util_controller.ex 9.17 KB
Newer Older
1
# Pleroma: A lightweight social networking server
2
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3
4
# SPDX-License-Identifier: AGPL-3.0-only

dtluna's avatar
dtluna committed
5
6
defmodule Pleroma.Web.TwitterAPI.UtilController do
  use Pleroma.Web, :controller
7

eal's avatar
eal committed
8
  require Logger
9

Maksim's avatar
Maksim committed
10
  alias Pleroma.Config
Haelwenn's avatar
Haelwenn committed
11
  alias Pleroma.Emoji
Maksim's avatar
Maksim committed
12
  alias Pleroma.Healthcheck
13
  alias Pleroma.Notification
14
  alias Pleroma.Plugs.OAuthScopesPlug
15
  alias Pleroma.User
16
  alias Pleroma.Web
Haelwenn's avatar
Haelwenn committed
17
18
  alias Pleroma.Web.CommonAPI
  alias Pleroma.Web.WebFinger
Roger Braun's avatar
Roger Braun committed
19

20
21
  plug(Pleroma.Web.FederatingPlug when action == :remote_subscribe)

22
23
24
  plug(
    OAuthScopesPlug,
    %{scopes: ["follow", "write:follows"]}
25
26
27
28
29
30
31
32
    when action == :follow_import
  )

  # Note: follower can submit the form (with password auth) not being signed in (having no token)
  plug(
    OAuthScopesPlug,
    %{fallback: :proceed_unauthenticated, scopes: ["follow", "write:follows"]}
    when action == :do_remote_follow
33
34
35
36
  )

  plug(OAuthScopesPlug, %{scopes: ["follow", "write:blocks"]} when action == :blocks_import)

37
38
39
40
  plug(
    OAuthScopesPlug,
    %{scopes: ["write:accounts"]}
    when action in [
41
           :change_email,
42
43
44
45
46
47
48
           :change_password,
           :delete_account,
           :update_notificaton_settings,
           :disable_account
         ]
  )

49
50
  plug(OAuthScopesPlug, %{scopes: ["write:notifications"]} when action == :notifications_read)

Maksim's avatar
Maksim committed
51
52
  plug(Pleroma.Plugs.SetFormatPlug when action in [:config, :version])

dtluna's avatar
dtluna committed
53
54
55
56
  def help_test(conn, _params) do
    json(conn, "ok")
  end

eal's avatar
eal committed
57
  def remote_subscribe(conn, %{"nickname" => nick, "profile" => _}) do
Maksim's avatar
Maksim committed
58
59
    with %User{} = user <- User.get_cached_by_nickname(nick),
         avatar = User.avatar_url(user) do
eal's avatar
eal committed
60
61
62
      conn
      |> render("subscribe.html", %{nickname: nick, avatar: avatar, error: false})
    else
lain's avatar
lain committed
63
64
65
66
67
68
      _e ->
        render(conn, "subscribe.html", %{
          nickname: nick,
          avatar: nil,
          error: "Could not find user"
        })
eal's avatar
eal committed
69
70
    end
  end
lain's avatar
lain committed
71

eal's avatar
eal committed
72
73
74
75
76
77
78
  def remote_subscribe(conn, %{"user" => %{"nickname" => nick, "profile" => profile}}) do
    with {:ok, %{"subscribe_address" => template}} <- WebFinger.finger(profile),
         %User{ap_id: ap_id} <- User.get_cached_by_nickname(nick) do
      conn
      |> Phoenix.Controller.redirect(external: String.replace(template, "{uri}", ap_id))
    else
      _e ->
lain's avatar
lain committed
79
80
81
82
83
        render(conn, "subscribe.html", %{
          nickname: nick,
          avatar: nil,
          error: "Something went wrong."
        })
eal's avatar
eal committed
84
85
86
    end
  end

87
88
89
90
91
92
93
94
95
96
97
  def notifications_read(%{assigns: %{user: user}} = conn, %{"id" => notification_id}) do
    with {:ok, _} <- Notification.read_one(user, notification_id) do
      json(conn, %{status: "success"})
    else
      {:error, message} ->
        conn
        |> put_resp_content_type("application/json")
        |> send_resp(403, Jason.encode!(%{"error" => message}))
    end
  end

Maksim's avatar
Maksim committed
98
  def config(%{assigns: %{format: "xml"}} = conn, _params) do
href's avatar
href committed
99
100
    instance = Pleroma.Config.get(:instance)

Maksim's avatar
Maksim committed
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
    response = """
    <config>
    <site>
    <name>#{Keyword.get(instance, :name)}</name>
    <site>#{Web.base_url()}</site>
    <textlimit>#{Keyword.get(instance, :limit)}</textlimit>
    <closed>#{!Keyword.get(instance, :registrations_open)}</closed>
    </site>
    </config>
    """

    conn
    |> put_resp_content_type("application/xml")
    |> send_resp(200, response)
  end
lain's avatar
lain committed
116

Maksim's avatar
Maksim committed
117
118
  def config(conn, _params) do
    instance = Pleroma.Config.get(:instance)
119

Maksim's avatar
Maksim committed
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
    vapid_public_key = Keyword.get(Pleroma.Web.Push.vapid_config(), :public_key)

    uploadlimit = %{
      uploadlimit: to_string(Keyword.get(instance, :upload_limit)),
      avatarlimit: to_string(Keyword.get(instance, :avatar_upload_limit)),
      backgroundlimit: to_string(Keyword.get(instance, :background_upload_limit)),
      bannerlimit: to_string(Keyword.get(instance, :banner_upload_limit))
    }

    data = %{
      name: Keyword.get(instance, :name),
      description: Keyword.get(instance, :description),
      server: Web.base_url(),
      textlimit: to_string(Keyword.get(instance, :limit)),
      uploadlimit: uploadlimit,
      closed: bool_to_val(Keyword.get(instance, :registrations_open), "0", "1"),
      private: bool_to_val(Keyword.get(instance, :public, true), "0", "1"),
      vapidPublicKey: vapid_public_key,
      accountActivationRequired:
        bool_to_val(Keyword.get(instance, :account_activation_required, false)),
      invitesEnabled: bool_to_val(Keyword.get(instance, :invites_enabled, false)),
      safeDMMentionsEnabled: bool_to_val(Pleroma.Config.get([:instance, :safe_dm_mentions]))
    }

    managed_config = Keyword.get(instance, :managed_config)

    data =
      if managed_config do
148
        pleroma_fe = Pleroma.Config.get([:frontend_configurations, :pleroma_fe])
Maksim's avatar
Maksim committed
149
150
151
152
        Map.put(data, "pleromafe", pleroma_fe)
      else
        data
      end
153

Maksim's avatar
Maksim committed
154
    json(conn, %{site: data})
lain's avatar
lain committed
155
156
  end

Maksim's avatar
Maksim committed
157
158
159
160
161
  defp bool_to_val(true), do: "1"
  defp bool_to_val(_), do: "0"
  defp bool_to_val(true, val, _), do: val
  defp bool_to_val(_, _, val), do: val

lain's avatar
lain committed
162
163
164
165
166
167
168
169
  def frontend_configurations(conn, _params) do
    config =
      Pleroma.Config.get(:frontend_configurations, %{})
      |> Enum.into(%{})

    json(conn, config)
  end

Maksim's avatar
Maksim committed
170
  def version(%{assigns: %{format: "xml"}} = conn, _params) do
href's avatar
href committed
171
    version = Pleroma.Application.named_version()
lain's avatar
lain committed
172

Maksim's avatar
Maksim committed
173
174
175
176
    conn
    |> put_resp_content_type("application/xml")
    |> send_resp(200, "<version>#{version}</version>")
  end
lain's avatar
lain committed
177

Maksim's avatar
Maksim committed
178
179
  def version(conn, _params) do
    json(conn, Pleroma.Application.named_version())
dtluna's avatar
dtluna committed
180
  end
eal's avatar
eal committed
181
182

  def emoji(conn, _params) do
183
    emoji =
Maksim's avatar
Maksim committed
184
185
      Enum.reduce(Emoji.get_all(), %{}, fn {code, %Emoji{file: file, tags: tags}}, acc ->
        Map.put(acc, code, %{image_url: file, tags: tags})
186
187
188
      end)

    json(conn, emoji)
eal's avatar
eal committed
189
  end
eal's avatar
eal committed
190

191
192
193
194
  def update_notificaton_settings(%{assigns: %{user: user}} = conn, params) do
    with {:ok, _} <- User.update_notification_settings(user, params) do
      json(conn, %{status: "success"})
    end
eal's avatar
eal committed
195
  end
eal's avatar
eal committed
196

197
198
199
  def follow_import(conn, %{"list" => %Plug.Upload{} = listfile}) do
    follow_import(conn, %{"list" => File.read!(listfile.path)})
  end
lain's avatar
lain committed
200

201
  def follow_import(%{assigns: %{user: follower}} = conn, %{"list" => list}) do
minibikini's avatar
minibikini committed
202
203
204
205
206
207
208
209
210
211
    followed_identifiers =
      list
      |> String.split("\n")
      |> Enum.map(&(&1 |> String.split(",") |> List.first()))
      |> List.delete("Account address")
      |> Enum.map(&(&1 |> String.trim() |> String.trim_leading("@")))
      |> Enum.reject(&(&1 == ""))

    User.follow_import(follower, followed_identifiers)
    json(conn, "job started")
eal's avatar
eal committed
212
  end
213

214
215
216
217
  def blocks_import(conn, %{"list" => %Plug.Upload{} = listfile}) do
    blocks_import(conn, %{"list" => File.read!(listfile.path)})
  end

218
  def blocks_import(%{assigns: %{user: blocker}} = conn, %{"list" => list}) do
minibikini's avatar
minibikini committed
219
220
    User.blocks_import(blocker, _blocked_identifiers = String.split(list))
    json(conn, "job started")
221
222
  end

223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
  def change_password(%{assigns: %{user: user}} = conn, params) do
    case CommonAPI.Utils.confirm_current_password(user, params["password"]) do
      {:ok, user} ->
        with {:ok, _user} <-
               User.reset_password(user, %{
                 password: params["new_password"],
                 password_confirmation: params["new_password_confirmation"]
               }) do
          json(conn, %{status: "success"})
        else
          {:error, changeset} ->
            {_, {error, _}} = Enum.at(changeset.errors, 0)
            json(conn, %{error: "New password #{error}."})

          _ ->
            json(conn, %{error: "Unable to change password."})
        end

      {:error, msg} ->
        json(conn, %{error: msg})
    end
  end

minibikini's avatar
minibikini committed
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
  def change_email(%{assigns: %{user: user}} = conn, params) do
    case CommonAPI.Utils.confirm_current_password(user, params["password"]) do
      {:ok, user} ->
        with {:ok, _user} <- User.change_email(user, params["email"]) do
          json(conn, %{status: "success"})
        else
          {:error, changeset} ->
            {_, {error, _}} = Enum.at(changeset.errors, 0)
            json(conn, %{error: "Email #{error}."})

          _ ->
            json(conn, %{error: "Unable to change email."})
        end

      {:error, msg} ->
        json(conn, %{error: msg})
    end
  end

265
  def delete_account(%{assigns: %{user: user}} = conn, params) do
266
267
268
    password = params["password"] || ""

    case CommonAPI.Utils.confirm_current_password(user, password) do
269
      {:ok, user} ->
270
        User.delete(user)
271
        json(conn, %{status: "success"})
272
273
274
275
276

      {:error, msg} ->
        json(conn, %{error: msg})
    end
  end
277

278
279
280
  def disable_account(%{assigns: %{user: user}} = conn, params) do
    case CommonAPI.Utils.confirm_current_password(user, params["password"]) do
      {:ok, user} ->
281
        User.deactivate_async(user)
282
283
284
285
286
287
288
        json(conn, %{status: "success"})

      {:error, msg} ->
        json(conn, %{error: msg})
    end
  end

289
290
291
  def captcha(conn, _params) do
    json(conn, Pleroma.Captcha.new())
  end
292
293

  def healthcheck(conn, _params) do
Maksim's avatar
Maksim committed
294
295
296
297
298
299
    with true <- Config.get([:instance, :healthcheck]),
         %{healthy: true} = info <- Healthcheck.system_info() do
      json(conn, info)
    else
      %{healthy: false} = info ->
        service_unavailable(conn, info)
300

Maksim's avatar
Maksim committed
301
302
303
304
      _ ->
        service_unavailable(conn, %{})
    end
  end
305

Maksim's avatar
Maksim committed
306
307
308
309
  defp service_unavailable(conn, info) do
    conn
    |> put_status(:service_unavailable)
    |> json(info)
310
  end
dtluna's avatar
dtluna committed
311
end