aboutsummaryrefslogtreecommitdiff
path: root/lib/pleroma/web/pleroma_api/controllers/bookmark_folder_controller.ex
blob: 6d6e2e940d215ce0a904c9f4dd6a7825568dbc1c (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

# Pleroma: A lightweight social networking server
# Copyright © 2017-2024 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.PleromaAPI.BookmarkFolderController do
  use Pleroma.Web, :controller

  alias Pleroma.BookmarkFolder
  alias Pleroma.Web.Plugs.OAuthScopesPlug

  plug(Pleroma.Web.ApiSpec.CastAndValidate)

  # Note: scope not present in Mastodon: read:bookmarks
  plug(OAuthScopesPlug, %{scopes: ["read:bookmarks"]} when action == :index)

  # Note: scope not present in Mastodon: write:bookmarks
  plug(
    OAuthScopesPlug,
    %{scopes: ["write:bookmarks"]} when action in [:create, :update, :delete]
  )

  defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaBookmarkFolderOperation

  action_fallback(Pleroma.Web.MastodonAPI.FallbackController)

  def index(%{assigns: %{user: user}} = conn, _params) do
    with folders <- BookmarkFolder.for_user(user.id) do
      conn
      |> render("index.json", %{folders: folders, as: :folder})
    end
  end

  def create(
        %{assigns: %{user: user}, private: %{open_api_spex: %{body_params: params}}} = conn,
        _
      ) do
    with {:ok, folder} <- BookmarkFolder.create(user.id, params[:name], params[:emoji]) do
      render(conn, "show.json", folder: folder)
    end
  end

  def update(
        %{
          assigns: %{user: user},
          private: %{open_api_spex: %{body_params: params, params: %{id: id}}}
        } = conn,
        _
      ) do
    with true <- BookmarkFolder.belongs_to_user?(id, user.id),
         {:ok, folder} <- BookmarkFolder.update(id, params[:name], params[:emoji]) do
      render(conn, "show.json", folder: folder)
    else
      false -> {:error, :forbidden}
    end
  end

  def delete(
        %{assigns: %{user: user}, private: %{open_api_spex: %{params: %{id: id}}}} = conn,
        _
      ) do
    with true <- BookmarkFolder.belongs_to_user?(id, user.id),
         {:ok, folder} <- BookmarkFolder.delete(id) do
      render(conn, "show.json", folder: folder)
    else
      false -> {:error, :forbidden}
    end
  end
end
generated by cgit v1.2.3 (git 2.26.2) at 2026-04-29 11:43:57 +0000