Merge 320ebcebc7 into e126cfc76d

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

Gemfile.lock

@@ -324,7 +324,7 @@ GEM
       rainbow (>= 2.0.0)
     i18n (1.14.7)
       concurrent-ruby (~> 1.0)
-    i18n-tasks (1.1.1)
+    i18n-tasks (1.1.2)
       activesupport (>= 4.0.2)
       ast (>= 2.1.0)
       erubi

app/controllers/api/v1/push/subscriptions_controller.rb

@@ -1,16 +1,19 @@
 # frozen_string_literal: true
 
 class Api::V1::Push::SubscriptionsController < Api::BaseController
+  include DeprecationConcern
   include Redisable
   include Lockable
 
+  deprecate_api '2026-12-31'
+
   before_action -> { doorkeeper_authorize! :push }
   before_action :require_user!
   before_action :set_push_subscription, only: [:show, :update]
   before_action :check_push_subscription, only: [:show, :update]
 
   def show
-    render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
+    render json: @push_subscription, serializer: REST::WebPushSubscriptionV1Serializer
   end
 
   def create
@@ -19,12 +22,12 @@ class Api::V1::Push::SubscriptionsController < Api::BaseController
       @push_subscription = Web::PushSubscription.create!(web_push_subscription_params)
     end
 
-    render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
+    render json: @push_subscription, serializer: REST::WebPushSubscriptionV1Serializer
   end
 
   def update
     @push_subscription.update!(data: data_params)
-    render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
+    render json: @push_subscription, serializer: REST::WebPushSubscriptionV1Serializer
   end
 
   def destroy

app/controllers/api/v2/push/subscriptions_controller.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+class Api::V2::Push::SubscriptionsController < Api::BaseController
+  include Redisable
+  include Lockable
+
+  before_action -> { doorkeeper_authorize! :push }
+  before_action :require_user!
+  before_action :set_push_subscription, only: [:show, :update]
+  before_action :check_push_subscription, only: [:show, :update]
+
+  def show
+    render json: @push_subscription, serializer: REST::WebPushSubscriptionV2Serializer
+  end
+
+  def create
+    with_redis_lock("push_subscription:#{current_user.id}") do
+      destroy_web_push_subscriptions!
+      @push_subscription = Web::PushSubscription.create!(web_push_subscription_params)
+    end
+
+    render json: @push_subscription, serializer: REST::WebPushSubscriptionV2Serializer
+  end
+
+  def update
+    @push_subscription.update!(data: data_params)
+    render json: @push_subscription, serializer: REST::WebPushSubscriptionV2Serializer
+  end
+
+  def destroy
+    destroy_web_push_subscriptions!
+    render_empty
+  end
+
+  private
+
+  def destroy_web_push_subscriptions!
+    doorkeeper_token.web_push_subscriptions.destroy_all
+  end
+
+  def set_push_subscription
+    @push_subscription = doorkeeper_token.web_push_subscriptions.first
+  end
+
+  def check_push_subscription
+    not_found if @push_subscription.nil?
+  end
+
+  def web_push_subscription_params
+    {
+      access_token_id: doorkeeper_token.id,
+      data: data_params,
+      endpoint: subscription_params[:endpoint],
+      key_auth: subscription_params[:keys][:auth],
+      key_p256dh: subscription_params[:keys][:p256dh],
+      standard: subscription_params[:standard] || false,
+      user_id: current_user.id,
+    }
+  end
+
+  def subscription_params
+    params.expect(subscription: [:endpoint, :standard, keys: [:auth, :p256dh]])
+  end
+
+  def data_params
+    return {} if params[:data].blank?
+
+    params.expect(data: [:policy, alerts: Notification::TYPES])
+  end
+end

app/controllers/api/web/push_subscriptions_controller.rb

@@ -9,12 +9,12 @@ class Api::Web::PushSubscriptionsController < Api::Web::BaseController
   def create
     @push_subscription = ::Web::PushSubscription.create!(web_push_subscription_params)
 
-    render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
+    render json: @push_subscription, serializer: REST::WebPushSubscriptionV1Serializer
   end
 
   def update
     @push_subscription.update!(data: data_params)
-    render json: @push_subscription, serializer: REST::WebPushSubscriptionSerializer
+    render json: @push_subscription, serializer: REST::WebPushSubscriptionV1Serializer
   end
 
   def destroy

app/javascript/mastodon/features/ui/components/modal_root.jsx

@@ -136,7 +136,7 @@ export default class ModalRoot extends PureComponent {
       <Base backgroundColor={backgroundColor} onClose={this.handleClose} ignoreFocus={ignoreFocus}>
         {visible && (
           <>
-            <BundleContainer fetchComponent={MODAL_COMPONENTS[type]} loading={this.renderLoading} error={this.renderError} renderDelay={200}>
+            <BundleContainer key={type} fetchComponent={MODAL_COMPONENTS[type]} loading={this.renderLoading} error={this.renderError} renderDelay={200}>
               {(SpecificComponent) => {
                 return <SpecificComponent {...props} onChangeBackgroundColor={this.setBackgroundColor} onClose={this.handleClose} ref={this.setModalRef} />;
               }}

app/serializers/initial_state_serializer.rb

@@ -9,7 +9,7 @@ class InitialStateSerializer < ActiveModel::Serializer
 
   attribute :critical_updates_pending, if: -> { object&.role&.can?(:view_devops) && SoftwareUpdate.check_enabled? }
 
-  has_one :push_subscription, serializer: REST::WebPushSubscriptionSerializer
+  has_one :push_subscription, serializer: REST::WebPushSubscriptionV1Serializer
   has_one :role, serializer: REST::RoleSerializer
 
   def meta

app/serializers/rest/web_push_subscription_v1_serializer.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class REST::WebPushSubscriptionSerializer < ActiveModel::Serializer
+class REST::WebPushSubscriptionV1Serializer < ActiveModel::Serializer
   attributes :id, :endpoint, :standard, :alerts, :server_key, :policy
 
   delegate :standard, to: :object

app/serializers/rest/web_push_subscription_v2_serializer.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+class REST::WebPushSubscriptionV2Serializer < ActiveModel::Serializer
+  attributes :id, :endpoint, :standard, :alerts, :server_key, :policy
+
+  delegate :standard, to: :object
+
+  def id
+    object.id.to_s
+  end
+
+  def alerts
+    (object.data&.dig('alerts') || {}).transform_values { |v| ActiveModel::Type::Boolean.new.cast(v) }
+  end
+
+  def server_key
+    Rails.configuration.x.vapid.public_key
+  end
+
+  def policy
+    object.data&.dig('policy') || 'all'
+  end
+end

app/services/create_collection_service.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+class CreateCollectionService
+  def call(params, account)
+    tag = params.delete(:tag)
+    account_ids = params.delete(:account_ids)
+    @collection = Collection.new(params.merge({ account:, local: true, tag: find_or_create_tag(tag) }))
+    build_items(account_ids)
+
+    @collection.save!
+    @collection
+  end
+
+  private
+
+  def find_or_create_tag(name)
+    return nil if name.blank?
+
+    Tag.find_or_create_by_names(name).first
+  end
+
+  def build_items(account_ids)
+    return if account_ids.blank?
+
+    account_ids.each do |account_id|
+      account = Account.find(account_id)
+      # TODO: validate preferences
+      @collection.collection_items.build(account:)
+    end
+  end
+end

config/routes/api.rb

@@ -344,6 +344,10 @@ namespace :api, format: false do
       resources :statuses, only: [:show, :destroy]
     end
 
+    namespace :push do
+      resource :subscription, only: [:create, :show, :update, :destroy]
+    end
+
     namespace :admin do
       resources :accounts, only: [:index]
     end

spec/requests/api/v2/push/subscription_spec.rb

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'API V2 Push Subscriptions' do
+  let(:user) { Fabricate(:user) }
+  let(:endpoint) { 'https://fcm.googleapis.com/fcm/send/fiuH06a27qE:APA91bHnSiGcLwdaxdyqVXNDR9w1NlztsHb6lyt5WDKOC_Z_Q8BlFxQoR8tWFSXUIDdkyw0EdvxTu63iqamSaqVSevW5LfoFwojws8XYDXv_NRRLH6vo2CdgiN4jgHv5VLt2A8ah6lUX' }
+  let(:keys) do
+    {
+      p256dh: 'BEm_a0bdPDhf0SOsrnB2-ategf1hHoCnpXgQsFj5JCkcoMrMt2WHoPfEYOYPzOIs9mZE8ZUaD7VA5vouy0kEkr8=',
+      auth: 'eH_C8rq2raXqlcBVDa1gLg==',
+    }
+  end
+  let(:create_payload) do
+    {
+      subscription: {
+        endpoint: endpoint,
+        keys: keys,
+        standard: standard,
+      },
+    }.with_indifferent_access
+  end
+  let(:alerts_payload) do
+    {
+      data: {
+        policy: 'all',
+
+        alerts: {
+          follow: true,
+          follow_request: true,
+          favourite: false,
+          reblog: true,
+          mention: false,
+          poll: true,
+          status: false,
+        },
+      },
+    }.with_indifferent_access
+  end
+  let(:standard) { '1' }
+  let(:scopes) { 'push' }
+  let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }
+
+  shared_examples 'validation error' do
+    it 'returns a validation error' do
+      subject
+
+      expect(response).to have_http_status(422)
+      expect(response.content_type)
+        .to start_with('application/json')
+      expect(endpoint_push_subscriptions.count).to eq(0)
+      expect(endpoint_push_subscription).to be_nil
+    end
+  end
+
+  describe 'GET /api/v2/push/subscription' do
+    subject { get api_v2_push_subscription_path, headers: headers }
+
+    context 'with a subscription' do
+      let!(:subscription) { create_subscription_with_token }
+
+      before { subscription }
+
+      it 'shows subscription details' do
+        subject
+
+        expect(response)
+          .to have_http_status(200)
+        expect(response.content_type)
+          .to start_with('application/json')
+        expect(response.parsed_body)
+          .to include(endpoint: endpoint)
+      end
+
+      it 'returns subscription.id as a string' do
+        subject
+
+        expect(response.parsed_body)
+          .to include(id: subscription.id.to_s)
+      end
+    end
+
+    context 'without a subscription' do
+      it 'returns not found' do
+        subject
+
+        expect(response)
+          .to have_http_status(404)
+        expect(response.content_type)
+          .to start_with('application/json')
+      end
+    end
+  end
+
+  def create_subscription_with_token
+    Fabricate(
+      :web_push_subscription,
+      endpoint: create_payload[:subscription][:endpoint],
+      access_token: token,
+      user: user
+    )
+  end
+end

spec/services/create_collection_service_spec.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe CreateCollectionService do
+  subject { described_class.new }
+
+  let(:author) { Fabricate.create(:account) }
+
+  describe '#call' do
+    let(:base_params) do
+      {
+        name: 'People to follow',
+        description: 'All my favourites',
+        sensitive: false,
+        discoverable: true,
+      }
+    end
+
+    context 'when given valid parameters' do
+      it 'creates a new local collection' do
+        collection = nil
+
+        expect do
+          collection = subject.call(base_params, author)
+        end.to change(Collection, :count).by(1)
+
+        expect(collection).to be_a(Collection)
+        expect(collection).to be_local
+      end
+
+      context 'when given account ids' do
+        let(:account_ids) do
+          Fabricate.times(2, :account).map { |a| a.id.to_s }
+        end
+        let(:params) do
+          base_params.merge(account_ids:)
+        end
+
+        it 'also creates collection items' do
+          expect do
+            subject.call(params, author)
+          end.to change(CollectionItem, :count).by(2)
+        end
+      end
+
+      context 'when given a tag' do
+        let(:params) { base_params.merge(tag: '#people') }
+
+        context 'when the tag exists' do
+          let!(:tag) { Fabricate.create(:tag, name: 'people') }
+
+          it 'correctly assigns the existing tag' do
+            collection = subject.call(params, author)
+
+            expect(collection.tag).to eq tag
+          end
+        end
+
+        context 'when the tag does not exist' do
+          it 'creates a new tag' do
+            collection = nil
+
+            expect do
+              collection = subject.call(params, author)
+            end.to change(Tag, :count).by(1)
+
+            expect(collection.tag.name).to eq 'people'
+          end
+        end
+      end
+    end
+
+    context 'when given invalid parameters' do
+      it 'raises an exception' do
+        expect do
+          subject.call({}, author)
+        end.to raise_error(ActiveRecord::RecordInvalid)
+      end
+    end
+  end
+end