Merge remote-tracking branch 'upstream/main'

app/controllers/api/v1/accounts/credentials_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class Api::V1::Accounts::CredentialsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:accounts', :'read:me' }, except: [:update]
+  before_action -> { doorkeeper_authorize! :profile, :read, :'read:accounts' }, except: [:update]
   before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, only: [:update]
   before_action :require_user!
 

app/controllers/api/v1/accounts/follower_accounts_controller.rb

@@ -60,8 +60,4 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
   def records_continue?
     @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/accounts/following_accounts_controller.rb

@@ -60,8 +60,4 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
   def records_continue?
     @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/admin/canonical_email_blocks_controller.rb

@@ -16,8 +16,6 @@ class Api::V1::Admin::CanonicalEmailBlocksController < Api::BaseController
   after_action :verify_authorized
   after_action :insert_pagination_headers, only: :index
 
-  PAGINATION_PARAMS = %i(limit).freeze
-
   def index
     authorize :canonical_email_block, :index?
     render json: @canonical_email_blocks, each_serializer: REST::Admin::CanonicalEmailBlockSerializer
@@ -80,8 +78,4 @@ class Api::V1::Admin::CanonicalEmailBlocksController < Api::BaseController
   def records_continue?
     @canonical_email_blocks.size == limit_param(LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
 end

app/controllers/api/v1/admin/domain_allows_controller.rb

@@ -14,8 +14,6 @@ class Api::V1::Admin::DomainAllowsController < Api::BaseController
   after_action :verify_authorized
   after_action :insert_pagination_headers, only: :index
 
-  PAGINATION_PARAMS = %i(limit).freeze
-
   def index
     authorize :domain_allow, :index?
     render json: @domain_allows, each_serializer: REST::Admin::DomainAllowSerializer
@@ -77,10 +75,6 @@ class Api::V1::Admin::DomainAllowsController < Api::BaseController
     @domain_allows.size == limit_param(LIMIT)
   end
 
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
-
   def resource_params
     params.permit(:domain)
   end

app/controllers/api/v1/admin/domain_blocks_controller.rb

@@ -14,8 +14,6 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
   after_action :verify_authorized
   after_action :insert_pagination_headers, only: :index
 
-  PAGINATION_PARAMS = %i(limit).freeze
-
   def index
     authorize :domain_block, :index?
     render json: @domain_blocks, each_serializer: REST::Admin::DomainBlockSerializer
@@ -93,10 +91,6 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
     @domain_blocks.size == limit_param(LIMIT)
   end
 
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
-
   def resource_params
     params.permit(:domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate)
   end

app/controllers/api/v1/admin/email_domain_blocks_controller.rb

@@ -14,10 +14,6 @@ class Api::V1::Admin::EmailDomainBlocksController < Api::BaseController
   after_action :verify_authorized
   after_action :insert_pagination_headers, only: :index
 
-  PAGINATION_PARAMS = %i(
-    limit
-  ).freeze
-
   def index
     authorize :email_domain_block, :index?
     render json: @email_domain_blocks, each_serializer: REST::Admin::EmailDomainBlockSerializer
@@ -73,8 +69,4 @@ class Api::V1::Admin::EmailDomainBlocksController < Api::BaseController
   def records_continue?
     @email_domain_blocks.size == limit_param(LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
 end

app/controllers/api/v1/admin/ip_blocks_controller.rb

@@ -14,10 +14,6 @@ class Api::V1::Admin::IpBlocksController < Api::BaseController
   after_action :verify_authorized
   after_action :insert_pagination_headers, only: :index
 
-  PAGINATION_PARAMS = %i(
-    limit
-  ).freeze
-
   def index
     authorize :ip_block, :index?
     render json: @ip_blocks, each_serializer: REST::Admin::IpBlockSerializer
@@ -78,8 +74,4 @@ class Api::V1::Admin::IpBlocksController < Api::BaseController
   def records_continue?
     @ip_blocks.size == limit_param(LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
 end

app/controllers/api/v1/admin/tags_controller.rb

@@ -12,7 +12,6 @@ class Api::V1::Admin::TagsController < Api::BaseController
   after_action :verify_authorized
 
   LIMIT = 100
-  PAGINATION_PARAMS = %i(limit).freeze
 
   def index
     authorize :tag, :index?
@@ -59,8 +58,4 @@ class Api::V1::Admin::TagsController < Api::BaseController
   def records_continue?
     @tags.size == limit_param(LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
 end

app/controllers/api/v1/admin/trends/links/preview_card_providers_controller.rb

@@ -12,8 +12,6 @@ class Api::V1::Admin::Trends::Links::PreviewCardProvidersController < Api::BaseC
   after_action :verify_authorized
   after_action :insert_pagination_headers, only: :index
 
-  PAGINATION_PARAMS = %i(limit).freeze
-
   def index
     authorize :preview_card_provider, :index?
 
@@ -57,8 +55,4 @@ class Api::V1::Admin::Trends::Links::PreviewCardProvidersController < Api::BaseC
   def records_continue?
     @providers.size == limit_param(LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
 end

app/controllers/api/v1/blocks_controller.rb

@@ -43,8 +43,4 @@ class Api::V1::BlocksController < Api::BaseController
   def records_continue?
     paginated_blocks.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/bookmarks_controller.rb

@@ -46,8 +46,4 @@ class Api::V1::BookmarksController < Api::BaseController
   def records_continue?
     results.size == limit_param(DEFAULT_STATUSES_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/conversations_controller.rb

@@ -72,8 +72,4 @@ class Api::V1::ConversationsController < Api::BaseController
   def records_continue?
     @conversations.size == limit_param(LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/crypto/encrypted_messages_controller.rb

@@ -44,8 +44,4 @@ class Api::V1::Crypto::EncryptedMessagesController < Api::BaseController
   def records_continue?
     @encrypted_messages.size == limit_param(LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/domain_blocks_controller.rb

@@ -54,10 +54,6 @@ class Api::V1::DomainBlocksController < Api::BaseController
     @blocks.size == limit_param(BLOCK_LIMIT)
   end
 
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-
   def domain_block_params
     params.permit(:domain)
   end

app/controllers/api/v1/endorsements_controller.rb

@@ -48,10 +48,6 @@ class Api::V1::EndorsementsController < Api::BaseController
     @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
 
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-
   def unlimited?
     params[:limit] == '0'
   end

app/controllers/api/v1/favourites_controller.rb

@@ -46,8 +46,4 @@ class Api::V1::FavouritesController < Api::BaseController
   def records_continue?
     results.size == limit_param(DEFAULT_STATUSES_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/follow_requests_controller.rb

@@ -67,8 +67,4 @@ class Api::V1::FollowRequestsController < Api::BaseController
   def records_continue?
     @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/followed_tags_controller.rb

@@ -37,8 +37,4 @@ class Api::V1::FollowedTagsController < Api::BaseController
   def records_continue?
     @results.size == limit_param(TAGS_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/instances/extended_descriptions_controller.rb

@@ -5,7 +5,7 @@ class Api::V1::Instances::ExtendedDescriptionsController < Api::V1::Instances::B
 
   before_action :set_extended_description
 
-  # Override `current_user` to avoid reading session cookies unless in whitelist mode
+  # Override `current_user` to avoid reading session cookies unless in limited federation mode
   def current_user
     super if limited_federation_mode?
   end

app/controllers/api/v1/instances/peers_controller.rb

@@ -5,7 +5,7 @@ class Api::V1::Instances::PeersController < Api::V1::Instances::BaseController
 
   skip_around_action :set_locale
 
-  # Override `current_user` to avoid reading session cookies unless in whitelist mode
+  # Override `current_user` to avoid reading session cookies unless in limited federation mode
   def current_user
     super if limited_federation_mode?
   end

app/controllers/api/v1/instances/rules_controller.rb

@@ -5,7 +5,7 @@ class Api::V1::Instances::RulesController < Api::V1::Instances::BaseController
 
   before_action :set_rules
 
-  # Override `current_user` to avoid reading session cookies unless in whitelist mode
+  # Override `current_user` to avoid reading session cookies unless in limited federation mode
   def current_user
     super if limited_federation_mode?
   end

app/controllers/api/v1/instances_controller.rb

@@ -6,7 +6,7 @@ class Api::V1::InstancesController < Api::BaseController
 
   vary_by ''
 
-  # Override `current_user` to avoid reading session cookies unless in whitelist mode
+  # Override `current_user` to avoid reading session cookies unless in limited federation mode
   def current_user
     super if limited_federation_mode?
   end

app/controllers/api/v1/lists/accounts_controller.rb

@@ -75,10 +75,6 @@ class Api::V1::Lists::AccountsController < Api::BaseController
     @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
 
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-
   def unlimited?
     params[:limit] == '0'
   end

app/controllers/api/v1/mutes_controller.rb

@@ -43,8 +43,4 @@ class Api::V1::MutesController < Api::BaseController
   def records_continue?
     paginated_mutes.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/scheduled_statuses_controller.rb

@@ -43,10 +43,6 @@ class Api::V1::ScheduledStatusesController < Api::BaseController
     params.permit(:scheduled_at)
   end
 
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-
   def next_path
     api_v1_scheduled_statuses_url pagination_params(max_id: pagination_max_id) if records_continue?
   end

app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb

@@ -53,8 +53,4 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::V1::Statuses::Bas
   def records_continue?
     @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb

@@ -49,8 +49,4 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::V1::Statuses::Base
   def records_continue?
     @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/statuses_controller.rb

@@ -191,8 +191,4 @@ class Api::V1::StatusesController < Api::BaseController
   def serialized_accounts(accounts)
     ActiveModel::Serializer::CollectionSerializer.new(accounts, serializer: REST::AccountSerializer)
   end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
 end

app/controllers/api/v1/timelines/link_controller.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+class Api::V1::Timelines::LinkController < Api::V1::Timelines::BaseController
+  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: :show, if: :require_auth?
+  before_action :set_preview_card
+  before_action :set_statuses
+
+  PERMITTED_PARAMS = %i(
+    url
+    limit
+  ).freeze
+
+  def show
+    cache_if_unauthenticated!
+    render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
+  end
+
+  private
+
+  def require_auth?
+    !Setting.timeline_preview
+  end
+
+  def set_preview_card
+    @preview_card = PreviewCard.joins(:trend).merge(PreviewCardTrend.allowed).find_by!(url: params[:url])
+  end
+
+  def set_statuses
+    @statuses = @preview_card.nil? ? [] : preload_collection(link_timeline_statuses, Status)
+  end
+
+  def link_timeline_statuses
+    link_feed.get(
+      limit_param(DEFAULT_STATUSES_LIMIT),
+      params[:max_id],
+      params[:since_id],
+      params[:min_id]
+    )
+  end
+
+  def link_feed
+    LinkFeed.new(@preview_card, current_account)
+  end
+
+  def next_path
+    api_v1_timelines_link_url next_path_params
+  end
+
+  def prev_path
+    api_v1_timelines_link_url prev_path_params
+  end
+end

app/controllers/api/v1/trends/links_controller.rb

@@ -34,10 +34,6 @@ class Api::V1::Trends::LinksController < Api::BaseController
     scope
   end
 
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-
   def next_path
     api_v1_trends_links_url pagination_params(offset: offset_param + limit_param(DEFAULT_LINKS_LIMIT)) if records_continue?
   end

app/controllers/api/v1/trends/statuses_controller.rb

@@ -32,10 +32,6 @@ class Api::V1::Trends::StatusesController < Api::BaseController
     scope
   end
 
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-
   def next_path
     api_v1_trends_statuses_url pagination_params(offset: offset_param + limit_param(DEFAULT_STATUSES_LIMIT)) if records_continue?
   end

app/controllers/api/v1/trends/tags_controller.rb

@@ -30,10 +30,6 @@ class Api::V1::Trends::TagsController < Api::BaseController
     Trends.tags.query.allowed
   end
 
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-
   def next_path
     api_v1_trends_tags_url pagination_params(offset: offset_param + limit_param(DEFAULT_TAGS_LIMIT)) if records_continue?
   end

app/controllers/api/v2_alpha/notifications_controller.rb

@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+
+class Api::V2Alpha::NotificationsController < Api::BaseController
+  before_action -> { doorkeeper_authorize! :read, :'read:notifications' }, except: [:clear, :dismiss]
+  before_action -> { doorkeeper_authorize! :write, :'write:notifications' }, only: [:clear, :dismiss]
+  before_action :require_user!
+  after_action :insert_pagination_headers, only: :index
+
+  DEFAULT_NOTIFICATIONS_LIMIT = 40
+
+  def index
+    with_read_replica do
+      @notifications = load_notifications
+      @group_metadata = load_group_metadata
+      @relationships = StatusRelationshipsPresenter.new(target_statuses_from_notifications, current_user&.account_id)
+    end
+
+    render json: @notifications.map { |notification| NotificationGroup.from_notification(notification) }, each_serializer: REST::NotificationGroupSerializer, relationships: @relationships, group_metadata: @group_metadata
+  end
+
+  def show
+    @notification = current_account.notifications.without_suspended.find_by!(group_key: params[:id])
+    render json: NotificationGroup.from_notification(@notification), serializer: REST::NotificationGroupSerializer
+  end
+
+  def clear
+    current_account.notifications.delete_all
+    render_empty
+  end
+
+  def dismiss
+    current_account.notifications.where(group_key: params[:id]).destroy_all
+    render_empty
+  end
+
+  private
+
+  def load_notifications
+    notifications = browserable_account_notifications.includes(from_account: [:account_stat, :user]).to_a_grouped_paginated_by_id(
+      limit_param(DEFAULT_NOTIFICATIONS_LIMIT),
+      params_slice(:max_id, :since_id, :min_id)
+    )
+
+    Notification.preload_cache_collection_target_statuses(notifications) do |target_statuses|
+      preload_collection(target_statuses, Status)
+    end
+  end
+
+  def load_group_metadata
+    return {} if @notifications.empty?
+
+    browserable_account_notifications
+      .where(group_key: @notifications.filter_map(&:group_key))
+      .where(id: (@notifications.last.id)..(@notifications.first.id))
+      .group(:group_key)
+      .pluck(:group_key, 'min(notifications.id) as min_id', 'max(notifications.id) as max_id', 'max(notifications.created_at) as latest_notification_at')
+      .to_h { |group_key, min_id, max_id, latest_notification_at| [group_key, { min_id: min_id, max_id: max_id, latest_notification_at: latest_notification_at }] }
+  end
+
+  def browserable_account_notifications
+    current_account.notifications.without_suspended.browserable(
+      types: Array(browserable_params[:types]),
+      exclude_types: Array(browserable_params[:exclude_types]),
+      include_filtered: truthy_param?(:include_filtered)
+    )
+  end
+
+  def target_statuses_from_notifications
+    @notifications.filter_map(&:target_status)
+  end
+
+  def next_path
+    api_v2_alpha_notifications_url pagination_params(max_id: pagination_max_id) unless @notifications.empty?
+  end
+
+  def prev_path
+    api_v2_alpha_notifications_url pagination_params(min_id: pagination_since_id) unless @notifications.empty?
+  end
+
+  def pagination_collection
+    @notifications
+  end
+
+  def browserable_params
+    params.permit(:include_filtered, types: [], exclude_types: [])
+  end
+
+  def pagination_params(core_params)
+    params.slice(:limit, :types, :exclude_types, :include_filtered).permit(:limit, :include_filtered, types: [], exclude_types: []).merge(core_params)
+  end
+end

app/controllers/concerns/api/pagination.rb

@@ -3,6 +3,8 @@
 module Api::Pagination
   extend ActiveSupport::Concern
 
+  PAGINATION_PARAMS = %i(limit).freeze
+
   protected
 
   def pagination_max_id
@@ -24,6 +26,13 @@ module Api::Pagination
     render json: { error: 'Pagination values for `offset` and `limit` must be positive' }, status: 400 if pagination_options_invalid?
   end
 
+  def pagination_params(core_params)
+    params
+      .slice(*PAGINATION_PARAMS)
+      .permit(*PAGINATION_PARAMS)
+      .merge(core_params)
+  end
+
   private
 
   def insert_pagination_headers

app/controllers/settings/applications_controller.rb

@@ -13,7 +13,7 @@ class Settings::ApplicationsController < Settings::BaseController
   def new
     @application = Doorkeeper::Application.new(
       redirect_uri: Doorkeeper.configuration.native_redirect_uri,
-      scopes: 'read:me'
+      scopes: 'profile'
     )
   end