From 6519732045596b1f0b0e83c365db516afba913d9 Mon Sep 17 00:00:00 2001 From: Sean King Date: Wed, 25 Aug 2021 21:01:04 -0600 Subject: [PATCH] GET /api/v1/apps endpoint --- .../web/api_spec/operations/app_operation.ex | 39 +++++++++++++++++++ .../controllers/app_controller.ex | 10 +++++ .../web/mastodon_api/views/app_view.ex | 4 ++ lib/pleroma/web/o_auth/app.ex | 9 +++++ lib/pleroma/web/router.ex | 2 + .../20210818023112_add_user_id_to_apps.exs | 9 +++++ 6 files changed, 73 insertions(+) create mode 100644 priv/repo/migrations/20210818023112_add_user_id_to_apps.exs diff --git a/lib/pleroma/web/api_spec/operations/app_operation.ex b/lib/pleroma/web/api_spec/operations/app_operation.ex index dfb1c7170..72032a4e0 100644 --- a/lib/pleroma/web/api_spec/operations/app_operation.ex +++ b/lib/pleroma/web/api_spec/operations/app_operation.ex @@ -13,6 +13,19 @@ def open_api_operation(action) do apply(__MODULE__, operation, []) end + @spec index_operation() :: Operation.t() + def index_operation do + %Operation{ + tags: ["Applications"], + summary: "List applications", + description: "List the OAuth applications for the current user", + operationId: "AppController.index", + responses: %{ + 200 => Operation.response("App", "application/json", index_response()), + } + } + end + @spec create_operation() :: Operation.t() def create_operation do %Operation{ @@ -145,4 +158,30 @@ defp create_response do } } end + + defp index_response do + %Schema{ + title: "AppIndexResponse", + description: "Response schema for GET /api/v1/apps", + type: :object, + properties: [%{ + id: %Schema{type: :string}, + name: %Schema{type: :string}, + client_id: %Schema{type: :string}, + client_secret: %Schema{type: :string}, + redirect_uri: %Schema{type: :string}, + vapid_key: %Schema{type: :string}, + website: %Schema{type: :string, nullable: true} + }], + example: [%{ + "id" => "123", + "name" => "My App", + "client_id" => "TWhM-tNSuncnqN7DBJmoyeLnk6K3iJJ71KKXxgL1hPM", + "client_secret" => "ZEaFUFmF0umgBX1qKJDjaU99Q31lDkOU8NutzTOoliw", + "vapid_key" => + "BCk-QqERU0q-CfYZjcuB6lnyyOYfJ2AifKqfeGIm7Z-HiTU5T9eTG5GxVA0_OH5mMlI4UkkDTpaZwozy0TzdZ2M=", + "website" => "https://myapp.com/" + }] + } + end end diff --git a/lib/pleroma/web/mastodon_api/controllers/app_controller.ex b/lib/pleroma/web/mastodon_api/controllers/app_controller.ex index a95cc52fd..38073c29a 100644 --- a/lib/pleroma/web/mastodon_api/controllers/app_controller.ex +++ b/lib/pleroma/web/mastodon_api/controllers/app_controller.ex @@ -14,17 +14,27 @@ defmodule Pleroma.Web.MastodonAPI.AppController do alias Pleroma.Web.OAuth.App alias Pleroma.Web.OAuth.Scopes alias Pleroma.Web.OAuth.Token + alias Pleroma.Web.Plugs.OAuthScopesPlug action_fallback(Pleroma.Web.MastodonAPI.FallbackController) plug(:skip_auth when action in [:create, :verify_credentials]) + plug(:skip_plug, OAuthScopesPlug when action in [:index]) + plug(Pleroma.Web.ApiSpec.CastAndValidate) @local_mastodon_name "Mastodon-Local" defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.AppOperation + @doc "GET /api/v1/apps" + def index(%{assigns: %{user: user}} = conn, _params) do + with apps <- App.get_user_apps(user) do + render(conn, "index.json", %{apps: apps}) + end + end + @doc "POST /api/v1/apps" def create(%{body_params: params} = conn, _params) do scopes = Scopes.fetch_scopes(params, ["read"]) diff --git a/lib/pleroma/web/mastodon_api/views/app_view.ex b/lib/pleroma/web/mastodon_api/views/app_view.ex index c406b5a27..450943aee 100644 --- a/lib/pleroma/web/mastodon_api/views/app_view.ex +++ b/lib/pleroma/web/mastodon_api/views/app_view.ex @@ -15,6 +15,10 @@ def render("index.json", %{apps: apps, count: count, page_size: page_size, admin } end + def render("index.json", %{apps: apps}) do + render_many(apps, Pleroma.Web.MastodonAPI.AppView, "show.json") + end + def render("show.json", %{admin: true, app: %App{} = app} = assigns) do "show.json" |> render(Map.delete(assigns, :admin)) diff --git a/lib/pleroma/web/o_auth/app.ex b/lib/pleroma/web/o_auth/app.ex index 382750010..94b0e41f0 100644 --- a/lib/pleroma/web/o_auth/app.ex +++ b/lib/pleroma/web/o_auth/app.ex @@ -7,6 +7,7 @@ defmodule Pleroma.Web.OAuth.App do import Ecto.Changeset import Ecto.Query alias Pleroma.Repo + alias Pleroma.User @type t :: %__MODULE__{} @@ -19,6 +20,8 @@ defmodule Pleroma.Web.OAuth.App do field(:client_secret, :string) field(:trusted, :boolean, default: false) + belongs_to(:user, User, type: FlakeId.Ecto.CompatType) + has_many(:oauth_authorizations, Pleroma.Web.OAuth.Authorization, on_delete: :delete_all) has_many(:oauth_tokens, Pleroma.Web.OAuth.Token, on_delete: :delete_all) @@ -129,6 +132,12 @@ def search(params) do {:ok, Repo.all(query), count} end + @spec get_user_apps(User.t()) :: {:ok, [t()], non_neg_integer()} + def get_user_apps(%User{id: user_id}) do + from(a in __MODULE__, where: a.user_id == ^user_id) + |> Repo.all() + end + @spec destroy(pos_integer()) :: {:ok, t()} | {:error, Ecto.Changeset.t()} def destroy(id) do with %__MODULE__{} = app <- Repo.get(__MODULE__, id) do diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 74ee23c06..904439564 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -444,6 +444,8 @@ defmodule Pleroma.Web.Router do scope "/api/v1", Pleroma.Web.MastodonAPI do pipe_through(:authenticated_api) + get("/apps", AppController, :index) + get("/accounts/verify_credentials", AccountController, :verify_credentials) patch("/accounts/update_credentials", AccountController, :update_credentials) diff --git a/priv/repo/migrations/20210818023112_add_user_id_to_apps.exs b/priv/repo/migrations/20210818023112_add_user_id_to_apps.exs new file mode 100644 index 000000000..39e7fbef5 --- /dev/null +++ b/priv/repo/migrations/20210818023112_add_user_id_to_apps.exs @@ -0,0 +1,9 @@ +defmodule Pleroma.Repo.Migrations.AddUserIdToApps do + use Ecto.Migration + + def change do + alter table(:apps) do + add(:user_id, references(:users, type: :uuid, on_delete: :delete_all)) + end + end +end