mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2024-11-27 06:06:38 +00:00
17eecfb6d9
* basic rendered domain blocklist (unauthenticated!) * style basic domain block list * better formatting for domain blocklist * add opt-in config option for showing suspended domains * format/linter * re-use InstancePeersGet for web-accessible domain blocklist * reword explanation, border styling * always attach blocklist handler, update error message * domain blocklist error message grammar
162 lines
5.4 KiB
Go
162 lines
5.4 KiB
Go
/*
|
|
GoToSocial
|
|
Copyright (C) 2021-2023 GoToSocial Authors admin@gotosocial.org
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
package instance
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
|
|
apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
|
|
"github.com/superseriousbusiness/gotosocial/internal/config"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtserror"
|
|
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// InstancePeersGETHandler swagger:operation GET /api/v1/instance/peers instancePeersGet
|
|
//
|
|
// ---
|
|
// tags:
|
|
// - instance
|
|
//
|
|
// produces:
|
|
// - application/json
|
|
//
|
|
// parameters:
|
|
// -
|
|
// name: filter
|
|
// type: string
|
|
// description: |-
|
|
// Comma-separated list of filters to apply to results. Recognized filters are:
|
|
// - `open` -- include peers that are not suspended or silenced
|
|
// - `suspended` -- include peers that have been suspended.
|
|
//
|
|
// If filter is `open`, only instances that haven't been suspended or silenced will be returned.
|
|
//
|
|
// If filter is `suspended`, only suspended instances will be shown.
|
|
//
|
|
// If filter is `open,suspended`, then all known instances will be returned.
|
|
//
|
|
// If filter is an empty string or not set, then `open` will be assumed as the default.
|
|
// in: query
|
|
// required: false
|
|
// default: "open"
|
|
//
|
|
// responses:
|
|
// '200':
|
|
// description: >-
|
|
// If no filter parameter is provided, or filter is empty, then a legacy,
|
|
// Mastodon-API compatible response will be returned. This will consist of
|
|
// just a 'flat' array of strings like `["example.com", "example.org"]`,
|
|
// which corresponds to domains this instance peers with.
|
|
//
|
|
//
|
|
// If a filter parameter is provided, then an array of objects with at least
|
|
// a `domain` key set on each object will be returned.
|
|
//
|
|
//
|
|
// Domains that are silenced or suspended will also have a key
|
|
// `suspended_at` or `silenced_at` that contains an iso8601 date string.
|
|
// If one of these keys is not present on the domain object, it is open.
|
|
// Suspended instances may in some cases be obfuscated, which means they
|
|
// will have some letters replaced by `*` to make it more difficult for
|
|
// bad actors to target instances with harassment.
|
|
//
|
|
//
|
|
// Whether a flat response or a more detailed response is returned, domains
|
|
// will be sorted alphabetically by hostname.
|
|
// schema:
|
|
// type: array
|
|
// items:
|
|
// "$ref": "#/definitions/domain"
|
|
// '400':
|
|
// description: bad request
|
|
// '401':
|
|
// description: unauthorized
|
|
// '403':
|
|
// description: forbidden
|
|
// '404':
|
|
// description: not found
|
|
// '406':
|
|
// description: not acceptable
|
|
// '500':
|
|
// description: internal server error
|
|
func (m *Module) InstancePeersGETHandler(c *gin.Context) {
|
|
authed, err := oauth.Authed(c, false, false, false, false)
|
|
if err != nil {
|
|
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
var isUnauthenticated = authed.Account == nil || authed.User == nil
|
|
|
|
if _, err := apiutil.NegotiateAccept(c, apiutil.JSONAcceptHeaders...); err != nil {
|
|
apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
var includeSuspended bool
|
|
var includeOpen bool
|
|
var flat bool
|
|
if filterParam := c.Query(PeersFilterKey); filterParam != "" {
|
|
filters := strings.Split(filterParam, ",")
|
|
for _, f := range filters {
|
|
trimmed := strings.TrimSpace(f)
|
|
switch {
|
|
case strings.EqualFold(trimmed, "suspended"):
|
|
includeSuspended = true
|
|
case strings.EqualFold(trimmed, "open"):
|
|
includeOpen = true
|
|
default:
|
|
err := fmt.Errorf("filter %s not recognized; accepted values are 'open', 'suspended'", trimmed)
|
|
apiutil.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
}
|
|
} else {
|
|
// default is to only include open domains, and present
|
|
// them in a 'flat' manner (just an array of strings),
|
|
// to maintain compatibility with mastodon API
|
|
includeOpen = true
|
|
flat = true
|
|
}
|
|
|
|
if includeOpen && !config.GetInstanceExposePeers() && isUnauthenticated {
|
|
err := fmt.Errorf("peers open query requires an authenticated account/user")
|
|
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
if includeSuspended && !config.GetInstanceExposeSuspended() && isUnauthenticated {
|
|
err := fmt.Errorf("peers suspended query requires an authenticated account/user")
|
|
apiutil.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
data, errWithCode := m.processor.InstancePeersGet(c.Request.Context(), includeSuspended, includeOpen, flat)
|
|
if errWithCode != nil {
|
|
apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGet)
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, data)
|
|
}
|