From 4dc517a0bb979793c1c2590d38efe853c68eb80c Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sat, 9 Sep 2017 13:56:51 +0200 Subject: [PATCH] Add deletion to masto api. --- lib/pleroma/web/common_api/common_api.ex | 13 +++++++++ .../mastodon_api/mastodon_api_controller.ex | 12 ++++++++ lib/pleroma/web/router.ex | 1 + .../web/twitter_api/twitter_api_controller.ex | 6 ++-- .../mastodon_api_controller_test.exs | 28 +++++++++++++++++++ 5 files changed, 56 insertions(+), 4 deletions(-) create mode 100644 lib/pleroma/web/common_api/common_api.ex diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex new file mode 100644 index 0000000000..a894ac9c1c --- /dev/null +++ b/lib/pleroma/web/common_api/common_api.ex @@ -0,0 +1,13 @@ +defmodule Pleroma.Web.CommonAPI do + alias Pleroma.{Repo, Activity, Object} + alias Pleroma.Web.ActivityPub.ActivityPub + + def delete(activity_id, user) do + with %Activity{data: %{"object" => %{"id" => object_id}}} <- Repo.get(Activity, activity_id), + %Object{} = object <- Object.get_by_ap_id(object_id), + true <- user.ap_id == object.data["actor"], + {:ok, delete} <- ActivityPub.delete(object) do + {:ok, delete} + end + end +end diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 3a568cf2b2..af62c3df09 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -6,6 +6,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do alias Pleroma.Web.MastodonAPI.{StatusView, AccountView} alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.TwitterAPI.TwitterAPI + alias Pleroma.Web.CommonAPI def create_app(conn, params) do with cs <- App.register_changeset(%App{}, params) |> IO.inspect, @@ -68,4 +69,15 @@ def post_status(%{assigns: %{user: user}} = conn, %{"status" => status} = params render conn, StatusView, "status.json", %{activity: activity, for: user, as: :activity} end end + + def delete_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do + with {:ok, %Activity{}} <- CommonAPI.delete(id, user) do + json(conn, %{}) + else + _e -> + conn + |> put_status(403) + |> json(%{error: "Can't delete this post"}) + end + end end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 46cbf4e4e1..d3cae62011 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -56,6 +56,7 @@ def user_fetcher(username) do get "/timelines/home", MastodonAPIController, :home_timeline post "/statuses", MastodonAPIController, :post_status + delete "/statuses/:id", MastodonAPIController, :delete_status end scope "/api", Pleroma.Web do diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 3ec54616a7..5e0b9ea0aa 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -2,6 +2,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do use Pleroma.Web, :controller alias Pleroma.Web.TwitterAPI.{TwitterAPI, UserView} alias Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter + alias Pleroma.Web.CommonAPI alias Pleroma.{Repo, Activity, User, Object} alias Pleroma.Web.ActivityPub.ActivityPub alias Ecto.Changeset @@ -95,10 +96,7 @@ def follow(%{assigns: %{user: user}} = conn, params) do end def delete_post(%{assigns: %{user: user}} = conn, %{"id" => id}) do - with %Activity{data: %{"object" => %{"id" => object_id}}} <- Repo.get(Activity, id), - %Object{} = object <- Object.get_by_ap_id(object_id), - true <- user.ap_id == object.data["actor"], - {:ok, delete} <- ActivityPub.delete(object) |> IO.inspect do + with {:ok, delete} <- CommonAPI.delete(id, user) do json = ActivityRepresenter.to_json(delete, %{user: user, for: user}) conn |> json_reply(200, json) diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index a3692c9a05..d781af675c 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -93,4 +93,32 @@ test "get a status", %{conn: conn} do assert %{"id" => id} = json_response(conn, 200) assert id == activity.id end + + describe "deleting a status" do + test "when you created it", %{conn: conn} do + activity = insert(:note_activity) + author = User.get_by_ap_id(activity.data["actor"]) + + conn = conn + |> assign(:user, author) + |> delete("/api/v1/statuses/#{activity.id}") + + assert %{} = json_response(conn, 200) + + assert Repo.get(Activity, activity.id) == nil + end + + test "when you didn't create it", %{conn: conn} do + activity = insert(:note_activity) + user = insert(:user) + + conn = conn + |> assign(:user, user) + |> delete("/api/v1/statuses/#{activity.id}") + + assert %{"error" => _} = json_response(conn, 403) + + assert Repo.get(Activity, activity.id) == activity + end + end end