From 975e23f96d3c48489a3f9a9c5a8b8a5486ea9bea Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 2 Oct 2025 16:20:46 +0200 Subject: [PATCH] Split `timeline_preview` boolean setting in 4 settings --- .../api/v1/timelines/base_controller.rb | 6 ------ .../api/v1/timelines/home_controller.rb | 4 ++-- .../api/v1/timelines/link_controller.rb | 2 +- .../api/v1/timelines/public_controller.rb | 11 ++++++++++ .../api/v1/timelines/tag_controller.rb | 6 +----- .../api/v1/timelines/topic_controller.rb | 17 +++++++++++++++ config/settings.yml | 5 ++++- ...140103_migrate_timeline_preview_setting.rb | 21 +++++++++++++++++++ db/schema.rb | 2 +- 9 files changed, 58 insertions(+), 16 deletions(-) create mode 100644 app/controllers/api/v1/timelines/topic_controller.rb create mode 100644 db/migrate/20251002140103_migrate_timeline_preview_setting.rb diff --git a/app/controllers/api/v1/timelines/base_controller.rb b/app/controllers/api/v1/timelines/base_controller.rb index 1dba4a5bb21..e79eba79ee5 100644 --- a/app/controllers/api/v1/timelines/base_controller.rb +++ b/app/controllers/api/v1/timelines/base_controller.rb @@ -3,14 +3,8 @@ class Api::V1::Timelines::BaseController < Api::BaseController after_action :insert_pagination_headers, unless: -> { @statuses.empty? } - before_action :require_user!, if: :require_auth? - private - def require_auth? - !Setting.timeline_preview - end - def pagination_collection @statuses end diff --git a/app/controllers/api/v1/timelines/home_controller.rb b/app/controllers/api/v1/timelines/home_controller.rb index b8384a13687..a07faae7208 100644 --- a/app/controllers/api/v1/timelines/home_controller.rb +++ b/app/controllers/api/v1/timelines/home_controller.rb @@ -3,8 +3,8 @@ class Api::V1::Timelines::HomeController < Api::V1::Timelines::BaseController include AsyncRefreshesConcern - before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: [:show] - before_action :require_user!, only: [:show] + before_action -> { doorkeeper_authorize! :read, :'read:statuses' } + before_action :require_user! PERMITTED_PARAMS = %i(local limit).freeze diff --git a/app/controllers/api/v1/timelines/link_controller.rb b/app/controllers/api/v1/timelines/link_controller.rb index 37ed084f062..9e6ddd69243 100644 --- a/app/controllers/api/v1/timelines/link_controller.rb +++ b/app/controllers/api/v1/timelines/link_controller.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -class Api::V1::Timelines::LinkController < Api::V1::Timelines::BaseController +class Api::V1::Timelines::LinkController < Api::V1::Timelines::TopicController before_action -> { authorize_if_got_token! :read, :'read:statuses' } before_action :set_preview_card before_action :set_statuses diff --git a/app/controllers/api/v1/timelines/public_controller.rb b/app/controllers/api/v1/timelines/public_controller.rb index 029e8fc2c13..670c3b02b6b 100644 --- a/app/controllers/api/v1/timelines/public_controller.rb +++ b/app/controllers/api/v1/timelines/public_controller.rb @@ -2,6 +2,7 @@ class Api::V1::Timelines::PublicController < Api::V1::Timelines::BaseController before_action -> { authorize_if_got_token! :read, :'read:statuses' } + before_action :require_user!, if: :require_auth? PERMITTED_PARAMS = %i(local remote limit only_media).freeze @@ -13,6 +14,16 @@ class Api::V1::Timelines::PublicController < Api::V1::Timelines::BaseController private + def require_auth? + if truthy_param?(:local) + Setting.local_live_feed_access != 'public' + elsif truthy_param?(:remote) + Setting.remote_live_feed_access != 'public' + else + Setting.local_live_feed_access != 'public' || Setting.remote_live_feed_access != 'public' + end + end + def load_statuses preloaded_public_statuses_page end diff --git a/app/controllers/api/v1/timelines/tag_controller.rb b/app/controllers/api/v1/timelines/tag_controller.rb index 2b097aab0f8..dc3c6a72157 100644 --- a/app/controllers/api/v1/timelines/tag_controller.rb +++ b/app/controllers/api/v1/timelines/tag_controller.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -class Api::V1::Timelines::TagController < Api::V1::Timelines::BaseController +class Api::V1::Timelines::TagController < Api::V1::Timelines::TopicController before_action -> { authorize_if_got_token! :read, :'read:statuses' } before_action :load_tag @@ -14,10 +14,6 @@ class Api::V1::Timelines::TagController < Api::V1::Timelines::BaseController private - def require_auth? - !Setting.timeline_preview - end - def load_tag @tag = Tag.find_normalized(params[:id]) end diff --git a/app/controllers/api/v1/timelines/topic_controller.rb b/app/controllers/api/v1/timelines/topic_controller.rb new file mode 100644 index 00000000000..6faf54f7083 --- /dev/null +++ b/app/controllers/api/v1/timelines/topic_controller.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class Api::V1::Timelines::TopicController < Api::V1::Timelines::BaseController + before_action :require_user!, if: :require_auth? + + private + + def require_auth? + if truthy_param?(:local) + Setting.local_topic_feed_access != 'public' + elsif truthy_param?(:remote) + Setting.remote_topic_feed_access != 'public' + else + Setting.local_topic_feed_access != 'public' || Setting.remote_topic_feed_access != 'public' + end + end +end diff --git a/config/settings.yml b/config/settings.yml index 7d2f0a00c07..9dfab1bbe79 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -12,7 +12,10 @@ defaults: &defaults registrations_mode: 'none' profile_directory: true closed_registrations_message: '' - timeline_preview: true + local_live_feed_access: 'public' + remote_live_feed_access: 'public' + local_topic_feed_access: 'public' + remote_topic_feed_access: 'public' show_staff_badge: true preview_sensitive_media: false noindex: false diff --git a/db/migrate/20251002140103_migrate_timeline_preview_setting.rb b/db/migrate/20251002140103_migrate_timeline_preview_setting.rb new file mode 100644 index 00000000000..4d180bd8f39 --- /dev/null +++ b/db/migrate/20251002140103_migrate_timeline_preview_setting.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +class MigrateTimelinePreviewSetting < ActiveRecord::Migration[8.0] + class Setting < ApplicationRecord; end + + def up + setting = Setting.find_by(var: 'timeline_preview') + return unless setting.present? && setting.attributes['value'].present? + + value = YAML.safe_load(setting.attributes['value'], permitted_classes: [ActiveSupport::HashWithIndifferentAccess, Symbol]) + + Setting.upsert_all( + %w(local_live_feed_access remote_live_feed_access local_topic_feed_access remote_topic_feed_access).map do |var| + { var: var, value: value ? "--- public\n" : "--- authenticated\n" } + end, + unique_by: :var + ) + end + + def down; end +end diff --git a/db/schema.rb b/db/schema.rb index 78e75f787af..af60a1b11bd 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[8.0].define(version: 2025_09_24_170259) do +ActiveRecord::Schema[8.0].define(version: 2025_10_02_140103) do # These are extensions that must be enabled in order to support this database enable_extension "pg_catalog.plpgsql"