Add confirmation when redirecting logged-out requests to permalink (#27792)

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 11:49:19 +01:00 · 2024-01-24 11:49:19 +01:00 · b19ae521b7
commit b19ae521b7
parent 7a1f087659
9 changed files with 165 additions and 29 deletions
--- a/app/controllers/concerns/web_app_controller_concern.rb
+++ b/app/controllers/concerns/web_app_controller_concern.rb
@ -21,10 +21,19 @@ module WebAppControllerConcern
  def redirect_unauthenticated_to_permalinks!
    return if user_signed_in? && current_account.moved_to_account_id.nil?

-    redirect_path = PermalinkRedirector.new(request.path).redirect_path
-    return if redirect_path.blank?
+    permalink_redirector = PermalinkRedirector.new(request.path)
+    return if permalink_redirector.redirect_path.blank?

    expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
-    redirect_to(redirect_path)
+
+    respond_to do |format|
+      format.html do
+        redirect_to(permalink_redirector.redirect_confirmation_path, allow_other_host: false)
+      end
+
+      format.json do
+        redirect_to(permalink_redirector.redirect_uri, allow_other_host: true)
+      end
+    end
  end
 end
--- a/app/controllers/redirect/accounts_controller.rb
+++ b/app/controllers/redirect/accounts_controller.rb
@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+class Redirect::AccountsController < ApplicationController
+  private
+
+  def set_resource
+    @resource = Account.find(params[:id])
+    not_found if @resource.local?
+  end
+end
--- a/app/controllers/redirect/base_controller.rb
+++ b/app/controllers/redirect/base_controller.rb
@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+class Redirect::BaseController < ApplicationController
+  vary_by 'Accept-Language'
+
+  before_action :set_resource
+  before_action :set_app_body_class
+
+  def show
+    @redirect_path = ActivityPub::TagManager.instance.url_for(@resource)
+
+    render 'redirects/show', layout: 'application'
+  end
+
+  private
+
+  def set_app_body_class
+    @body_classes = 'app-body'
+  end
+
+  def set_resource
+    raise NotImplementedError
+  end
+end
--- a/app/controllers/redirect/statuses_controller.rb
+++ b/app/controllers/redirect/statuses_controller.rb
@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+class Redirect::StatusesController < Redirect::BaseController
+  private
+
+  def set_resource
+    @resource = Status.find(params[:id])
+    not_found if @resource.local? || !@resource.distributable?
+  end
+end