~cytrogen/masto-fe

ref: d9adda1a991dde52949489208c948b0502af8a3f masto-fe/app/controllers/api/web/embeds_controller.rb -rw-r--r-- 848 bytes
d9adda1a — Claire Merge commit '71db616fed817893d0efa363f0e7dbfcf23866a0' into glitch-soc/merge-upstream 2 years ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36

# frozen_string_literal: true

class Api::Web::EmbedsController < Api::Web::BaseController
  include Authorization

  before_action :set_status

  def show
    return not_found if @status.hidden?

    if @status.local?
      render json: @status, serializer: OEmbedSerializer, width: 400
    else
      return not_found unless user_signed_in?

      url = ActivityPub::TagManager.instance.url_for(@status)
      oembed = FetchOEmbedService.new.call(url)
      return not_found if oembed.nil?

      begin
        oembed[:html] = Sanitize.fragment(oembed[:html], Sanitize::Config::MASTODON_OEMBED)
      rescue ArgumentError
        return not_found
      end

      render json: oembed
    end
  end

  def set_status
    @status = Status.find(params[:id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
end