summaryrefslogtreecommitdiff
path: root/internal/web
diff options
context:
space:
mode:
Diffstat (limited to 'internal/web')
-rw-r--r--internal/web/about.go3
-rw-r--r--internal/web/domain-blocklist.go75
-rw-r--r--internal/web/domainperms.go136
-rw-r--r--internal/web/web.go3
4 files changed, 140 insertions, 77 deletions
diff --git a/internal/web/about.go b/internal/web/about.go
index e899bcb84..23af503ac 100644
--- a/internal/web/about.go
+++ b/internal/web/about.go
@@ -57,7 +57,8 @@ func (m *Module) aboutGETHandler(c *gin.Context) {
Stylesheets: []string{cssAbout},
Extra: map[string]any{
"showStrap": true,
- "blocklistExposed": config.GetInstanceExposeSuspendedWeb(),
+ "blocklistExposed": config.GetInstanceExposeBlocklistWeb(),
+ "allowlistExposed": config.GetInstanceExposeAllowlistWeb(),
"languages": config.GetInstanceLanguages().DisplayStrs(),
},
}
diff --git a/internal/web/domain-blocklist.go b/internal/web/domain-blocklist.go
deleted file mode 100644
index 34e23d899..000000000
--- a/internal/web/domain-blocklist.go
+++ /dev/null
@@ -1,75 +0,0 @@
-// GoToSocial
-// Copyright (C) GoToSocial Authors admin@gotosocial.org
-// SPDX-License-Identifier: AGPL-3.0-or-later
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-package web
-
-import (
- "context"
- "fmt"
-
- apimodel "code.superseriousbusiness.org/gotosocial/internal/api/model"
- apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util"
- "code.superseriousbusiness.org/gotosocial/internal/config"
- "code.superseriousbusiness.org/gotosocial/internal/gtserror"
- "github.com/gin-gonic/gin"
-)
-
-const (
- domainBlockListPath = aboutPath + "/suspended"
-)
-
-func (m *Module) domainBlockListGETHandler(c *gin.Context) {
- instance, errWithCode := m.processor.InstanceGetV1(c.Request.Context())
- if errWithCode != nil {
- apiutil.WebErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
- return
- }
-
- // Return instance we already got from the db,
- // don't try to fetch it again when erroring.
- instanceGet := func(ctx context.Context) (*apimodel.InstanceV1, gtserror.WithCode) {
- return instance, nil
- }
-
- // We only serve text/html at this endpoint.
- if _, err := apiutil.NegotiateAccept(c, apiutil.TextHTML); err != nil {
- apiutil.WebErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), instanceGet)
- return
- }
-
- if !config.GetInstanceExposeSuspendedWeb() {
- err := fmt.Errorf("this instance does not publicy expose its blocklist")
- apiutil.WebErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), instanceGet)
- return
- }
-
- domainBlocks, errWithCode := m.processor.InstancePeersGet(c.Request.Context(), true, false, false)
- if errWithCode != nil {
- apiutil.WebErrorHandler(c, errWithCode, instanceGet)
- return
- }
-
- page := apiutil.WebPage{
- Template: "domain-blocklist.tmpl",
- Instance: instance,
- OGMeta: apiutil.OGBase(instance),
- Stylesheets: []string{cssFA},
- Extra: map[string]any{"blocklist": domainBlocks},
- }
-
- apiutil.TemplateWebPage(c, page)
-}
diff --git a/internal/web/domainperms.go b/internal/web/domainperms.go
new file mode 100644
index 000000000..24608e1fd
--- /dev/null
+++ b/internal/web/domainperms.go
@@ -0,0 +1,136 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+package web
+
+import (
+ "context"
+ "errors"
+
+ apimodel "code.superseriousbusiness.org/gotosocial/internal/api/model"
+ apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util"
+ "code.superseriousbusiness.org/gotosocial/internal/config"
+ "code.superseriousbusiness.org/gotosocial/internal/gtserror"
+ "github.com/gin-gonic/gin"
+)
+
+const (
+ domainBlocklistPath = aboutPath + "/domain_blocks"
+ domainAllowlistPath = aboutPath + "/domain_allows"
+)
+
+func (m *Module) domainBlocklistGETHandler(c *gin.Context) {
+ instance, errWithCode := m.processor.InstanceGetV1(c.Request.Context())
+ if errWithCode != nil {
+ apiutil.WebErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
+ return
+ }
+
+ // Return instance we already got from the db,
+ // don't try to fetch it again when erroring.
+ instanceGet := func(ctx context.Context) (*apimodel.InstanceV1, gtserror.WithCode) {
+ return instance, nil
+ }
+
+ // We only serve text/html at this endpoint.
+ if _, err := apiutil.NegotiateAccept(c, apiutil.TextHTML); err != nil {
+ errWithCode := gtserror.NewErrorNotAcceptable(err, err.Error())
+ apiutil.WebErrorHandler(c, errWithCode, instanceGet)
+ return
+ }
+
+ if !config.GetInstanceExposeBlocklistWeb() {
+ const errText = "this instance does not expose its blocklist via the web"
+ errWithCode := gtserror.NewErrorUnauthorized(errors.New(errText), errText)
+ apiutil.WebErrorHandler(c, errWithCode, instanceGet)
+ return
+ }
+
+ domainBlocks, errWithCode := m.processor.InstancePeersGet(
+ c.Request.Context(),
+ true, // Include blocked.
+ false, // Don't include allowed.
+ false, // Don't include open.
+ false, // Don't flatten list.
+ false, // Don't include severity.
+ )
+ if errWithCode != nil {
+ apiutil.WebErrorHandler(c, errWithCode, instanceGet)
+ return
+ }
+
+ page := apiutil.WebPage{
+ Template: "domain-blocklist.tmpl",
+ Instance: instance,
+ OGMeta: apiutil.OGBase(instance),
+ Stylesheets: []string{cssFA},
+ Extra: map[string]any{"blocklist": domainBlocks},
+ }
+
+ apiutil.TemplateWebPage(c, page)
+}
+
+func (m *Module) domainAllowlistGETHandler(c *gin.Context) {
+ instance, errWithCode := m.processor.InstanceGetV1(c.Request.Context())
+ if errWithCode != nil {
+ apiutil.WebErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
+ return
+ }
+
+ // Return instance we already got from the db,
+ // don't try to fetch it again when erroring.
+ instanceGet := func(ctx context.Context) (*apimodel.InstanceV1, gtserror.WithCode) {
+ return instance, nil
+ }
+
+ // We only serve text/html at this endpoint.
+ if _, err := apiutil.NegotiateAccept(c, apiutil.TextHTML); err != nil {
+ errWithCode := gtserror.NewErrorNotAcceptable(err, err.Error())
+ apiutil.WebErrorHandler(c, errWithCode, instanceGet)
+ return
+ }
+
+ if !config.GetInstanceExposeAllowlistWeb() {
+ const errText = "this instance does not expose its allowlist via the web"
+ errWithCode := gtserror.NewErrorUnauthorized(errors.New(errText), errText)
+ apiutil.WebErrorHandler(c, errWithCode, instanceGet)
+ return
+ }
+
+ domainAllows, errWithCode := m.processor.InstancePeersGet(
+ c.Request.Context(),
+ false, // Don't include blocked.
+ true, // Include allowed.
+ false, // Don't include open.
+ false, // Don't flatten list.
+ false, // Don't include severity.
+ )
+ if errWithCode != nil {
+ apiutil.WebErrorHandler(c, errWithCode, instanceGet)
+ return
+ }
+
+ page := apiutil.WebPage{
+ Template: "domain-allowlist.tmpl",
+ Instance: instance,
+ OGMeta: apiutil.OGBase(instance),
+ Stylesheets: []string{cssFA},
+ Extra: map[string]any{"allowlist": domainAllows},
+ }
+
+ apiutil.TemplateWebPage(c, page)
+}
diff --git a/internal/web/web.go b/internal/web/web.go
index 4494f8ff9..c7b7c9f25 100644
--- a/internal/web/web.go
+++ b/internal/web/web.go
@@ -127,7 +127,8 @@ func (m *Module) Route(r *router.Router, mi ...gin.HandlerFunc) {
everythingElseGroup.Handle(http.MethodPost, confirmEmailPath, m.confirmEmailPOSTHandler)
everythingElseGroup.Handle(http.MethodGet, aboutPath, m.aboutGETHandler)
everythingElseGroup.Handle(http.MethodGet, loginPath, m.loginGETHandler)
- everythingElseGroup.Handle(http.MethodGet, domainBlockListPath, m.domainBlockListGETHandler)
+ everythingElseGroup.Handle(http.MethodGet, domainBlocklistPath, m.domainBlocklistGETHandler)
+ everythingElseGroup.Handle(http.MethodGet, domainAllowlistPath, m.domainAllowlistGETHandler)
everythingElseGroup.Handle(http.MethodGet, tagsPath, m.tagGETHandler)
everythingElseGroup.Handle(http.MethodGet, signupPath, m.signupGETHandler)
everythingElseGroup.Handle(http.MethodPost, signupPath, m.signupPOSTHandler)
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-02 10:55:47 +0000