mirror of
https://github.com/mastodon/mastodon.git
synced 2024-12-22 22:15:23 +01:00
Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users
This commit is contained in:
parent
f91b6fa9e1
commit
2d2154ba75
9 changed files with 27 additions and 3 deletions
|
@ -30,6 +30,10 @@ class ApiController < ApplicationController
|
|||
render json: { error: 'Remote SSL certificate could not be verified' }, status: 503
|
||||
end
|
||||
|
||||
rescue_from Mastodon::NotPermitted do
|
||||
render json: { error: 'This action is not allowed' }, status: 403
|
||||
end
|
||||
|
||||
def doorkeeper_unauthorized_render_options(error: nil)
|
||||
{ json: { error: (error.try(:description) || 'Not authorized') } }
|
||||
end
|
||||
|
|
|
@ -1,12 +1,13 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class Settings::ProfilesController < ApplicationController
|
||||
include ObfuscateFilename
|
||||
|
||||
layout 'auth'
|
||||
|
||||
before_action :authenticate_user!
|
||||
before_action :set_account
|
||||
|
||||
include ObfuscateFilename
|
||||
obfuscate_filename [:account, :avatar]
|
||||
obfuscate_filename [:account, :header]
|
||||
|
||||
|
@ -23,7 +24,7 @@ class Settings::ProfilesController < ApplicationController
|
|||
private
|
||||
|
||||
def account_params
|
||||
params.require(:account).permit(:display_name, :note, :avatar, :header)
|
||||
params.require(:account).permit(:display_name, :note, :avatar, :header, :locked)
|
||||
end
|
||||
|
||||
def set_account
|
||||
|
|
6
app/lib/exceptions.rb
Normal file
6
app/lib/exceptions.rb
Normal file
|
@ -0,0 +1,6 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module Mastodon
|
||||
class Error < StandardError; end
|
||||
class NotPermitted < Error; end
|
||||
end
|
|
@ -5,7 +5,10 @@ class BlockService < BaseService
|
|||
return if account.id == target_account.id
|
||||
|
||||
UnfollowService.new.call(account, target_account) if account.following?(target_account)
|
||||
UnfollowService.new.call(target_account, account) if target_account.following?(account)
|
||||
|
||||
account.block!(target_account)
|
||||
|
||||
clear_timelines(account, target_account)
|
||||
clear_notifications(account, target_account)
|
||||
end
|
||||
|
|
|
@ -8,6 +8,7 @@ class FollowService < BaseService
|
|||
target_account = follow_remote_account_service.call(uri)
|
||||
|
||||
raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended?
|
||||
raise Mastodon::NotPermitted if target_account.blocking?(source_account)
|
||||
|
||||
follow = source_account.follow!(target_account)
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
= f.input :note, placeholder: t('simple_form.labels.defaults.note')
|
||||
= f.input :avatar, wrapper: :with_label
|
||||
= f.input :header, wrapper: :with_label
|
||||
= f.input :locked, as: :boolean, wrapper: :with_label
|
||||
|
||||
.actions
|
||||
= f.button :button, t('generic.save_changes'), type: :submit
|
||||
|
|
|
@ -2,6 +2,8 @@ require_relative 'boot'
|
|||
|
||||
require 'rails/all'
|
||||
|
||||
require_relative '../app/lib/exceptions'
|
||||
|
||||
# Require the gems listed in Gemfile, including any gems
|
||||
# you've limited to :test, :development, or :production.
|
||||
Bundler.require(*Rails.groups)
|
||||
|
|
5
db/migrate/20161222201034_add_locked_to_accounts.rb
Normal file
5
db/migrate/20161222201034_add_locked_to_accounts.rb
Normal file
|
@ -0,0 +1,5 @@
|
|||
class AddLockedToAccounts < ActiveRecord::Migration[5.0]
|
||||
def change
|
||||
add_column :accounts, :locked, :boolean, null: false, default: false
|
||||
end
|
||||
end
|
|
@ -10,7 +10,7 @@
|
|||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(version: 20161221152630) do
|
||||
ActiveRecord::Schema.define(version: 20161222201034) do
|
||||
|
||||
# These are extensions that must be enabled in order to support this database
|
||||
enable_extension "plpgsql"
|
||||
|
@ -42,6 +42,7 @@ ActiveRecord::Schema.define(version: 20161221152630) do
|
|||
t.datetime "subscription_expires_at"
|
||||
t.boolean "silenced", default: false, null: false
|
||||
t.boolean "suspended", default: false, null: false
|
||||
t.boolean "locked", default: false, null: false
|
||||
t.index ["username", "domain"], name: "index_accounts_on_username_and_domain", unique: true, using: :btree
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in a new issue