From e2daf0f012a21928ceeba03e5754b5a2233f4016 Mon Sep 17 00:00:00 2001 From: tobi <31960611+tsmethurst@users.noreply.github.com> Date: Sat, 11 Dec 2021 17:50:00 +0100 Subject: Add `Accept` header negotiation to relevant API endpoints (#337) * start centralizing negotiation logic for API * swagger document nodeinfo endpoint * go fmt * document negotiate function * use content negotiation * tidy up negotiation logic * negotiate content throughout client api * swagger * remove attachment on Content * add accept header to test requests --- internal/api/client/status/statuscreate.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'internal/api/client/status/statuscreate.go') diff --git a/internal/api/client/status/statuscreate.go b/internal/api/client/status/statuscreate.go index 629a325c5..40a437564 100644 --- a/internal/api/client/status/statuscreate.go +++ b/internal/api/client/status/statuscreate.go @@ -27,6 +27,7 @@ import ( "github.com/spf13/viper" "github.com/gin-gonic/gin" + "github.com/superseriousbusiness/gotosocial/internal/api" "github.com/superseriousbusiness/gotosocial/internal/api/model" "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/oauth" @@ -71,13 +72,18 @@ import ( // description: internal error func (m *Module) StatusCreatePOSTHandler(c *gin.Context) { l := logrus.WithField("func", "statusCreatePOSTHandler") - authed, err := oauth.Authed(c, true, true, true, true) // posting a status is serious business so we want *everything* + authed, err := oauth.Authed(c, true, true, true, true) if err != nil { l.Debugf("couldn't auth: %s", err) c.JSON(http.StatusForbidden, gin.H{"error": err.Error()}) return } + if _, err := api.NegotiateAccept(c, api.JSONAcceptHeaders...); err != nil { + c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()}) + return + } + // First check this user/account is permitted to post new statuses. // There's no point continuing otherwise. if authed.User.Disabled || !authed.User.Approved || !authed.Account.SuspendedAt.IsZero() { -- cgit v1.2.3