mirror of
https://codeberg.org/grunfink/snac2.git
synced 2024-11-22 13:25:04 +00:00
Only allow logged-in user to use statuses API
This commit is contained in:
parent
15137fc5c7
commit
fb5f34bb5a
1 changed files with 82 additions and 78 deletions
160
mastoapi.c
160
mastoapi.c
|
@ -1510,102 +1510,106 @@ int mastoapi_get_handler(const xs_dict *req, const char *q_path,
|
||||||
else
|
else
|
||||||
if (xs_startswith(cmd, "/v1/statuses/")) { /** **/
|
if (xs_startswith(cmd, "/v1/statuses/")) { /** **/
|
||||||
/* information about a status */
|
/* information about a status */
|
||||||
xs *l = xs_split(cmd, "/");
|
if (logged_in) {
|
||||||
const char *id = xs_list_get(l, 3);
|
xs *l = xs_split(cmd, "/");
|
||||||
const char *op = xs_list_get(l, 4);
|
const char *id = xs_list_get(l, 3);
|
||||||
|
const char *op = xs_list_get(l, 4);
|
||||||
|
|
||||||
if (!xs_is_null(id)) {
|
if (!xs_is_null(id)) {
|
||||||
xs *msg = NULL;
|
xs *msg = NULL;
|
||||||
xs *out = NULL;
|
xs *out = NULL;
|
||||||
|
|
||||||
/* skip the 'fake' part of the id */
|
/* skip the 'fake' part of the id */
|
||||||
id = MID_TO_MD5(id);
|
id = MID_TO_MD5(id);
|
||||||
|
|
||||||
if (valid_status(object_get_by_md5(id, &msg))) {
|
if (valid_status(object_get_by_md5(id, &msg))) {
|
||||||
if (op == NULL) {
|
if (op == NULL) {
|
||||||
if (!is_muted(&snac1, xs_dict_get(msg, "attributedTo"))) {
|
if (!is_muted(&snac1, xs_dict_get(msg, "attributedTo"))) {
|
||||||
/* return the status itself */
|
/* return the status itself */
|
||||||
out = mastoapi_status(&snac1, msg);
|
out = mastoapi_status(&snac1, msg);
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
if (strcmp(op, "context") == 0) { /** **/
|
|
||||||
/* return ancestors and children */
|
|
||||||
xs *anc = xs_list_new();
|
|
||||||
xs *des = xs_list_new();
|
|
||||||
xs_list *p;
|
|
||||||
xs_str *v;
|
|
||||||
char pid[64];
|
|
||||||
|
|
||||||
/* build the [grand]parent list, moving up */
|
|
||||||
strncpy(pid, id, sizeof(pid));
|
|
||||||
|
|
||||||
while (object_parent(pid, pid, sizeof(pid))) {
|
|
||||||
xs *m2 = NULL;
|
|
||||||
|
|
||||||
if (valid_status(timeline_get_by_md5(&snac1, pid, &m2))) {
|
|
||||||
xs *st = mastoapi_status(&snac1, m2);
|
|
||||||
anc = xs_list_insert(anc, 0, st);
|
|
||||||
}
|
}
|
||||||
else
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
if (strcmp(op, "context") == 0) { /** **/
|
||||||
|
/* return ancestors and children */
|
||||||
|
xs *anc = xs_list_new();
|
||||||
|
xs *des = xs_list_new();
|
||||||
|
xs_list *p;
|
||||||
|
xs_str *v;
|
||||||
|
char pid[64];
|
||||||
|
|
||||||
/* build the children list */
|
/* build the [grand]parent list, moving up */
|
||||||
xs *children = object_children(xs_dict_get(msg, "id"));
|
strncpy(pid, id, sizeof(pid));
|
||||||
p = children;
|
|
||||||
|
|
||||||
while (xs_list_iter(&p, &v)) {
|
while (object_parent(pid, pid, sizeof(pid))) {
|
||||||
xs *m2 = NULL;
|
xs *m2 = NULL;
|
||||||
|
|
||||||
if (valid_status(timeline_get_by_md5(&snac1, v, &m2))) {
|
if (valid_status(timeline_get_by_md5(&snac1, pid, &m2))) {
|
||||||
if (xs_is_null(xs_dict_get(m2, "name"))) {
|
|
||||||
xs *st = mastoapi_status(&snac1, m2);
|
xs *st = mastoapi_status(&snac1, m2);
|
||||||
des = xs_list_append(des, st);
|
anc = xs_list_insert(anc, 0, st);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* build the children list */
|
||||||
|
xs *children = object_children(xs_dict_get(msg, "id"));
|
||||||
|
p = children;
|
||||||
|
|
||||||
|
while (xs_list_iter(&p, &v)) {
|
||||||
|
xs *m2 = NULL;
|
||||||
|
|
||||||
|
if (valid_status(timeline_get_by_md5(&snac1, v, &m2))) {
|
||||||
|
if (xs_is_null(xs_dict_get(m2, "name"))) {
|
||||||
|
xs *st = mastoapi_status(&snac1, m2);
|
||||||
|
des = xs_list_append(des, st);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
out = xs_dict_new();
|
||||||
|
out = xs_dict_append(out, "ancestors", anc);
|
||||||
|
out = xs_dict_append(out, "descendants", des);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
if (strcmp(op, "reblogged_by") == 0 || /** **/
|
||||||
|
strcmp(op, "favourited_by") == 0) { /** **/
|
||||||
|
/* return the list of people who liked or boosted this */
|
||||||
|
out = xs_list_new();
|
||||||
|
|
||||||
|
xs *l = NULL;
|
||||||
|
|
||||||
|
if (op[0] == 'r')
|
||||||
|
l = object_announces(xs_dict_get(msg, "id"));
|
||||||
|
else
|
||||||
|
l = object_likes(xs_dict_get(msg, "id"));
|
||||||
|
|
||||||
|
xs_list *p = l;
|
||||||
|
xs_str *v;
|
||||||
|
|
||||||
|
while (xs_list_iter(&p, &v)) {
|
||||||
|
xs *actor2 = NULL;
|
||||||
|
|
||||||
|
if (valid_status(object_get_by_md5(v, &actor2))) {
|
||||||
|
xs *acct2 = mastoapi_account(actor2);
|
||||||
|
|
||||||
|
out = xs_list_append(out, acct2);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
out = xs_dict_new();
|
|
||||||
out = xs_dict_append(out, "ancestors", anc);
|
|
||||||
out = xs_dict_append(out, "descendants", des);
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
if (strcmp(op, "reblogged_by") == 0 || /** **/
|
srv_debug(1, xs_fmt("mastoapi status: bad id %s", id));
|
||||||
strcmp(op, "favourited_by") == 0) { /** **/
|
|
||||||
/* return the list of people who liked or boosted this */
|
|
||||||
out = xs_list_new();
|
|
||||||
|
|
||||||
xs *l = NULL;
|
if (out != NULL) {
|
||||||
|
*body = xs_json_dumps_pp(out, 4);
|
||||||
if (op[0] == 'r')
|
*ctype = "application/json";
|
||||||
l = object_announces(xs_dict_get(msg, "id"));
|
status = 200;
|
||||||
else
|
|
||||||
l = object_likes(xs_dict_get(msg, "id"));
|
|
||||||
|
|
||||||
xs_list *p = l;
|
|
||||||
xs_str *v;
|
|
||||||
|
|
||||||
while (xs_list_iter(&p, &v)) {
|
|
||||||
xs *actor2 = NULL;
|
|
||||||
|
|
||||||
if (valid_status(object_get_by_md5(v, &actor2))) {
|
|
||||||
xs *acct2 = mastoapi_account(actor2);
|
|
||||||
|
|
||||||
out = xs_list_append(out, acct2);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
|
||||||
srv_debug(1, xs_fmt("mastoapi status: bad id %s", id));
|
|
||||||
|
|
||||||
if (out != NULL) {
|
|
||||||
*body = xs_json_dumps_pp(out, 4);
|
|
||||||
*ctype = "application/json";
|
|
||||||
status = 200;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
status = 401;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
if (strcmp(cmd, "/v1/preferences") == 0) { /** **/
|
if (strcmp(cmd, "/v1/preferences") == 0) { /** **/
|
||||||
|
|
Loading…
Reference in a new issue