Merge branch 'cycles-plug-deps' into 'develop'

Refactor skipped plugs into Pleroma.Web functions

See merge request pleroma/pleroma!3463
This commit is contained in:
Haelwenn 2021-06-09 02:20:00 +00:00
commit 53cf801c30
13 changed files with 22 additions and 57 deletions

View File

@ -62,6 +62,14 @@ defp skip_plug(conn, plug_modules) do
)
end
defp skip_auth(conn, _) do
skip_plug(conn, [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug])
end
defp skip_public_check(conn, _) do
skip_plug(conn, EnsurePublicOrAuthenticatedPlug)
end
# Executed just before actual controller action, invokes before-action hooks (callbacks)
defp action(conn, params) do
with %{halted: false} = conn <-

View File

@ -8,13 +8,12 @@ defmodule Pleroma.Web.MastoFEController do
alias Pleroma.User
alias Pleroma.Web.MastodonAPI.AuthController
alias Pleroma.Web.OAuth.Token
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Web.Plugs.OAuthScopesPlug
plug(OAuthScopesPlug, %{scopes: ["write:accounts"]} when action == :put_settings)
# Note: :index action handles attempt of unauthenticated access to private instance with redirect
plug(:skip_plug, EnsurePublicOrAuthenticatedPlug when action == :index)
plug(:skip_public_check when action == :index)
plug(
OAuthScopesPlug,
@ -22,10 +21,7 @@ defmodule Pleroma.Web.MastoFEController do
when action == :index
)
plug(
:skip_plug,
[OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug] when action == :manifest
)
plug(:skip_auth when action == :manifest)
@doc "GET /web/*path"
def index(conn, _params) do

View File

@ -24,7 +24,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
alias Pleroma.Web.MastodonAPI.MastodonAPIController
alias Pleroma.Web.MastodonAPI.StatusView
alias Pleroma.Web.OAuth.OAuthController
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Web.Plugs.OAuthScopesPlug
alias Pleroma.Web.Plugs.RateLimiter
alias Pleroma.Web.TwitterAPI.TwitterAPI
@ -32,9 +31,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
plug(Pleroma.Web.ApiSpec.CastAndValidate)
plug(:skip_plug, [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug] when action == :create)
plug(:skip_auth when action == :create)
plug(:skip_plug, EnsurePublicOrAuthenticatedPlug when action in [:show, :statuses])
plug(:skip_public_check when action in [:show, :statuses])
plug(
OAuthScopesPlug,

View File

@ -14,16 +14,10 @@ defmodule Pleroma.Web.MastodonAPI.AppController do
alias Pleroma.Web.OAuth.App
alias Pleroma.Web.OAuth.Scopes
alias Pleroma.Web.OAuth.Token
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Web.Plugs.OAuthScopesPlug
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
plug(
:skip_plug,
[OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug]
when action in [:create, :verify_credentials]
)
plug(:skip_auth when action in [:create, :verify_credentials])
plug(Pleroma.Web.ApiSpec.CastAndValidate)

View File

@ -7,11 +7,7 @@ defmodule Pleroma.Web.MastodonAPI.CustomEmojiController do
plug(Pleroma.Web.ApiSpec.CastAndValidate)
plug(
:skip_plug,
[Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
when action == :index
)
plug(:skip_auth when action == :index)
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.CustomEmojiOperation

View File

@ -7,11 +7,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceController do
plug(Pleroma.Web.ApiSpec.CastAndValidate)
plug(
:skip_plug,
[Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
when action in [:show, :peers]
)
plug(:skip_auth when action in [:show, :peers])
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.InstanceOperation

View File

@ -15,11 +15,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
require Logger
plug(
:skip_plug,
[Pleroma.Web.Plugs.OAuthScopesPlug, Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug]
when action in [:empty_array, :empty_object]
)
plug(:skip_auth when action in [:empty_array, :empty_object])
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)

View File

@ -27,10 +27,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusController do
plug(Pleroma.Web.ApiSpec.CastAndValidate)
plug(
:skip_plug,
Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug when action in [:index, :show]
)
plug(:skip_public_check when action in [:index, :show])
@unauthenticated_access %{fallback: :proceed_unauthenticated, scopes: []}

View File

@ -12,12 +12,11 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
alias Pleroma.Pagination
alias Pleroma.User
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Web.Plugs.OAuthScopesPlug
alias Pleroma.Web.Plugs.RateLimiter
plug(Pleroma.Web.ApiSpec.CastAndValidate)
plug(:skip_plug, EnsurePublicOrAuthenticatedPlug when action in [:public, :hashtag])
plug(:skip_public_check when action in [:public, :hashtag])
# TODO: Replace with a macro when there is a Phoenix release with the following commit in it:
# https://github.com/phoenixframework/phoenix/commit/2e8c63c01fec4dde5467dbbbf9705ff9e780735e

View File

@ -32,10 +32,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
plug(:fetch_session)
plug(:fetch_flash)
plug(:skip_plug, [
Pleroma.Web.Plugs.OAuthScopesPlug,
Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
])
plug(:skip_auth)
plug(RateLimiter, [name: :authentication] when action == :create_authorization)

View File

@ -11,7 +11,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
alias Pleroma.User
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.MastodonAPI.StatusView
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Web.Plugs.OAuthScopesPlug
alias Pleroma.Web.Plugs.RateLimiter
@ -29,10 +28,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
plug(Pleroma.Web.ApiSpec.CastAndValidate)
plug(
:skip_plug,
[OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug] when action == :confirmation_resend
)
plug(:skip_auth when action == :confirmation_resend)
plug(
OAuthScopesPlug,

View File

@ -22,11 +22,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackController do
]
)
@skip_plugs [
Pleroma.Web.Plugs.OAuthScopesPlug,
Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
]
plug(:skip_plug, @skip_plugs when action in [:index, :archive, :show])
plug(:skip_auth when action in [:index, :archive, :show])
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.PleromaEmojiPackOperation

View File

@ -7,17 +7,12 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
alias Pleroma.User
alias Pleroma.Web.OAuth.Token
alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
alias Pleroma.Web.Plugs.OAuthScopesPlug
alias Pleroma.Web.TwitterAPI.TokenView
require Logger
plug(
:skip_plug,
[OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug] when action == :confirm_email
)
plug(:skip_auth when action == :confirm_email)
plug(:skip_plug, OAuthScopesPlug when action in [:oauth_tokens, :revoke_token])
action_fallback(:errors)