Add PleromaAPI.AccountController

5 files changed, 180 insertions, 175 deletions

diff --git a/lib/pleroma/web/controller_helper.ex b/lib/pleroma/web/controller_helper.ex
index e90bf842e..83b884ba9 100644
--- a/lib/pleroma/web/controller_helper.ex
+++ b/lib/pleroma/web/controller_helper.ex
@@ -68,4 +68,11 @@ defmodule Pleroma.Web.ControllerHelper do
         conn
     end
   end
+
+  def assign_account_by_id(%{params: %{"id" => id}} = conn, _) do
+    case Pleroma.User.get_cached_by_id(id) do
+      %Pleroma.User{} = account -> assign(conn, :account, account)
+      nil -> Pleroma.Web.MastodonAPI.FallbackController.call(conn, {:error, :not_found}) |> halt()
+    end
+  end
 end
diff --git a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
index 844de2e79..38d53fd10 100644
--- a/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/account_controller.ex
@@ -5,7 +5,8 @@
 defmodule Pleroma.Web.MastodonAPI.AccountController do
   use Pleroma.Web, :controller
 
-  import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2, truthy_param?: 1]
+  import Pleroma.Web.ControllerHelper,
+    only: [add_link_headers: 2, truthy_param?: 1, assign_account_by_id: 2, json_response: 3]
 
   alias Pleroma.User
   alias Pleroma.Web.CommonAPI
@@ -15,13 +16,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
   alias Pleroma.Web.MastodonAPI.ListView
   alias Pleroma.Plugs.RateLimiter
 
-  require Pleroma.Constants
-
   @relations ~w(follow unfollow)a
 
   plug(RateLimiter, {:relations_id_action, params: ["id", "uri"]} when action in @relations)
   plug(RateLimiter, :relations_actions when action in @relations)
-  plug(:assign_account when action not in [:show, :statuses, :follows])
+  plug(:assign_account_by_id when action not in [:show, :statuses])
 
   action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
 
@@ -85,60 +84,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
     |> render("index.json", lists: lists)
   end
 
-  @doc "GET /api/v1/pleroma/accounts/:id/favourites"
-  def favourites(%{assigns: %{account: %{info: %{hide_favorites: true}}}} = conn, _params) do
-    render_error(conn, :forbidden, "Can't get favorites")
-  end
-
-  def favourites(%{assigns: %{user: for_user, account: user}} = conn, params) do
-    params =
-      params
-      |> Map.put("type", "Create")
-      |> Map.put("favorited_by", user.ap_id)
-      |> Map.put("blocking_user", for_user)
-
-    recipients =
-      if for_user do
-        [Pleroma.Constants.as_public()] ++ [for_user.ap_id | for_user.following]
-      else
-        [Pleroma.Constants.as_public()]
-      end
-
-    activities =
-      recipients
-      |> ActivityPub.fetch_activities(params)
-      |> Enum.reverse()
-
-    conn
-    |> add_link_headers(activities)
-    |> put_view(StatusView)
-    |> render("index.json", activities: activities, for: for_user, as: :activity)
-  end
-
-  @doc "POST /api/v1/pleroma/accounts/:id/subscribe"
-  def subscribe(%{assigns: %{user: user, account: subscription_target}} = conn, _params) do
-    with {:ok, subscription_target} <- User.subscribe(user, subscription_target) do
-      render(conn, "relationship.json", user: user, target: subscription_target)
-    else
-      {:error, message} ->
-        conn
-        |> put_status(:forbidden)
-        |> json(%{error: message})
-    end
-  end
-
-  @doc "POST /api/v1/pleroma/accounts/:id/unsubscribe"
-  def unsubscribe(%{assigns: %{user: user, account: subscription_target}} = conn, _params) do
-    with {:ok, subscription_target} <- User.unsubscribe(user, subscription_target) do
-      render(conn, "relationship.json", user: user, target: subscription_target)
-    else
-      {:error, message} ->
-        conn
-        |> put_status(:forbidden)
-        |> json(%{error: message})
-    end
-  end
-
   @doc "POST /api/v1/accounts/:id/follow"
   def follow(%{assigns: %{user: %{id: id}, account: %{id: id}}}, _params) do
     {:error, :not_found}
@@ -148,14 +93,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
     with {:ok, follower} <- MastodonAPI.follow(follower, followed, conn.params) do
       render(conn, "relationship.json", user: follower, target: followed)
     else
-      {:error, message} ->
-        conn
-        |> put_status(:forbidden)
-        |> json(%{error: message})
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
     end
   end
 
-  @doc "POST /api/v1/pleroma/:id/unfollow"
+  @doc "POST /api/v1/accounts/:id/unfollow"
   def unfollow(%{assigns: %{user: %{id: id}, account: %{id: id}}}, _params) do
     {:error, :not_found}
   end
@@ -173,10 +115,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
     with {:ok, muter} <- User.mute(muter, muted, notifications?) do
       render(conn, "relationship.json", user: muter, target: muted)
     else
-      {:error, message} ->
-        conn
-        |> put_status(:forbidden)
-        |> json(%{error: message})
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
     end
   end
 
@@ -185,10 +124,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
     with {:ok, muter} <- User.unmute(muter, muted) do
       render(conn, "relationship.json", user: muter, target: muted)
     else
-      {:error, message} ->
-        conn
-        |> put_status(:forbidden)
-        |> json(%{error: message})
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
     end
   end
 
@@ -198,10 +134,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
          {:ok, _activity} <- ActivityPub.block(blocker, blocked) do
       render(conn, "relationship.json", user: blocker, target: blocked)
     else
-      {:error, message} ->
-        conn
-        |> put_status(:forbidden)
-        |> json(%{error: message})
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
     end
   end
 
@@ -211,17 +144,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
          {:ok, _activity} <- ActivityPub.unblock(blocker, blocked) do
       render(conn, "relationship.json", user: blocker, target: blocked)
     else
-      {:error, message} ->
-        conn
-        |> put_status(:forbidden)
-        |> json(%{error: message})
-    end
-  end
-
-  defp assign_account(%{params: %{"id" => id}} = conn, _) do
-    case User.get_cached_by_id(id) do
-      %User{} = account -> assign(conn, :account, account)
-      nil -> Pleroma.Web.MastodonAPI.FallbackController.call(conn, {:error, :not_found}) |> halt()
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
     end
   end
 end
diff --git a/lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
index 394599146..197316794 100644
--- a/lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
@@ -5,10 +5,8 @@
 defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
   use Pleroma.Web, :controller
 
-  import Pleroma.Web.ControllerHelper,
-    only: [json_response: 3, add_link_headers: 2, truthy_param?: 1]
+  import Pleroma.Web.ControllerHelper, only: [add_link_headers: 2, truthy_param?: 1]
 
-  alias Ecto.Changeset
   alias Pleroma.Activity
   alias Pleroma.Bookmark
   alias Pleroma.Config
@@ -40,7 +38,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
   plug(RateLimiter, :app_account_creation when action == :account_register)
   plug(RateLimiter, :search when action in [:search, :search2, :account_search])
   plug(RateLimiter, :password_reset when action == :password_reset)
-  plug(RateLimiter, :account_confirmation_resend when action == :account_confirmation_resend)
 
   @local_mastodon_name "Mastodon-Local"
 
@@ -167,61 +164,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
     end
   end
 
-  def update_avatar(%{assigns: %{user: user}} = conn, %{"img" => ""}) do
-    change = Changeset.change(user, %{avatar: nil})
-    {:ok, user} = User.update_and_set_cache(change)
-    CommonAPI.update(user)
-
-    json(conn, %{url: nil})
-  end
-
-  def update_avatar(%{assigns: %{user: user}} = conn, params) do
-    {:ok, object} = ActivityPub.upload(params, type: :avatar)
-    change = Changeset.change(user, %{avatar: object.data})
-    {:ok, user} = User.update_and_set_cache(change)
-    CommonAPI.update(user)
-    %{"url" => [%{"href" => href} | _]} = object.data
-
-    json(conn, %{url: href})
-  end
-
-  def update_banner(%{assigns: %{user: user}} = conn, %{"banner" => ""}) do
-    new_info = %{"banner" => %{}}
-
-    with {:ok, user} <- User.update_info(user, &User.Info.profile_update(&1, new_info)) do
-      CommonAPI.update(user)
-      json(conn, %{url: nil})
-    end
-  end
-
-  def update_banner(%{assigns: %{user: user}} = conn, params) do
-    with {:ok, object} <- ActivityPub.upload(%{"img" => params["banner"]}, type: :banner),
-         new_info <- %{"banner" => object.data},
-         {:ok, user} <- User.update_info(user, &User.Info.profile_update(&1, new_info)) do
-      CommonAPI.update(user)
-      %{"url" => [%{"href" => href} | _]} = object.data
-
-      json(conn, %{url: href})
-    end
-  end
-
-  def update_background(%{assigns: %{user: user}} = conn, %{"img" => ""}) do
-    new_info = %{"background" => %{}}
-
-    with {:ok, _user} <- User.update_info(user, &User.Info.profile_update(&1, new_info)) do
-      json(conn, %{url: nil})
-    end
-  end
-
-  def update_background(%{assigns: %{user: user}} = conn, params) do
-    with {:ok, object} <- ActivityPub.upload(params, type: :background),
-         new_info <- %{"background" => object.data},
-         {:ok, _user} <- User.update_info(user, &User.Info.profile_update(&1, new_info)) do
-      %{"url" => [%{"href" => href} | _]} = object.data
-
-      json(conn, %{url: href})
-    end
-  end
 
   def verify_credentials(%{assigns: %{user: user}} = conn, _) do
     chat_token = Phoenix.Token.sign(conn, "user socket", user.id)
@@ -236,7 +178,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
 
     json(conn, account)
   end
-
   def verify_app_credentials(%{assigns: %{user: _user, token: token}} = conn, _) do
     with %Token{app: %App{} = app} <- Repo.preload(token, :app) do
       conn
@@ -767,16 +708,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
     end
   end
 
-  def account_confirmation_resend(conn, params) do
-    nickname_or_email = params["email"] || params["nickname"]
-
-    with %User{} = user <- User.get_by_nickname_or_email(nickname_or_email),
-         {:ok, _} <- User.try_send_confirmation_email(user) do
-      conn
-      |> json_response(:no_content, "")
-    end
-  end
-
   def try_render(conn, target, params)
       when is_binary(target) do
     case render(conn, target, params) do
diff --git a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
new file mode 100644
index 000000000..63c44086c
--- /dev/null
+++ b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
@@ -0,0 +1,143 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.PleromaAPI.AccountController do
+  use Pleroma.Web, :controller
+
+  import Pleroma.Web.ControllerHelper,
+    only: [json_response: 3, add_link_headers: 2, assign_account_by_id: 2]
+
+  alias Ecto.Changeset
+  alias Pleroma.Plugs.RateLimiter
+  alias Pleroma.User
+  alias Pleroma.Web.ActivityPub.ActivityPub
+  alias Pleroma.Web.CommonAPI
+  alias Pleroma.Web.MastodonAPI.StatusView
+
+  require Pleroma.Constants
+
+  plug(RateLimiter, :account_confirmation_resend when action == :confirmation_resend)
+  plug(:assign_account_by_id when action in [:favourites, :subscribe, :unsubscribe])
+  plug(:put_view, Pleroma.Web.MastodonAPI.AccountView)
+
+  @doc "POST /api/v1/pleroma/accounts/confirmation_resend"
+  def confirmation_resend(conn, params) do
+    nickname_or_email = params["email"] || params["nickname"]
+
+    with %User{} = user <- User.get_by_nickname_or_email(nickname_or_email),
+         {:ok, _} <- User.try_send_confirmation_email(user) do
+      json_response(conn, :no_content, "")
+    end
+  end
+
+  @doc "PATCH /api/v1/pleroma/accounts/update_avatar"
+  def update_avatar(%{assigns: %{user: user}} = conn, %{"img" => ""}) do
+    {:ok, user} =
+      user
+      |> Changeset.change(%{avatar: nil})
+      |> User.update_and_set_cache()
+
+    CommonAPI.update(user)
+
+    json(conn, %{url: nil})
+  end
+
+  def update_avatar(%{assigns: %{user: user}} = conn, params) do
+    {:ok, %{data: data}} = ActivityPub.upload(params, type: :avatar)
+    {:ok, user} = user |> Changeset.change(%{avatar: data}) |> User.update_and_set_cache()
+    %{"url" => [%{"href" => href} | _]} = data
+
+    CommonAPI.update(user)
+
+    json(conn, %{url: href})
+  end
+
+  @doc "PATCH /api/v1/pleroma/accounts/update_banner"
+  def update_banner(%{assigns: %{user: user}} = conn, %{"banner" => ""}) do
+    new_info = %{"banner" => %{}}
+
+    with {:ok, user} <- User.update_info(user, &User.Info.profile_update(&1, new_info)) do
+      CommonAPI.update(user)
+      json(conn, %{url: nil})
+    end
+  end
+
+  def update_banner(%{assigns: %{user: user}} = conn, params) do
+    with {:ok, object} <- ActivityPub.upload(%{"img" => params["banner"]}, type: :banner),
+         new_info <- %{"banner" => object.data},
+         {:ok, user} <- User.update_info(user, &User.Info.profile_update(&1, new_info)) do
+      CommonAPI.update(user)
+      %{"url" => [%{"href" => href} | _]} = object.data
+
+      json(conn, %{url: href})
+    end
+  end
+
+  @doc "PATCH /api/v1/pleroma/accounts/update_background"
+  def update_background(%{assigns: %{user: user}} = conn, %{"img" => ""}) do
+    new_info = %{"background" => %{}}
+
+    with {:ok, _user} <- User.update_info(user, &User.Info.profile_update(&1, new_info)) do
+      json(conn, %{url: nil})
+    end
+  end
+
+  def update_background(%{assigns: %{user: user}} = conn, params) do
+    with {:ok, object} <- ActivityPub.upload(params, type: :background),
+         new_info <- %{"background" => object.data},
+         {:ok, _user} <- User.update_info(user, &User.Info.profile_update(&1, new_info)) do
+      %{"url" => [%{"href" => href} | _]} = object.data
+
+      json(conn, %{url: href})
+    end
+  end
+
+  @doc "GET /api/v1/pleroma/accounts/:id/favourites"
+  def favourites(%{assigns: %{account: %{info: %{hide_favorites: true}}}} = conn, _params) do
+    render_error(conn, :forbidden, "Can't get favorites")
+  end
+
+  def favourites(%{assigns: %{user: for_user, account: user}} = conn, params) do
+    params =
+      params
+      |> Map.put("type", "Create")
+      |> Map.put("favorited_by", user.ap_id)
+      |> Map.put("blocking_user", for_user)
+
+    recipients =
+      if for_user do
+        [Pleroma.Constants.as_public()] ++ [for_user.ap_id | for_user.following]
+      else
+        [Pleroma.Constants.as_public()]
+      end
+
+    activities =
+      recipients
+      |> ActivityPub.fetch_activities(params)
+      |> Enum.reverse()
+
+    conn
+    |> add_link_headers(activities)
+    |> put_view(StatusView)
+    |> render("index.json", activities: activities, for: for_user, as: :activity)
+  end
+
+  @doc "POST /api/v1/pleroma/accounts/:id/subscribe"
+  def subscribe(%{assigns: %{user: user, account: subscription_target}} = conn, _params) do
+    with {:ok, subscription_target} <- User.subscribe(user, subscription_target) do
+      render(conn, "relationship.json", user: user, target: subscription_target)
+    else
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
+    end
+  end
+
+  @doc "POST /api/v1/pleroma/accounts/:id/unsubscribe"
+  def unsubscribe(%{assigns: %{user: user, account: subscription_target}} = conn, _params) do
+    with {:ok, subscription_target} <- User.unsubscribe(user, subscription_target) do
+      render(conn, "relationship.json", user: user, target: subscription_target)
+    else
+      {:error, message} -> json_response(conn, :forbidden, %{error: message})
+    end
+  end
+end
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index a57bc75d7..5c3fe34e5 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -287,24 +287,40 @@ defmodule Pleroma.Web.Router do
   end
 
   scope "/api/v1/pleroma", Pleroma.Web.PleromaAPI do
-    pipe_through(:authenticated_api)
-
     scope [] do
+      pipe_through(:authenticated_api)
       pipe_through(:oauth_read)
       get("/conversations/:id/statuses", PleromaAPIController, :conversation_statuses)
       get("/conversations/:id", PleromaAPIController, :conversation)
     end
 
     scope [] do
+      pipe_through(:authenticated_api)
       pipe_through(:oauth_write)
       patch("/conversations/:id", PleromaAPIController, :update_conversation)
       post("/notifications/read", PleromaAPIController, :read_notification)
+
+      patch("/accounts/update_avatar", AccountController, :update_avatar)
+      patch("/accounts/update_banner", AccountController, :update_banner)
+      patch("/accounts/update_background", AccountController, :update_background)
+      post("/scrobble", ScrobbleController, :new_scrobble)
     end
 
     scope [] do
-      pipe_through(:oauth_write)
-      post("/scrobble", ScrobbleController, :new_scrobble)
+      pipe_through(:api)
+      pipe_through(:oauth_read_or_public)
+      get("/accounts/:id/favourites", AccountController, :favourites)
+    end
+
+    scope [] do
+      pipe_through(:authenticated_api)
+      pipe_through(:oauth_follow)
+
+      post("/accounts/:id/subscribe", AccountController, :subscribe)
+      post("/accounts/:id/unsubscribe", AccountController, :unsubscribe)
     end
+
+    post("/accounts/confirmation_resend", AccountController, :confirmation_resend)
   end
 
   scope "/api/v1/pleroma", Pleroma.Web.PleromaAPI do
@@ -400,10 +416,6 @@ defmodule Pleroma.Web.Router do
       put("/filters/:id", FilterController, :update)
       delete("/filters/:id", FilterController, :delete)
 
-      patch("/pleroma/accounts/update_avatar", MastodonAPIController, :update_avatar)
-      patch("/pleroma/accounts/update_banner", MastodonAPIController, :update_banner)
-      patch("/pleroma/accounts/update_background", MastodonAPIController, :update_background)
-
       get("/pleroma/mascot", MastodonAPIController, :get_mascot)
       put("/pleroma/mascot", MastodonAPIController, :set_mascot)
 
@@ -426,9 +438,6 @@ defmodule Pleroma.Web.Router do
 
       post("/domain_blocks", DomainBlockController, :create)
       delete("/domain_blocks", DomainBlockController, :delete)
-
-      post("/pleroma/accounts/:id/subscribe", AccountController, :subscribe)
-      post("/pleroma/accounts/:id/unsubscribe", AccountController, :unsubscribe)
     end
 
     scope [] do
@@ -467,12 +476,6 @@ defmodule Pleroma.Web.Router do
 
     get("/accounts/search", SearchController, :account_search)
 
-    post(
-      "/pleroma/accounts/confirmation_resend",
-      MastodonAPIController,
-      :account_confirmation_resend
-    )
-
     scope [] do
       pipe_through(:oauth_read_or_public)
 
@@ -492,8 +495,6 @@ defmodule Pleroma.Web.Router do
       get("/accounts/:id", AccountController, :show)
 
       get("/search", SearchController, :search)
-
-      get("/pleroma/accounts/:id/favourites", AccountController, :favourites)
     end
   end