Merge 125a298dba into 3b52dca405

app/controllers/api/v1/admin/accounts/notes_controller.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+class Api::V1::Admin::Accounts::NotesController < Api::BaseController
+  include Authorization
+  include AccountableConcern
+
+  PERMITTED_PARAMS = %i(
+    content
+  ).freeze
+
+  before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:accounts' }, only: [:index, :show]
+  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:accounts' }, except: [:index, :show]
+  before_action :set_account
+  before_action :set_account_moderation_note, except: [:index, :create]
+
+  rescue_from ArgumentError do |e|
+    render json: { error: e.to_s }, status: 422
+  end
+
+  def index
+    authorize @account, :show?
+    render json: @account.targeted_moderation_notes.chronological.includes(:account), each_serializer: REST::Admin::ModerationNoteSerializer
+  end
+
+  def show
+    authorize @account_moderation_note, :show?
+    render json: @account_moderation_note, serializer: REST::Admin::ModerationNoteSerializer
+  end
+
+  def create
+    authorize AccountModerationNote, :create?
+
+    @account_moderation_note = current_account.account_moderation_notes.new(account_note_params.merge(target_account_id: @account.id))
+    @account_moderation_note.save!
+
+    render json: @account_moderation_note, serializer: REST::Admin::ModerationNoteSerializer
+  end
+
+  def destroy
+    authorize @account_moderation_note, :destroy?
+    @account_moderation_note.destroy!
+    render_empty
+  end
+
+  private
+
+  def set_account
+    @account = Account.find(params[:account_id])
+  end
+
+  def set_account_moderation_note
+    @account_moderation_note = AccountModerationNote.where(target_account_id: params[:account_id]).find(params[:id])
+  end
+
+  def account_note_params
+    params
+      .slice(*PERMITTED_PARAMS)
+      .permit(*PERMITTED_PARAMS)
+  end
+end

app/controllers/api/v1/admin/reports/notes_controller.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+class Api::V1::Admin::Reports::NotesController < Api::BaseController
+  include Authorization
+  include AccountableConcern
+
+  PERMITTED_PARAMS = %i(
+    content
+  ).freeze
+
+  before_action -> { authorize_if_got_token! :'admin:read', :'admin:read:reports' }, only: [:index, :show]
+  before_action -> { authorize_if_got_token! :'admin:write', :'admin:write:reports' }, except: [:index, :show]
+  before_action :set_report
+  before_action :set_report_note, except: [:index, :create]
+
+  rescue_from ArgumentError do |e|
+    render json: { error: e.to_s }, status: 422
+  end
+
+  def index
+    authorize @report, :show?
+    render json: @report.notes.chronological.includes(:account), each_serializer: REST::Admin::ModerationNoteSerializer
+  end
+
+  def show
+    authorize @report_note, :show?
+    render json: @report_note, serializer: REST::Admin::ModerationNoteSerializer
+  end
+
+  def create
+    authorize ReportNote, :create?
+    authorize @report, :update? if truthy_param?(:resolve_report) || truthy_param?(:unresolve_report)
+
+    @report_note = current_account.report_notes.new(report_note_params.merge(report_id: @report.id))
+
+    if @report_note.save!
+      if truthy_param?(:resolve_report)
+        @report.resolve!(current_account)
+        log_action :resolve, @report
+      elsif truthy_param?(:unresolve_report)
+        @report.unresolve!
+        log_action :reopen, @report
+      end
+
+      render json: @report_note, serializer: REST::Admin::ModerationNoteSerializer
+    end
+  end
+
+  def destroy
+    authorize @report_note, :destroy?
+    @report_note.destroy!
+    render_empty
+  end
+
+  private
+
+  def set_report
+    @report = Report.find(params[:report_id])
+  end
+
+  def set_report_note
+    @report_note = ReportNote.where(report_id: params[:report_id]).find(params[:id])
+  end
+
+  def report_note_params
+    params
+      .slice(*PERMITTED_PARAMS)
+      .permit(*PERMITTED_PARAMS)
+  end
+end

app/helpers/context_helper.rb

@@ -26,6 +26,12 @@ module ContextHelper
     suspended: { 'toot' => 'http://joinmastodon.org/ns#', 'suspended' => 'toot:suspended' },
     attribution_domains: { 'toot' => 'http://joinmastodon.org/ns#', 'attributionDomains' => { '@id' => 'toot:attributionDomains', '@type' => '@id' } },
     quote_requests: { 'QuoteRequest' => 'https://w3id.org/fep/044f#QuoteRequest' },
+    quotes: {
+      'quote' => 'https://w3id.org/fep/044f#quote',
+      'quoteUri' => 'http://fedibird.com/ns#quoteUri',
+      '_misskey_quote' => 'https://misskey-hub.net/ns#_misskey_quote',
+      'quoteAuthorization' => 'https://w3id.org/fep/044f#quoteAuthorization',
+    },
     interaction_policies: {
       'gts' => 'https://gotosocial.org/ns#',
       'interactionPolicy' => { '@id' => 'gts:interactionPolicy', '@type' => '@id' },

app/javascript/mastodon/components/account_bio.tsx

@@ -1,12 +1,30 @@
+import { useCallback } from 'react';
+
 import { useLinks } from 'mastodon/hooks/useLinks';
 
-export const AccountBio: React.FC<{
+interface AccountBioProps {
   note: string;
   className: string;
-}> = ({ note, className }) => {
-  const handleClick = useLinks();
+  dropdownAccountId?: string;
+}
 
-  if (note.length === 0 || note === '<p></p>') {
+export const AccountBio: React.FC<AccountBioProps> = ({
+  note,
+  className,
+  dropdownAccountId,
+}) => {
+  const handleClick = useLinks(!!dropdownAccountId);
+  const handleNodeChange = useCallback(
+    (node: HTMLDivElement | null) => {
+      if (!dropdownAccountId || !node || node.childNodes.length === 0) {
+        return;
+      }
+      addDropdownToHashtags(node, dropdownAccountId);
+    },
+    [dropdownAccountId],
+  );
+
+  if (note.length === 0) {
     return null;
   }
 
@@ -15,6 +33,28 @@ export const AccountBio: React.FC<{
       className={`${className} translate`}
       dangerouslySetInnerHTML={{ __html: note }}
       onClickCapture={handleClick}
+      ref={handleNodeChange}
     />
   );
 };
+
+function addDropdownToHashtags(node: HTMLElement | null, accountId: string) {
+  if (!node) {
+    return;
+  }
+  for (const childNode of node.childNodes) {
+    if (!(childNode instanceof HTMLElement)) {
+      continue;
+    }
+    if (
+      childNode instanceof HTMLAnchorElement &&
+      (childNode.classList.contains('hashtag') ||
+        childNode.innerText.startsWith('#')) &&
+      !childNode.dataset.menuHashtag
+    ) {
+      childNode.dataset.menuHashtag = accountId;
+    } else if (childNode.childNodes.length > 0) {
+      addDropdownToHashtags(childNode, accountId);
+    }
+  }
+}

app/javascript/mastodon/features/account_timeline/components/account_header.tsx

@@ -6,6 +6,7 @@ import classNames from 'classnames';
 import { Helmet } from 'react-helmet';
 import { NavLink } from 'react-router-dom';
 
+import { AccountBio } from '@/mastodon/components/account_bio';
 import CheckIcon from '@/material-icons/400-24px/check.svg?react';
 import LockIcon from '@/material-icons/400-24px/lock.svg?react';
 import MoreHorizIcon from '@/material-icons/400-24px/more_horiz.svg?react';
@@ -773,7 +774,6 @@ export const AccountHeader: React.FC<{
     );
   }
 
-  const content = { __html: account.note_emojified };
   const displayNameHtml = { __html: account.display_name_html };
   const fields = account.fields;
   const isLocal = !account.acct.includes('@');
@@ -897,12 +897,11 @@ export const AccountHeader: React.FC<{
                   <AccountNote accountId={accountId} />
                 )}
 
-                {account.note.length > 0 && account.note !== '<p></p>' && (
-                  <div
-                    className='account__header__content translate'
-                    dangerouslySetInnerHTML={content}
-                  />
-                )}
+                <AccountBio
+                  note={account.note_emojified}
+                  dropdownAccountId={accountId}
+                  className='account__header__content'
+                />
 
                 <div className='account__header__fields'>
                   <dl>

app/javascript/mastodon/hooks/useLinks.ts

@@ -8,13 +8,14 @@ import { openURL } from 'mastodon/actions/search';
 import { useAppDispatch } from 'mastodon/store';
 
 const isMentionClick = (element: HTMLAnchorElement) =>
-  element.classList.contains('mention');
+  element.classList.contains('mention') &&
+  !element.classList.contains('hashtag');
 
 const isHashtagClick = (element: HTMLAnchorElement) =>
   element.textContent?.[0] === '#' ||
   element.previousSibling?.textContent?.endsWith('#');
 
-export const useLinks = () => {
+export const useLinks = (skipHashtags?: boolean) => {
   const history = useHistory();
   const dispatch = useAppDispatch();
 
@@ -61,12 +62,12 @@ export const useLinks = () => {
       if (isMentionClick(target)) {
         e.preventDefault();
         void handleMentionClick(target);
-      } else if (isHashtagClick(target)) {
+      } else if (isHashtagClick(target) && !skipHashtags) {
         e.preventDefault();
         handleHashtagClick(target);
       }
     },
-    [handleMentionClick, handleHashtagClick],
+    [skipHashtags, handleMentionClick, handleHashtagClick],
   );
 
   return handleClick;

app/javascript/mastodon/models/account.ts

@@ -126,6 +126,9 @@ export function createAccountFromServerJSON(serverJSON: ApiAccountJSON) {
       ? accountJSON.username
       : accountJSON.display_name;
 
+  const accountNote =
+    accountJSON.note && accountJSON.note !== '<p></p>' ? accountJSON.note : '';
+
   return AccountFactory({
     ...accountJSON,
     moved: moved?.id,
@@ -142,8 +145,8 @@ export function createAccountFromServerJSON(serverJSON: ApiAccountJSON) {
       escapeTextContentForBrowser(displayName),
       emojiMap,
     ),
-    note_emojified: emojify(accountJSON.note, emojiMap),
-    note_plain: unescapeHTML(accountJSON.note),
+    note_emojified: emojify(accountNote, emojiMap),
+    note_plain: unescapeHTML(accountNote),
     url:
       accountJSON.url.startsWith('http://') ||
       accountJSON.url.startsWith('https://')

app/policies/report_note_policy.rb

@@ -5,6 +5,10 @@ class ReportNotePolicy < ApplicationPolicy
     role.can?(:manage_reports)
   end
 
+  def show?
+    role.can?(:manage_reports)
+  end
+
   def destroy?
     owner? || (role.can?(:manage_reports) && role.overrides?(record.account.user_role))
   end

app/serializers/rest/admin/account_minimal_serializer.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+class REST::Admin::AccountMinimalSerializer < ActiveModel::Serializer
+  include RoutingHelper
+
+  attributes :id, :username, :acct, :display_name, :uri, :url, :avatar, :avatar_static
+
+  def id
+    object.id.to_s
+  end
+
+  def acct
+    object.pretty_acct
+  end
+
+  def url
+    ActivityPub::TagManager.instance.url_for(object)
+  end
+
+  def uri
+    ActivityPub::TagManager.instance.uri_for(object)
+  end
+
+  def avatar
+    full_asset_url(object.unavailable? ? object.avatar.default_url : object.avatar_original_url)
+  end
+
+  def avatar_static
+    full_asset_url(object.unavailable? ? object.avatar.default_url : object.avatar_static_url)
+  end
+end

app/serializers/rest/admin/moderation_note_serializer.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+class REST::Admin::ModerationNoteSerializer < ActiveModel::Serializer
+  include RoutingHelper
+
+  attributes :id, :content, :created_at, :updated_at, :target
+  belongs_to :account, serializer: REST::Admin::AccountMinimalSerializer
+
+  def id
+    object.id.to_s
+  end
+
+  def content
+    object.content.strip
+  end
+
+  def target
+    case object
+    when ReportNote
+      { type: 'Report', id: object.report_id.to_s, url: api_v1_admin_report_url(object.report.id) }
+    when AccountModerationNote
+      { type: 'Account', id: object.target_account_id.to_s, url: api_v1_admin_account_url(object.target_account.id) }
+    end
+  end
+end

config/routes/api.rb

@@ -258,6 +258,7 @@ namespace :api, format: false do
         end
 
         resource :action, only: [:create], controller: 'account_actions'
+        resources :notes, controller: 'accounts/notes', only: [:index, :show, :create, :destroy]
       end
 
       resources :reports, only: [:index, :update, :show] do
@@ -267,6 +268,8 @@ namespace :api, format: false do
           post :reopen
           post :resolve
         end
+
+        resources :notes, controller: 'reports/notes', only: [:index, :show, :create, :destroy]
       end
 
       resources :domain_allows, only: [:index, :show, :create, :destroy]