Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users
parent
f91b6fa9e1
commit
2d2154ba75
|
@ -30,6 +30,10 @@ class ApiController < ApplicationController
|
||||||
render json: { error: 'Remote SSL certificate could not be verified' }, status: 503
|
render json: { error: 'Remote SSL certificate could not be verified' }, status: 503
|
||||||
end
|
end
|
||||||
|
|
||||||
|
rescue_from Mastodon::NotPermitted do
|
||||||
|
render json: { error: 'This action is not allowed' }, status: 403
|
||||||
|
end
|
||||||
|
|
||||||
def doorkeeper_unauthorized_render_options(error: nil)
|
def doorkeeper_unauthorized_render_options(error: nil)
|
||||||
{ json: { error: (error.try(:description) || 'Not authorized') } }
|
{ json: { error: (error.try(:description) || 'Not authorized') } }
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,12 +1,13 @@
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
class Settings::ProfilesController < ApplicationController
|
class Settings::ProfilesController < ApplicationController
|
||||||
|
include ObfuscateFilename
|
||||||
|
|
||||||
layout 'auth'
|
layout 'auth'
|
||||||
|
|
||||||
before_action :authenticate_user!
|
before_action :authenticate_user!
|
||||||
before_action :set_account
|
before_action :set_account
|
||||||
|
|
||||||
include ObfuscateFilename
|
|
||||||
obfuscate_filename [:account, :avatar]
|
obfuscate_filename [:account, :avatar]
|
||||||
obfuscate_filename [:account, :header]
|
obfuscate_filename [:account, :header]
|
||||||
|
|
||||||
|
@ -23,7 +24,7 @@ class Settings::ProfilesController < ApplicationController
|
||||||
private
|
private
|
||||||
|
|
||||||
def account_params
|
def account_params
|
||||||
params.require(:account).permit(:display_name, :note, :avatar, :header)
|
params.require(:account).permit(:display_name, :note, :avatar, :header, :locked)
|
||||||
end
|
end
|
||||||
|
|
||||||
def set_account
|
def set_account
|
||||||
|
|
|
@ -0,0 +1,6 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
module Mastodon
|
||||||
|
class Error < StandardError; end
|
||||||
|
class NotPermitted < Error; end
|
||||||
|
end
|
|
@ -5,7 +5,10 @@ class BlockService < BaseService
|
||||||
return if account.id == target_account.id
|
return if account.id == target_account.id
|
||||||
|
|
||||||
UnfollowService.new.call(account, target_account) if account.following?(target_account)
|
UnfollowService.new.call(account, target_account) if account.following?(target_account)
|
||||||
|
UnfollowService.new.call(target_account, account) if target_account.following?(account)
|
||||||
|
|
||||||
account.block!(target_account)
|
account.block!(target_account)
|
||||||
|
|
||||||
clear_timelines(account, target_account)
|
clear_timelines(account, target_account)
|
||||||
clear_notifications(account, target_account)
|
clear_notifications(account, target_account)
|
||||||
end
|
end
|
||||||
|
|
|
@ -8,6 +8,7 @@ class FollowService < BaseService
|
||||||
target_account = follow_remote_account_service.call(uri)
|
target_account = follow_remote_account_service.call(uri)
|
||||||
|
|
||||||
raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended?
|
raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended?
|
||||||
|
raise Mastodon::NotPermitted if target_account.blocking?(source_account)
|
||||||
|
|
||||||
follow = source_account.follow!(target_account)
|
follow = source_account.follow!(target_account)
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,7 @@
|
||||||
= f.input :note, placeholder: t('simple_form.labels.defaults.note')
|
= f.input :note, placeholder: t('simple_form.labels.defaults.note')
|
||||||
= f.input :avatar, wrapper: :with_label
|
= f.input :avatar, wrapper: :with_label
|
||||||
= f.input :header, wrapper: :with_label
|
= f.input :header, wrapper: :with_label
|
||||||
|
= f.input :locked, as: :boolean, wrapper: :with_label
|
||||||
|
|
||||||
.actions
|
.actions
|
||||||
= f.button :button, t('generic.save_changes'), type: :submit
|
= f.button :button, t('generic.save_changes'), type: :submit
|
||||||
|
|
|
@ -2,6 +2,8 @@ require_relative 'boot'
|
||||||
|
|
||||||
require 'rails/all'
|
require 'rails/all'
|
||||||
|
|
||||||
|
require_relative '../app/lib/exceptions'
|
||||||
|
|
||||||
# Require the gems listed in Gemfile, including any gems
|
# Require the gems listed in Gemfile, including any gems
|
||||||
# you've limited to :test, :development, or :production.
|
# you've limited to :test, :development, or :production.
|
||||||
Bundler.require(*Rails.groups)
|
Bundler.require(*Rails.groups)
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
class AddLockedToAccounts < ActiveRecord::Migration[5.0]
|
||||||
|
def change
|
||||||
|
add_column :accounts, :locked, :boolean, null: false, default: false
|
||||||
|
end
|
||||||
|
end
|
|
@ -10,7 +10,7 @@
|
||||||
#
|
#
|
||||||
# It's strongly recommended that you check this file into your version control system.
|
# It's strongly recommended that you check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(version: 20161221152630) do
|
ActiveRecord::Schema.define(version: 20161222201034) do
|
||||||
|
|
||||||
# These are extensions that must be enabled in order to support this database
|
# These are extensions that must be enabled in order to support this database
|
||||||
enable_extension "plpgsql"
|
enable_extension "plpgsql"
|
||||||
|
@ -42,6 +42,7 @@ ActiveRecord::Schema.define(version: 20161221152630) do
|
||||||
t.datetime "subscription_expires_at"
|
t.datetime "subscription_expires_at"
|
||||||
t.boolean "silenced", default: false, null: false
|
t.boolean "silenced", default: false, null: false
|
||||||
t.boolean "suspended", default: false, null: false
|
t.boolean "suspended", default: false, null: false
|
||||||
|
t.boolean "locked", default: false, null: false
|
||||||
t.index ["username", "domain"], name: "index_accounts_on_username_and_domain", unique: true, using: :btree
|
t.index ["username", "domain"], name: "index_accounts_on_username_and_domain", unique: true, using: :btree
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue