Merge remote-tracking branch 'parent/main' into upstream-20231221

2023-12-21 08:37:12 +09:00 · 2023-12-21 08:37:12 +09:00 · a6b57e3890
commit a6b57e3890
parent 7b8fedb3cd d29b1cca2e
154 changed files with 7762 additions and 1748 deletions
--- a/app/controllers/admin/follow_recommendations_controller.rb
+++ b/app/controllers/admin/follow_recommendations_controller.rb
@ -8,7 +8,7 @@ module Admin
      authorize :follow_recommendation, :show?

      @form     = Form::AccountBatch.new
-      @accounts = filtered_follow_recommendations
+      @accounts = filtered_follow_recommendations.page(params[:page])
    end

    def update
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -108,6 +108,10 @@ class Api::BaseController < ApplicationController
    render json: { error: 'Your login is currently disabled' }, status: 403 if current_user&.account&.unavailable?
  end

+  def require_valid_pagination_options!
+    render json: { error: 'Pagination values for `offset` and `limit` must be positive' }, status: 400 if pagination_options_invalid?
+  end
+
  def require_user!
    if !current_user
      render json: { error: 'This method requires an authenticated user' }, status: 422
@ -136,6 +140,10 @@ class Api::BaseController < ApplicationController

  private

+  def pagination_options_invalid?
+    params.slice(:limit, :offset).values.map(&:to_i).any?(&:negative?)
+  end
+
  def respond_with_error(code)
    render json: { error: Rack::Utils::HTTP_STATUS_CODES[code] }, status: code
  end
--- a/app/controllers/api/v1/accounts/notes_controller.rb
+++ b/app/controllers/api/v1/accounts/notes_controller.rb
@ -25,6 +25,6 @@ class Api::V1::Accounts::NotesController < Api::BaseController
  end

  def relationships_presenter
-    AccountRelationshipsPresenter.new([@account.id], current_user.account_id)
+    AccountRelationshipsPresenter.new([@account], current_user.account_id)
  end
 end
--- a/app/controllers/api/v1/accounts/pins_controller.rb
+++ b/app/controllers/api/v1/accounts/pins_controller.rb
@ -25,6 +25,6 @@ class Api::V1::Accounts::PinsController < Api::BaseController
  end

  def relationships_presenter
-    AccountRelationshipsPresenter.new([@account.id], current_user.account_id)
+    AccountRelationshipsPresenter.new([@account], current_user.account_id)
  end
 end
--- a/app/controllers/api/v1/accounts/relationships_controller.rb
+++ b/app/controllers/api/v1/accounts/relationships_controller.rb
@ -5,7 +5,7 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
  before_action :require_user!

  def index
-    @accounts = Account.where(id: account_ids).select('id')
+    @accounts = Account.where(id: account_ids).select(:id, :domain)
    @accounts.merge!(Account.without_suspended) unless truthy_param?(:with_suspended)
    render json: @accounts, each_serializer: REST::RelationshipSerializer, relationships: relationships
  end
--- a/app/controllers/api/v1/accounts_controller.rb
+++ b/app/controllers/api/v1/accounts_controller.rb
@ -88,7 +88,7 @@ class Api::V1::AccountsController < Api::BaseController
  end

  def relationships(**options)
-    AccountRelationshipsPresenter.new([@account.id], current_user.account_id, **options)
+    AccountRelationshipsPresenter.new([@account], current_user.account_id, **options)
  end

  def account_params
--- a/app/controllers/api/v1/directories_controller.rb
+++ b/app/controllers/api/v1/directories_controller.rb
@ -12,7 +12,7 @@ class Api::V1::DirectoriesController < Api::BaseController
  private

  def require_enabled!
-    return not_found unless Setting.profile_directory
+    not_found unless Setting.profile_directory
  end

  def set_accounts
--- a/app/controllers/api/v1/follow_requests_controller.rb
+++ b/app/controllers/api/v1/follow_requests_controller.rb
@ -25,11 +25,11 @@ class Api::V1::FollowRequestsController < Api::BaseController
  private

  def account
-    Account.find(params[:id])
+    @account ||= Account.find(params[:id])
  end

  def relationships(**options)
-    AccountRelationshipsPresenter.new([params[:id]], current_user.account_id, **options)
+    AccountRelationshipsPresenter.new([account], current_user.account_id, **options)
  end

  def load_accounts
--- a/app/controllers/api/v1/suggestions_controller.rb
+++ b/app/controllers/api/v1/suggestions_controller.rb
@ -3,22 +3,23 @@
 class Api::V1::SuggestionsController < Api::BaseController
  include Authorization

-  before_action -> { doorkeeper_authorize! :read }
+  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }, only: :index
+  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, except: :index
  before_action :require_user!
+  before_action :set_suggestions

  def index
-    suggestions = suggestions_source.get(current_account, limit: limit_param(DEFAULT_ACCOUNTS_LIMIT))
-    render json: suggestions.map(&:account), each_serializer: REST::AccountSerializer
+    render json: @suggestions.get(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:offset].to_i).map(&:account), each_serializer: REST::AccountSerializer
  end

  def destroy
-    suggestions_source.remove(current_account, params[:id])
+    @suggestions.remove(params[:id])
    render_empty
  end

  private

-  def suggestions_source
-    AccountSuggestions::PastInteractionsSource.new
+  def set_suggestions
+    @suggestions = AccountSuggestions.new(current_account)
  end
 end
--- a/app/controllers/api/v2/search_controller.rb
+++ b/app/controllers/api/v2/search_controller.rb
@ -12,6 +12,7 @@ class Api::V2::SearchController < Api::BaseController
    before_action :query_pagination_error, if: :pagination_requested?
    before_action :remote_resolve_error, if: :remote_resolve_requested?
  end
+  before_action :require_valid_pagination_options!

  def index
    @search = Search.new(search_results)
--- a/app/controllers/api/v2/suggestions_controller.rb
+++ b/app/controllers/api/v2/suggestions_controller.rb
@ -3,17 +3,23 @@
 class Api::V2::SuggestionsController < Api::BaseController
  include Authorization

-  before_action -> { doorkeeper_authorize! :read }
+  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }, only: :index
+  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, except: :index
  before_action :require_user!
  before_action :set_suggestions

  def index
-    render json: @suggestions, each_serializer: REST::SuggestionSerializer
+    render json: @suggestions.get(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:offset].to_i), each_serializer: REST::SuggestionSerializer
+  end
+
+  def destroy
+    @suggestions.remove(params[:id])
+    render_empty
  end

  private

  def set_suggestions
-    @suggestions = AccountSuggestions.get(current_account, limit_param(DEFAULT_ACCOUNTS_LIMIT))
+    @suggestions = AccountSuggestions.new(current_account)
  end
 end
--- a/app/controllers/auth/confirmations_controller.rb
+++ b/app/controllers/auth/confirmations_controller.rb
@ -62,7 +62,7 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
  end

  def captcha_user_bypass?
-    return true if @confirmation_user.nil? || @confirmation_user.confirmed?
+    @confirmation_user.nil? || @confirmation_user.confirmed?
  end

  def require_unconfirmed!
--- a/app/controllers/relationships_controller.rb
+++ b/app/controllers/relationships_controller.rb
@ -33,7 +33,7 @@ class RelationshipsController < ApplicationController
  end

  def set_relationships
-    @relationships = AccountRelationshipsPresenter.new(@accounts.pluck(:id), current_user.account_id)
+    @relationships = AccountRelationshipsPresenter.new(@accounts, current_user.account_id)
  end

  def form_account_batch_params