util_controller.ex 7.02 KB
Newer Older
1
# Pleroma: A lightweight social networking server
2
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3
4
# SPDX-License-Identifier: AGPL-3.0-only

dtluna's avatar
dtluna committed
5
6
defmodule Pleroma.Web.TwitterAPI.UtilController do
  use Pleroma.Web, :controller
7

eal's avatar
eal committed
8
  require Logger
9

Maksim's avatar
Maksim committed
10
  alias Pleroma.Config
Haelwenn's avatar
Haelwenn committed
11
  alias Pleroma.Emoji
Maksim's avatar
Maksim committed
12
  alias Pleroma.Healthcheck
13
  alias Pleroma.Notification
14
  alias Pleroma.Plugs.OAuthScopesPlug
15
  alias Pleroma.User
Haelwenn's avatar
Haelwenn committed
16
17
  alias Pleroma.Web.CommonAPI
  alias Pleroma.Web.WebFinger
Roger Braun's avatar
Roger Braun committed
18

19
20
  plug(Pleroma.Web.FederatingPlug when action == :remote_subscribe)

21
22
23
  plug(
    OAuthScopesPlug,
    %{scopes: ["follow", "write:follows"]}
24
25
26
27
28
29
30
31
    when action == :follow_import
  )

  # Note: follower can submit the form (with password auth) not being signed in (having no token)
  plug(
    OAuthScopesPlug,
    %{fallback: :proceed_unauthenticated, scopes: ["follow", "write:follows"]}
    when action == :do_remote_follow
32
33
34
35
  )

  plug(OAuthScopesPlug, %{scopes: ["follow", "write:blocks"]} when action == :blocks_import)

36
37
38
39
  plug(
    OAuthScopesPlug,
    %{scopes: ["write:accounts"]}
    when action in [
40
           :change_email,
41
42
43
44
45
46
47
           :change_password,
           :delete_account,
           :update_notificaton_settings,
           :disable_account
         ]
  )

48
49
  plug(OAuthScopesPlug, %{scopes: ["write:notifications"]} when action == :notifications_read)

eal's avatar
eal committed
50
  def remote_subscribe(conn, %{"nickname" => nick, "profile" => _}) do
Maksim's avatar
Maksim committed
51
52
    with %User{} = user <- User.get_cached_by_nickname(nick),
         avatar = User.avatar_url(user) do
eal's avatar
eal committed
53
54
55
      conn
      |> render("subscribe.html", %{nickname: nick, avatar: avatar, error: false})
    else
lain's avatar
lain committed
56
57
58
59
60
61
      _e ->
        render(conn, "subscribe.html", %{
          nickname: nick,
          avatar: nil,
          error: "Could not find user"
        })
eal's avatar
eal committed
62
63
    end
  end
lain's avatar
lain committed
64

eal's avatar
eal committed
65
66
67
68
69
70
71
  def remote_subscribe(conn, %{"user" => %{"nickname" => nick, "profile" => profile}}) do
    with {:ok, %{"subscribe_address" => template}} <- WebFinger.finger(profile),
         %User{ap_id: ap_id} <- User.get_cached_by_nickname(nick) do
      conn
      |> Phoenix.Controller.redirect(external: String.replace(template, "{uri}", ap_id))
    else
      _e ->
lain's avatar
lain committed
72
73
74
75
76
        render(conn, "subscribe.html", %{
          nickname: nick,
          avatar: nil,
          error: "Something went wrong."
        })
eal's avatar
eal committed
77
78
79
    end
  end

80
81
82
83
84
85
86
87
88
89
90
  def notifications_read(%{assigns: %{user: user}} = conn, %{"id" => notification_id}) do
    with {:ok, _} <- Notification.read_one(user, notification_id) do
      json(conn, %{status: "success"})
    else
      {:error, message} ->
        conn
        |> put_resp_content_type("application/json")
        |> send_resp(403, Jason.encode!(%{"error" => message}))
    end
  end

91
92
93
94
95
96
97
98
99
100
101
102
  # Deprecated in favor of `/nodeinfo`
  # https://git.pleroma.social/pleroma/pleroma/-/merge_requests/2327
  # https://git.pleroma.social/pleroma/pleroma-fe/-/merge_requests/1084
  def config(conn, _params) do
    json(conn, %{
      site: %{
        textlimit: to_string(Config.get([:instance, :limit])),
        vapidPublicKey: Keyword.get(Pleroma.Web.Push.vapid_config(), :public_key)
      }
    })
  end

lain's avatar
lain committed
103
104
105
106
107
108
109
110
  def frontend_configurations(conn, _params) do
    config =
      Pleroma.Config.get(:frontend_configurations, %{})
      |> Enum.into(%{})

    json(conn, config)
  end

eal's avatar
eal committed
111
  def emoji(conn, _params) do
112
    emoji =
Maksim's avatar
Maksim committed
113
114
      Enum.reduce(Emoji.get_all(), %{}, fn {code, %Emoji{file: file, tags: tags}}, acc ->
        Map.put(acc, code, %{image_url: file, tags: tags})
115
116
117
      end)

    json(conn, emoji)
eal's avatar
eal committed
118
  end
eal's avatar
eal committed
119

120
121
122
123
  def update_notificaton_settings(%{assigns: %{user: user}} = conn, params) do
    with {:ok, _} <- User.update_notification_settings(user, params) do
      json(conn, %{status: "success"})
    end
eal's avatar
eal committed
124
  end
eal's avatar
eal committed
125

126
127
128
  def follow_import(conn, %{"list" => %Plug.Upload{} = listfile}) do
    follow_import(conn, %{"list" => File.read!(listfile.path)})
  end
lain's avatar
lain committed
129

130
  def follow_import(%{assigns: %{user: follower}} = conn, %{"list" => list}) do
131
132
133
134
135
    with lines <- String.split(list, "\n"),
         followed_identifiers <-
           Enum.map(lines, fn line ->
             String.split(line, ",") |> List.first()
           end)
136
           |> List.delete("Account address") do
137
      User.follow_import(follower, followed_identifiers)
138
139
      json(conn, "job started")
    end
eal's avatar
eal committed
140
  end
141

142
143
144
145
  def blocks_import(conn, %{"list" => %Plug.Upload{} = listfile}) do
    blocks_import(conn, %{"list" => File.read!(listfile.path)})
  end

146
  def blocks_import(%{assigns: %{user: blocker}} = conn, %{"list" => list}) do
147
    with blocked_identifiers <- String.split(list) do
148
      User.blocks_import(blocker, blocked_identifiers)
149
150
      json(conn, "job started")
    end
151
152
  end

153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
  def change_password(%{assigns: %{user: user}} = conn, params) do
    case CommonAPI.Utils.confirm_current_password(user, params["password"]) do
      {:ok, user} ->
        with {:ok, _user} <-
               User.reset_password(user, %{
                 password: params["new_password"],
                 password_confirmation: params["new_password_confirmation"]
               }) do
          json(conn, %{status: "success"})
        else
          {:error, changeset} ->
            {_, {error, _}} = Enum.at(changeset.errors, 0)
            json(conn, %{error: "New password #{error}."})

          _ ->
            json(conn, %{error: "Unable to change password."})
        end

      {:error, msg} ->
        json(conn, %{error: msg})
    end
  end

minibikini's avatar
minibikini committed
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
  def change_email(%{assigns: %{user: user}} = conn, params) do
    case CommonAPI.Utils.confirm_current_password(user, params["password"]) do
      {:ok, user} ->
        with {:ok, _user} <- User.change_email(user, params["email"]) do
          json(conn, %{status: "success"})
        else
          {:error, changeset} ->
            {_, {error, _}} = Enum.at(changeset.errors, 0)
            json(conn, %{error: "Email #{error}."})

          _ ->
            json(conn, %{error: "Unable to change email."})
        end

      {:error, msg} ->
        json(conn, %{error: msg})
    end
  end

195
  def delete_account(%{assigns: %{user: user}} = conn, params) do
196
197
198
    password = params["password"] || ""

    case CommonAPI.Utils.confirm_current_password(user, password) do
199
      {:ok, user} ->
200
        User.delete(user)
201
        json(conn, %{status: "success"})
202
203
204
205
206

      {:error, msg} ->
        json(conn, %{error: msg})
    end
  end
207

208
209
210
  def disable_account(%{assigns: %{user: user}} = conn, params) do
    case CommonAPI.Utils.confirm_current_password(user, params["password"]) do
      {:ok, user} ->
211
        User.deactivate_async(user)
212
213
214
215
216
217
218
        json(conn, %{status: "success"})

      {:error, msg} ->
        json(conn, %{error: msg})
    end
  end

219
220
221
  def captcha(conn, _params) do
    json(conn, Pleroma.Captcha.new())
  end
222
223

  def healthcheck(conn, _params) do
Maksim's avatar
Maksim committed
224
225
226
227
228
229
    with true <- Config.get([:instance, :healthcheck]),
         %{healthy: true} = info <- Healthcheck.system_info() do
      json(conn, info)
    else
      %{healthy: false} = info ->
        service_unavailable(conn, info)
230

Maksim's avatar
Maksim committed
231
232
233
234
      _ ->
        service_unavailable(conn, %{})
    end
  end
235

Maksim's avatar
Maksim committed
236
237
238
239
  defp service_unavailable(conn, info) do
    conn
    |> put_status(:service_unavailable)
    |> json(info)
240
  end
dtluna's avatar
dtluna committed
241
end