From f8e0942745636f0f51e5ff57d1b40f79ee82f87b Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 7 Jun 2018 00:04:03 +0000 Subject: [PATCH] twitter api: add approve/deny endpoints --- lib/pleroma/web/router.ex | 2 + .../web/twitter_api/twitter_api_controller.ex | 44 +++++++++++++++++- .../twitter_api_controller_test.exs | 46 +++++++++++++++++++ 3 files changed, 90 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index ea134bbff..6f8b427b5 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -248,6 +248,8 @@ def user_fetcher(username) do post("/statuses/destroy/:id", TwitterAPI.Controller, :delete_post) get("/pleroma/friend_requests", TwitterAPI.Controller, :friend_requests) + post("/pleroma/friendships/approve", TwitterAPI.Controller, :approve_friend_request) + post("/pleroma/friendships/deny", TwitterAPI.Controller, :deny_friend_request) post("/friendships/create", TwitterAPI.Controller, :follow) post("/friendships/destroy", TwitterAPI.Controller, :unfollow) diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 123d20177..b29687df5 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -4,6 +4,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do alias Pleroma.Web.CommonAPI alias Pleroma.{Repo, Activity, User, Notification} alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Utils alias Ecto.Changeset require Logger @@ -332,14 +333,53 @@ def friends(conn, params) do end def friend_requests(conn, params) do - with {:ok, user} <- TwitterAPI.get_user(conn.assigns.user, params), + with {:ok, user} <- TwitterAPI.get_user(conn.assigns[:user], params), {:ok, friend_requests} <- User.get_follow_requests(user) do - render(conn, UserView, "index.json", %{users: friend_requests, for: user}) + render(conn, UserView, "index.json", %{users: friend_requests, for: conn.assigns[:user]}) else _e -> bad_request_reply(conn, "Can't get friend requests") end end + def approve_friend_request(conn, %{"user_id" => uid} = params) do + with followed <- conn.assigns[:user], + uid when is_number(uid) <- String.to_integer(uid), + %User{} = follower <- Repo.get(User, uid), + {:ok, follower} <- User.maybe_follow(follower, followed), + %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed), + {:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "accept"), + {:ok, _activity} <- + ActivityPub.accept(%{ + to: [follower.ap_id], + actor: followed.ap_id, + object: follow_activity.data["id"], + type: "Accept" + }) do + render(conn, UserView, "show.json", %{user: follower, for: followed}) + else + e -> bad_request_reply(conn, "Can't approve user: #{inspect(e)}") + end + end + + def deny_friend_request(conn, %{"user_id" => uid} = params) do + with followed <- conn.assigns[:user], + uid when is_number(uid) <- String.to_integer(uid), + %User{} = follower <- Repo.get(User, uid), + %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed), + {:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "reject"), + {:ok, _activity} <- + ActivityPub.reject(%{ + to: [follower.ap_id], + actor: followed.ap_id, + object: follow_activity.data["id"], + type: "Reject" + }) do + render(conn, UserView, "show.json", %{user: follower, for: followed}) + else + e -> bad_request_reply(conn, "Can't deny user: #{inspect(e)}") + end + end + def friends_ids(%{assigns: %{user: user}} = conn, _params) do with {:ok, friends} <- User.get_friends(user) do ids = diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index ac8ccfbc3..bd11551df 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -980,4 +980,50 @@ test "it lists friend requests" do assert other_user.id == relationship["id"] end end + + describe "POST /api/pleroma/friendships/approve" do + test "it approves a friend request" do + user = insert(:user, %{info: %{"locked" => true}}) + other_user = insert(:user) + + {:ok, activity} = ActivityPub.follow(other_user, user) + + user = Repo.get(User, user.id) + other_user = Repo.get(User, other_user.id) + + assert User.following?(other_user, user) == false + + conn = + build_conn() + |> assign(:user, user) + |> post("/api/pleroma/friendships/approve", %{"user_id" => to_string(other_user.id)}) + + assert relationship = json_response(conn, 200) + assert other_user.id == relationship["id"] + assert relationship["follows_you"] == true + end + end + + describe "POST /api/pleroma/friendships/deny" do + test "it denies a friend request" do + user = insert(:user, %{info: %{"locked" => true}}) + other_user = insert(:user) + + {:ok, activity} = ActivityPub.follow(other_user, user) + + user = Repo.get(User, user.id) + other_user = Repo.get(User, other_user.id) + + assert User.following?(other_user, user) == false + + conn = + build_conn() + |> assign(:user, user) + |> post("/api/pleroma/friendships/deny", %{"user_id" => to_string(other_user.id)}) + + assert relationship = json_response(conn, 200) + assert other_user.id == relationship["id"] + assert relationship["follows_you"] == false + end + end end