "activity+json"] ->
  76.           %{data: %{"id" => redirect_url}} = Object.normalize(activity, fetch: false)
  77.           redirect(conn, external: redirect_url)
  79.         activity.data["type"] == "Create" ->
  80.           %Object{} = object = Object.normalize(activity, fetch: false)
  82.           RedirectController.redirector_with_meta(
  83.             conn,
  84.             %{
  85.               activity_id: activity.id,
  86.               object: object,
  87.               url: Router.Helpers.o_status_url(Endpoint, :notice, activity.id),
  88.               user: user
  89.             }
  90.           )
  92.         true ->
  93.           RedirectController.redirector(conn, nil)
  94.       end
  95.     else
  96.       reason when reason in [{:public?, false}, {:activity, nil}] ->
  97.         conn
  98.         |> put_status(404)
  99.         |> RedirectController.redirector(nil, 404)
  101.       e ->
  102.         e
  103.     end
  104.   end
  106.   # Returns an HTML embedded <audio> or <video> player suitable for embed iframes.
  107.   def notice_player(conn, %{"id" => id}) do
  108.     with %Activity{data: %{"type" => "Create"}} = activity <- Activity.get_by_id_with_object(id),
  109.          true <- Visibility.public?(activity),
  110.          {_, true} <- {:visible?, Visibility.visible_for_user?(activity, _reading_user = nil)},
  111.          %Object{} = object <- Object.normalize(activity, fetch: false),
  112.          %{data: %{"attachment" => [%{"url" => [url | _]} | _]}} <- object,
  113.          true <- String.starts_with?(url["mediaType"], ["audio", "video"]) do
  114.       conn
  115.       |> put_resp_header("x-frame-options", "ALLOW")
  116.       |> put_resp_header(
  117.         "content-security-policy",
  118.         "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
  119.       )
  120.       |> put_view(PlayerView)
  121.       |> render("player.html", url)
  122.     else
  123.       _error ->
  124.         conn
  125.         |> put_status(404)
  126.         |> RedirectController.redirector(nil, 404)
  127.     end
  128.   end
  130.   defp errors(conn, {:error, :not_found}) do
  131.     render_error(conn, :not_found, "Not found")
  132.   end
  134.   defp errors(conn, {:fetch_user, nil}), do: errors(conn, {:error, :not_found})
  136.   defp errors(conn, _) do
  137.     render_error(conn, :internal_server_error, "Something went wrong")
  138.   end
  139. end