mirror of
https://git.youjo.love/youjo/youjo-be.git
synced 2025-01-19 10:46:05 +01:00
[#471] Prevented rendering of inactive local accounts.
This commit is contained in:
parent
92b114499f
commit
e6aeb1d4a5
3 changed files with 50 additions and 7 deletions
|
@ -47,6 +47,8 @@ defmodule Pleroma.User do
|
|||
!Pleroma.Config.get([:instance, :account_activation_required])
|
||||
end
|
||||
|
||||
def remote_or_auth_active?(%User{} = user), do: !user.local || auth_active?(user)
|
||||
|
||||
def superuser?(%User{} = user), do: user.info && User.Info.superuser?(user.info)
|
||||
|
||||
def avatar_url(user) do
|
||||
|
|
|
@ -11,10 +11,30 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
|
|||
alias Pleroma.HTML
|
||||
|
||||
def render("accounts.json", %{users: users} = opts) do
|
||||
render_many(users, AccountView, "account.json", opts)
|
||||
users
|
||||
|> render_many(AccountView, "account.json", opts)
|
||||
|> Enum.filter(&Enum.any?/1)
|
||||
end
|
||||
|
||||
def render("account.json", %{user: user} = opts) do
|
||||
for_user = opts[:for]
|
||||
|
||||
allow_render =
|
||||
User.remote_or_auth_active?(user) ||
|
||||
(for_user && (for_user.id == user.id || User.superuser?(for_user)))
|
||||
|
||||
if allow_render do
|
||||
render("valid_account.json", opts)
|
||||
else
|
||||
render("invalid_account.json", opts)
|
||||
end
|
||||
end
|
||||
|
||||
def render("invalid_account.json", _opts) do
|
||||
%{}
|
||||
end
|
||||
|
||||
def render("valid_account.json", %{user: user} = opts) do
|
||||
image = User.avatar_url(user) |> MediaProxy.url()
|
||||
header = User.banner_url(user) |> MediaProxy.url()
|
||||
user_info = User.user_info(user)
|
||||
|
|
|
@ -15,18 +15,39 @@ defmodule Pleroma.Web.TwitterAPI.UserView do
|
|||
end
|
||||
|
||||
def render("index.json", %{users: users, for: user}) do
|
||||
render_many(users, Pleroma.Web.TwitterAPI.UserView, "user.json", for: user)
|
||||
users
|
||||
|> render_many(Pleroma.Web.TwitterAPI.UserView, "user.json", for: user)
|
||||
|> Enum.filter(&Enum.any?/1)
|
||||
end
|
||||
|
||||
def render("user.json", %{user: user = %User{}} = assigns) do
|
||||
for_user = assigns[:for]
|
||||
|
||||
allow_render =
|
||||
User.remote_or_auth_active?(user) ||
|
||||
(for_user && (for_user.id == user.id || User.superuser?(for_user)))
|
||||
|
||||
if allow_render do
|
||||
render("valid_user.json", assigns)
|
||||
else
|
||||
render("invalid_user.json", assigns)
|
||||
end
|
||||
end
|
||||
|
||||
def render("invalid_user.json", _assigns) do
|
||||
%{}
|
||||
end
|
||||
|
||||
def render("valid_user.json", %{user: user = %User{}} = assigns) do
|
||||
for_user = assigns[:for]
|
||||
image = User.avatar_url(user) |> MediaProxy.url()
|
||||
|
||||
{following, follows_you, statusnet_blocking} =
|
||||
if assigns[:for] do
|
||||
if for_user do
|
||||
{
|
||||
User.following?(assigns[:for], user),
|
||||
User.following?(user, assigns[:for]),
|
||||
User.blocks?(assigns[:for], user)
|
||||
User.following?(for_user, user),
|
||||
User.following?(user, for_user),
|
||||
User.blocks?(for_user, user)
|
||||
}
|
||||
else
|
||||
{false, false, false}
|
||||
|
@ -51,7 +72,7 @@ defmodule Pleroma.Web.TwitterAPI.UserView do
|
|||
data = %{
|
||||
"created_at" => user.inserted_at |> Utils.format_naive_asctime(),
|
||||
"description" => HTML.strip_tags((user.bio || "") |> String.replace("<br>", "\n")),
|
||||
"description_html" => HTML.filter_tags(user.bio, User.html_filter_policy(assigns[:for])),
|
||||
"description_html" => HTML.filter_tags(user.bio, User.html_filter_policy(for_user)),
|
||||
"favourites_count" => 0,
|
||||
"followers_count" => user_info[:follower_count],
|
||||
"following" => following,
|
||||
|
|
Loading…
Reference in a new issue