Added authenticated API methods to block/unblock accounts

* This will also make it discard that accounts in meet timeline
2022-02-18 17:05:33 +01:00 · 2022-02-18 17:05:33 +01:00 · 7ba0468aaa
parent 9d443c94d4
commit 7ba0468aaa
3 changed files with 79 additions and 2 deletions
--- a/api/src/api/accounts.js
+++ b/api/src/api/accounts.js
@ -189,7 +189,7 @@ module.exports = {
 			}
 			await apex.addToOutbox(actor, payload)
 			await apex.store.saveObject(payload)
-			res.json({ result: 1 })
+			return res.json({ result: 1 })
 		}],
 	},
 	unfollow: {
@ -217,7 +217,66 @@ module.exports = {
 			}
 			await apex.addToOutbox(actor, payload)
 			await db.table.objects().deleteOne({ _id: follow._id })
-			res.json({ result: 1 })
+			return res.json({ result: 1 })
+		}],
+	},
+	block: {
+		post: [auth.enforceSession, async (req, res) => {
+			if (!utils.isURLValid(req.query.url))
+				return res.json({ error: 'invalid_url' })
+
+			const block = await db.table.objects().findOne({
+				actor: apID(res.locals.user.username),
+				object: req.query.url,
+				type: 'Block',
+			})
+			if (block !== null)
+				return res.json({ error: 'already_blocked' })
+
+			const actor = await apex.store.getObject(
+				apID(res.locals.user.username), true)
+			const payload = {
+				id: utils.apRandomURL(),
+				type: 'Block',
+				actor: apID(res.locals.user.username),
+				object: req.query.url,
+				to: req.query.url,
+			}
+			await apex.addToOutbox(actor, payload)
+			await apex.store.saveObject(payload)
+			return res.json({ result: 1 })
+		}],
+	},
+	unblock: {
+		post: [auth.enforceSession, async (req, res) => {
+			if (!utils.isURLValid(req.query.url))
+				return res.json({ error: 'invalid_url' })
+
+			const block = await db.table.objects().findOne({
+				actor: apID(res.locals.user.username),
+				object: req.query.url,
+				type: 'Block',
+			})
+			if (block === null)
+				return res.json({ error: 'not_blocked' })
+
+			const actor = await apex.store.getObject(
+				apID(res.locals.user.username), true)
+			const payload = {
+				id: utils.apRandomURL(),
+				type: 'Undo',
+				actor: apID(res.locals.user.username),
+				to: req.query.url,
+				object: {
+					id: block.id,
+					type: 'Block',
+					actor: apID(res.locals.user.username),
+					object: req.query.url,
+				},
+			}
+			await apex.addToOutbox(actor, payload)
+			await db.table.objects().deleteOne({ _id: block._id })
+			return res.json({ result: 1 })
 		}],
 	},
 }
--- a/api/src/api/feed.js
+++ b/api/src/api/feed.js
@ -11,6 +11,22 @@ module.exports = {
 			var filter = { type: 'Note', inReplyTo: undefined }
 			if (req.query.skip !== undefined)
 				filter._id = { $lt: utils.mongo.getID(req.query.skip) }
+
+			const blocks = await db.table.objects().find({
+				actor: apID(res.locals.user.username),
+				type: 'Block',
+			}).toArray()
+			if (blocks !== null && blocks.length > 0) {
+				var urlblocks = []
+				for (var i = 0; i < blocks.length; i++) {
+					const block = blocks[i]
+					if (!urlblocks.includes(block.object))
+						urlblocks.push(block.object)
+				}
+				if (urlblocks.length > 0)
+					filter['attributedTo'] = { $nin : urlblocks }
+			}
+
 			const notes = await db.table.objects()
 				.find(filter)
 				.sort({ _id: -1 })
--- a/api/src/server.js
+++ b/api/src/server.js
@ -70,6 +70,8 @@ app.on('apex-inbox', activity.federation.inbox)
 /* GET  */ app.route(api.v1('/me/pending_follows')).get(api.me.pending_follows.get)
 /* POST */ app.route(api.v1('/accounts/follow')).post(api.accounts.follow.post)
 /* POST */ app.route(api.v1('/accounts/unfollow')).post(api.accounts.unfollow.post)
+/* POST */ app.route(api.v1('/accounts/block')).post(api.accounts.block.post)
+/* POST */ app.route(api.v1('/accounts/unblock')).post(api.accounts.unblock.post)
 /* GET  */ app.route(api.v1('/instance/emojis')).get(api.instance.emojis.get)

 // initialize