projects / anni / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
total rebase
[anni] / lib / pleroma / web / twitter_api / controllers / util_controller.ex
diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex
old mode 100755 (executable)
new mode 100644 (file)
index d5a24ae..040fa32
--- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex
+++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex
@@ -18,7 +18,8 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
   alias Pleroma.Web.WebFinger
 
   plug(
-    Pleroma.Web.ApiSpec.CastAndValidate
+    Pleroma.Web.ApiSpec.CastAndValidate,
+    [replace_params: false]
     when action != :remote_subscribe and action != :show_subscribe_form
   )
 
@@ -35,7 +36,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
            :change_email,
            :change_password,
            :delete_account,
-           :update_notificaton_settings,
+           :update_notification_settings,
            :disable_account,
            :move_account,
            :add_alias,
@@ -150,7 +151,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     end
   end
 
-  def remote_interaction(%{body_params: %{ap_id: ap_id, profile: profile}} = conn, _params) do
+  def remote_interaction(
+        %{private: %{open_api_spex: %{body_params: %{ap_id: ap_id, profile: profile}}}} = conn,
+        _params
+      ) do
     with {:ok, %{"subscribe_address" => template}} <- WebFinger.finger(profile) do
       conn
       |> json(%{url: String.replace(template, "{uri}", ap_id)})
@@ -181,13 +185,16 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     json(conn, emoji)
   end
 
-  def update_notificaton_settings(%{assigns: %{user: user}} = conn, params) do
+  def update_notification_settings(%{assigns: %{user: user}} = conn, params) do
     with {:ok, _} <- User.update_notification_settings(user, params) do
       json(conn, %{status: "success"})
     end
   end
 
-  def change_password(%{assigns: %{user: user}, body_params: body_params} = conn, %{}) do
+  def change_password(
+        %{assigns: %{user: user}, private: %{open_api_spex: %{body_params: body_params}}} = conn,
+        _
+      ) do
     case CommonAPI.Utils.confirm_current_password(user, body_params.password) do
       {:ok, user} ->
         with {:ok, _user} <-
@@ -210,7 +217,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     end
   end
 
-  def change_email(%{assigns: %{user: user}, body_params: body_params} = conn, %{}) do
+  def change_email(
+        %{assigns: %{user: user}, private: %{open_api_spex: %{body_params: body_params}}} = conn,
+        _
+      ) do
     case CommonAPI.Utils.confirm_current_password(user, body_params.password) do
       {:ok, user} ->
         with {:ok, _user} <- User.change_email(user, body_params.email) do
@@ -229,7 +239,13 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     end
   end
 
-  def delete_account(%{assigns: %{user: user}, body_params: body_params} = conn, params) do
+  def delete_account(
+        %{
+          assigns: %{user: user},
+          private: %{open_api_spex: %{body_params: body_params, params: params}}
+        } = conn,
+        _
+      ) do
     # This endpoint can accept a query param or JSON body for backwards-compatibility.
     # Submitting a JSON body is recommended, so passwords don't end up in server logs.
     password = body_params[:password] || params[:password] || ""
@@ -244,7 +260,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     end
   end
 
-  def disable_account(%{assigns: %{user: user}} = conn, params) do
+  def disable_account(
+        %{assigns: %{user: user}, private: %{open_api_spex: %{params: params}}} = conn,
+        _
+      ) do
     case CommonAPI.Utils.confirm_current_password(user, params[:password]) do
       {:ok, user} ->
         User.set_activation_async(user, false)
@@ -255,7 +274,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     end
   end
 
-  def move_account(%{assigns: %{user: user}, body_params: body_params} = conn, %{}) do
+  def move_account(
+        %{assigns: %{user: user}, private: %{open_api_spex: %{body_params: body_params}}} = conn,
+        _
+      ) do
     case CommonAPI.Utils.confirm_current_password(user, body_params.password) do
       {:ok, user} ->
         with {:ok, target_user} <- find_or_fetch_user_by_nickname(body_params.target_account),
@@ -276,7 +298,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     end
   end
 
-  def add_alias(%{assigns: %{user: user}, body_params: body_params} = conn, _) do
+  def add_alias(
+        %{assigns: %{user: user}, private: %{open_api_spex: %{body_params: body_params}}} = conn,
+        _
+      ) do
     with {:ok, alias_user} <- find_user_by_nickname(body_params.alias),
          {:ok, _user} <- user |> User.add_alias(alias_user) do
       json(conn, %{status: "success"})
@@ -291,7 +316,10 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     end
   end
 
-  def delete_alias(%{assigns: %{user: user}, body_params: body_params} = conn, _) do
+  def delete_alias(
+        %{assigns: %{user: user}, private: %{open_api_spex: %{body_params: body_params}}} = conn,
+        _
+      ) do
     with {:ok, alias_user} <- find_user_by_nickname(body_params.alias),
          {:ok, _user} <- user |> User.delete_alias(alias_user) do
       json(conn, %{status: "success"})
@@ -306,7 +334,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     end
   end
 
-  def list_aliases(%{assigns: %{user: user}} = conn, %{}) do
+  def list_aliases(%{assigns: %{user: user}} = conn, _) do
     alias_nicks =
       user
       |> User.alias_users()
@@ -319,7 +347,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
     user = User.get_cached_by_nickname(nickname)
 
     if user == nil do
-      {:not_found, nil}
+      {:error, :not_found}
     else
       {:ok, user}
     end
@@ -345,13 +373,16 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
   end
 
   def healthcheck(conn, _params) do
-    with true <- Config.get([:instance, :healthcheck]),
+    with {:cfg, true} <- {:cfg, Config.get([:instance, :healthcheck])},
          %{healthy: true} = info <- Healthcheck.system_info() do
       json(conn, info)
     else
       %{healthy: false} = info ->
         service_unavailable(conn, info)
 
+      {:cfg, false} ->
+        service_unavailable(conn, %{"error" => "Healthcheck disabled"})
+
       _ ->
         service_unavailable(conn, %{})
     end
The code running on annihilation.social