2017-08-31 03:38:35 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2018-04-17 15:23:46 +02:00
|
|
|
class Api::Web::EmbedsController < Api::Web::BaseController
|
2023-07-13 15:53:03 +02:00
|
|
|
include Authorization
|
2017-08-31 03:38:35 +02:00
|
|
|
|
2023-07-13 15:53:03 +02:00
|
|
|
before_action :set_status
|
2020-02-07 15:24:22 +01:00
|
|
|
|
2023-07-13 15:53:03 +02:00
|
|
|
def show
|
|
|
|
return not_found if @status.hidden?
|
2020-02-07 15:24:22 +01:00
|
|
|
|
2023-07-13 15:53:03 +02:00
|
|
|
if @status.local?
|
|
|
|
render json: @status, serializer: OEmbedSerializer, width: 400
|
|
|
|
else
|
|
|
|
return not_found unless user_signed_in?
|
2018-05-02 18:58:48 +02:00
|
|
|
|
2023-07-13 15:53:03 +02:00
|
|
|
url = ActivityPub::TagManager.instance.url_for(@status)
|
|
|
|
oembed = FetchOEmbedService.new.call(url)
|
|
|
|
return not_found if oembed.nil?
|
2020-02-07 15:24:22 +01:00
|
|
|
|
2023-07-13 15:53:03 +02:00
|
|
|
begin
|
|
|
|
oembed[:html] = Sanitize.fragment(oembed[:html], Sanitize::Config::MASTODON_OEMBED)
|
|
|
|
rescue ArgumentError
|
|
|
|
return not_found
|
|
|
|
end
|
|
|
|
|
|
|
|
render json: oembed
|
2018-05-02 18:58:48 +02:00
|
|
|
end
|
2023-07-13 15:53:03 +02:00
|
|
|
end
|
2020-02-07 15:24:22 +01:00
|
|
|
|
2023-07-13 15:53:03 +02:00
|
|
|
def set_status
|
|
|
|
@status = Status.find(params[:id])
|
|
|
|
authorize @status, :show?
|
|
|
|
rescue Mastodon::NotPermittedError
|
|
|
|
not_found
|
2017-08-31 03:38:35 +02:00
|
|
|
end
|
|
|
|
end
|