2019-05-02 18:17:27 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2013-12-31 14:37:43 -05:00
|
|
|
class EmbedController < ApplicationController
|
2019-08-15 13:41:06 -04:00
|
|
|
include TopicQueryParams
|
|
|
|
|
|
2017-08-31 00:06:56 -04:00
|
|
|
skip_before_action :check_xhr, :preload_json, :verify_authenticity_token
|
2015-05-05 21:00:31 -04:00
|
|
|
|
2019-09-10 12:27:07 -04:00
|
|
|
before_action :prepare_embeddable, except: [ :info ]
|
2017-08-31 00:06:56 -04:00
|
|
|
before_action :ensure_api_request, only: [ :info ]
|
2013-12-31 14:37:43 -05:00
|
|
|
|
|
|
|
|
layout 'embed'
|
|
|
|
|
|
2016-12-13 14:37:37 -05:00
|
|
|
rescue_from Discourse::InvalidAccess do
|
|
|
|
|
if current_user.try(:admin?)
|
|
|
|
|
@setup_url = "#{Discourse.base_url}/admin/customize/embedding"
|
|
|
|
|
@show_reason = true
|
|
|
|
|
@hosts = EmbeddableHost.all
|
|
|
|
|
end
|
2019-08-15 13:41:06 -04:00
|
|
|
render 'embed_error', status: 400
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def topics
|
|
|
|
|
discourse_expires_in 1.minute
|
|
|
|
|
|
|
|
|
|
unless SiteSetting.embed_topics_list?
|
|
|
|
|
render 'embed_topics_error', status: 400
|
|
|
|
|
return
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
if @embed_id = params[:discourse_embed_id]
|
|
|
|
|
raise Discourse::InvalidParameters.new(:embed_id) unless @embed_id =~ /^de\-[a-zA-Z0-9]+$/
|
|
|
|
|
end
|
|
|
|
|
|
2021-04-29 11:12:00 -04:00
|
|
|
if @embed_class = params[:embed_class]
|
|
|
|
|
raise Discourse::InvalidParameters.new(:embed_class) unless @embed_class =~ /^[a-zA-Z0-9\-_]+$/
|
|
|
|
|
end
|
|
|
|
|
|
2019-09-04 04:01:46 -04:00
|
|
|
if params.has_key?(:template) && params[:template] == "complete"
|
|
|
|
|
@template = "complete"
|
2019-09-02 10:25:44 -04:00
|
|
|
else
|
|
|
|
|
@template = "basic"
|
|
|
|
|
end
|
|
|
|
|
|
2019-08-15 13:41:06 -04:00
|
|
|
list_options = build_topic_list_options
|
2020-07-20 07:13:35 -04:00
|
|
|
|
|
|
|
|
if params.has_key?(:per_page)
|
|
|
|
|
list_options[:per_page] =
|
|
|
|
|
[params[:per_page].to_i, SiteSetting.embed_topic_limit_per_page].min
|
|
|
|
|
end
|
2019-11-01 15:19:10 -04:00
|
|
|
|
|
|
|
|
if params[:allow_create]
|
|
|
|
|
@allow_create = true
|
|
|
|
|
create_url_params = {}
|
|
|
|
|
create_url_params[:category_id] = params[:category] if params[:category].present?
|
|
|
|
|
create_url_params[:tags] = params[:tags] if params[:tags].present?
|
|
|
|
|
@create_url = "#{Discourse.base_url}/new-topic?#{create_url_params.to_query}"
|
|
|
|
|
end
|
|
|
|
|
|
2019-08-15 13:41:06 -04:00
|
|
|
topic_query = TopicQuery.new(current_user, list_options)
|
2021-07-23 13:52:35 -04:00
|
|
|
top_period = params[:top_period]
|
|
|
|
|
begin
|
|
|
|
|
TopTopic.validate_period(top_period)
|
|
|
|
|
valid_top_period = true
|
|
|
|
|
rescue Discourse::InvalidParameters
|
|
|
|
|
valid_top_period = false
|
|
|
|
|
end
|
2021-04-26 17:10:04 -04:00
|
|
|
|
|
|
|
|
@list = if valid_top_period
|
|
|
|
|
topic_query.list_top_for(top_period)
|
|
|
|
|
else
|
|
|
|
|
topic_query.list_latest
|
|
|
|
|
end
|
2016-12-13 14:37:37 -05:00
|
|
|
end
|
|
|
|
|
|
2014-01-03 12:52:24 -05:00
|
|
|
def comments
|
2015-06-09 16:24:04 -04:00
|
|
|
embed_url = params[:embed_url]
|
2016-02-25 06:16:27 -05:00
|
|
|
embed_username = params[:discourse_username]
|
2021-07-16 14:25:49 -04:00
|
|
|
embed_topic_id = params[:topic_id]&.to_i
|
|
|
|
|
|
|
|
|
|
unless embed_topic_id || EmbeddableHost.url_allowed?(embed_url)
|
|
|
|
|
raise Discourse::InvalidAccess.new('invalid embed host')
|
|
|
|
|
end
|
2015-06-09 16:24:04 -04:00
|
|
|
|
|
|
|
|
topic_id = nil
|
|
|
|
|
if embed_url.present?
|
|
|
|
|
topic_id = TopicEmbed.topic_id_for_embed(embed_url)
|
|
|
|
|
else
|
|
|
|
|
topic_id = params[:topic_id].to_i
|
|
|
|
|
end
|
2013-12-31 14:37:43 -05:00
|
|
|
|
|
|
|
|
if topic_id
|
2014-06-18 17:39:12 -04:00
|
|
|
@topic_view = TopicView.new(topic_id,
|
|
|
|
|
current_user,
|
|
|
|
|
limit: SiteSetting.embed_post_limit,
|
2021-01-21 12:47:03 -05:00
|
|
|
only_regular: true,
|
2014-06-18 17:39:12 -04:00
|
|
|
exclude_first: true,
|
2016-05-03 15:01:20 -04:00
|
|
|
exclude_deleted_users: true,
|
|
|
|
|
exclude_hidden: true)
|
2021-08-30 01:07:53 -04:00
|
|
|
raise Discourse::NotFound if @topic_view.blank?
|
2014-06-18 17:39:12 -04:00
|
|
|
|
2014-01-03 14:55:37 -05:00
|
|
|
@posts_left = 0
|
2021-08-30 01:07:53 -04:00
|
|
|
@second_post_url = "#{@topic_view.topic.url}/2"
|
|
|
|
|
@reply_count = @topic_view.filtered_posts.count - 1
|
|
|
|
|
@reply_count = 0 if @reply_count < 0
|
|
|
|
|
@posts_left = @reply_count - SiteSetting.embed_post_limit if @reply_count > SiteSetting.embed_post_limit
|
2015-06-09 16:24:04 -04:00
|
|
|
elsif embed_url.present?
|
2016-04-24 20:47:38 -04:00
|
|
|
Jobs.enqueue(:retrieve_topic,
|
|
|
|
|
user_id: current_user.try(:id),
|
|
|
|
|
embed_url: embed_url,
|
|
|
|
|
author_username: embed_username,
|
|
|
|
|
referer: request.env['HTTP_REFERER']
|
|
|
|
|
)
|
2013-12-31 14:37:43 -05:00
|
|
|
render 'loading'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
discourse_expires_in 1.minute
|
|
|
|
|
end
|
|
|
|
|
|
2015-05-05 21:00:31 -04:00
|
|
|
def info
|
|
|
|
|
embed_url = params.require(:embed_url)
|
|
|
|
|
@topic_embed = TopicEmbed.where(embed_url: embed_url).first
|
|
|
|
|
|
|
|
|
|
raise Discourse::NotFound if @topic_embed.nil?
|
|
|
|
|
|
|
|
|
|
render_serialized(@topic_embed, TopicEmbedSerializer, root: false)
|
|
|
|
|
end
|
|
|
|
|
|
2014-01-13 12:47:24 -05:00
|
|
|
def count
|
2014-05-20 15:20:02 -04:00
|
|
|
embed_urls = params[:embed_url]
|
2014-01-13 12:47:24 -05:00
|
|
|
by_url = {}
|
2014-05-20 15:20:02 -04:00
|
|
|
|
|
|
|
|
if embed_urls.present?
|
|
|
|
|
urls = embed_urls.map { |u| u.sub(/#discourse-comments$/, '').sub(/\/$/, '') }
|
|
|
|
|
topic_embeds = TopicEmbed.where(embed_url: urls).includes(:topic).references(:topic)
|
|
|
|
|
|
|
|
|
|
topic_embeds.each do |te|
|
2015-05-01 09:04:45 -04:00
|
|
|
url = te.embed_url
|
2014-05-20 15:20:02 -04:00
|
|
|
url = "#{url}#discourse-comments" unless params[:embed_url].include?(url)
|
2016-08-24 21:27:00 -04:00
|
|
|
if te.topic.present?
|
|
|
|
|
by_url[url] = I18n.t('embed.replies', count: te.topic.posts_count - 1)
|
|
|
|
|
else
|
|
|
|
|
by_url[url] = I18n.t('embed.replies', count: 0)
|
|
|
|
|
end
|
2014-05-20 15:20:02 -04:00
|
|
|
end
|
2014-01-13 12:47:24 -05:00
|
|
|
end
|
|
|
|
|
|
2014-04-14 12:15:41 -04:00
|
|
|
render json: { counts: by_url }, callback: params[:callback]
|
2014-01-13 12:47:24 -05:00
|
|
|
end
|
|
|
|
|
|
2013-12-31 14:37:43 -05:00
|
|
|
private
|
|
|
|
|
|
2019-09-10 12:27:07 -04:00
|
|
|
def prepare_embeddable
|
2021-07-16 14:25:49 -04:00
|
|
|
response.headers.delete('X-Frame-Options')
|
2017-05-08 12:58:36 -04:00
|
|
|
@embeddable_css_class = ""
|
|
|
|
|
embeddable_host = EmbeddableHost.record_for_url(request.referer)
|
|
|
|
|
@embeddable_css_class = " class=\"#{embeddable_host.class_name}\"" if embeddable_host.present? && embeddable_host.class_name.present?
|
2019-09-10 12:27:07 -04:00
|
|
|
|
|
|
|
|
@data_referer = request.referer
|
|
|
|
|
@data_referer = '*' if SiteSetting.embed_any_origin? && @data_referer.blank?
|
2017-05-08 12:58:36 -04:00
|
|
|
end
|
|
|
|
|
|
2015-05-05 21:00:31 -04:00
|
|
|
def ensure_api_request
|
|
|
|
|
raise Discourse::InvalidAccess.new('api key not set') if !is_api?
|
|
|
|
|
end
|
2013-12-31 14:37:43 -05:00
|
|
|
end
|
