Allow users to update their Account in the API (#1179)

* Allow users to update their Account in the API

It would be nice for API clients to be able to allow users to update
their accounts without having to wrap Mastodon in a web view. This patch
adds an API endpoint to let users submit a PATCH for their account.

Signed-off-by: David Celis <me@davidcel.is>

* Add /api/v1/accounts/update_credentials to the API docs

Signed-off-by: David Celis <me@davidcel.is>
shrike
David Celis 2017-04-09 09:33:40 -07:00 committed by Eugen
parent ea6c930c04
commit d4fe6cd2bf
4 changed files with 60 additions and 2 deletions

View File

@ -1,10 +1,11 @@
# frozen_string_literal: true # frozen_string_literal: true
class Api::V1::AccountsController < ApiController class Api::V1::AccountsController < ApiController
before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute] before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute, :update_credentials]
before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock, :mute, :unmute] before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
before_action -> { doorkeeper_authorize! :write }, only: [:update_credentials]
before_action :require_user!, except: [:show, :following, :followers, :statuses] before_action :require_user!, except: [:show, :following, :followers, :statuses]
before_action :set_account, except: [:verify_credentials, :suggestions, :search] before_action :set_account, except: [:verify_credentials, :update_credentials, :suggestions, :search]
respond_to :json respond_to :json
@ -15,6 +16,14 @@ class Api::V1::AccountsController < ApiController
render action: :show render action: :show
end end
def update_credentials
@account = current_user.account
@account.update_attributes!(account_params)
render action: :show
end
def following def following
results = Follow.where(account: @account).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id]) results = Follow.where(account: @account).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
accounts = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h accounts = Account.where(id: results.map(&:target_account_id)).map { |a| [a.id, a] }.to_h
@ -135,4 +144,8 @@ class Api::V1::AccountsController < ApiController
def statuses_pagination_params(core_params) def statuses_pagination_params(core_params)
params.permit(:limit, :only_media, :exclude_replies).merge(core_params) params.permit(:limit, :only_media, :exclude_replies).merge(core_params)
end end
def account_params
@account_params ||= params.permit(:display_name, :note, :avatar, :header)
end
end end

View File

@ -163,6 +163,7 @@ Rails.application.routes.draw do
collection do collection do
get :relationships get :relationships
get :verify_credentials get :verify_credentials
patch :update_credentials
get :search get :search
end end

View File

@ -85,6 +85,17 @@ Returns an [Account](#account).
Returns the authenticated user's [Account](#account). Returns the authenticated user's [Account](#account).
#### Updating the current user:
PATCH /api/v1/accounts/update_credentials
Form data:
- `display_name`: The name to display in the user's profile
- `note`: A new biography for the user
- `avatar`: A base64 encoded image to display as the user's avatar (e.g. `data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAUoAAADrCAYAAAA...`)
- `header`: A base64 encoded image to display as the user's header image (e.g. `data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAUoAAADrCAYAAAA...`)
#### Getting an account's followers: #### Getting an account's followers:
GET /api/v1/accounts/:id/followers GET /api/v1/accounts/:id/followers

View File

@ -24,6 +24,39 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
end end
end end
describe 'PATCH #update_credentials' do
it 'returns http success' do
expect(user.account.avatar).not_to exist
expect(user.account.header).not_to exist
avatar = File.read(Rails.root.join('app', 'assets', 'images', 'logo.png'))
header = File.read(Rails.root.join('app', 'assets', 'images', 'mastodon-getting-started.png'))
params = {
display_name: "Alice Isn't Dead",
note: "Hi!\n\nToot toot!",
avatar: "data:image/png;base64,#{Base64.encode64(avatar)}",
header: "data:image/png;base64,#{Base64.encode64(header)}"
}
patch :update_credentials, params: params
expect(response).to have_http_status(:success)
user.reload
expect(user.account.display_name).to eq("Alice Isn't Dead")
expect(user.account.note).to eq("Hi!\n\nToot toot!")
expect(user.account.avatar).to exist
expect(user.account.header).to exist
end
it 'respects Account validations' do
note = "This is too long. " * 10
error = { error: 'The account could not be updated: Note is too long (maximum is 160 characters)' }.to_json
patch :update_credentials, params: { note: note }
expect(response).to have_http_status(:unprocessable_entity)
expect(response.body).to eq(error)
end
end
describe 'GET #statuses' do describe 'GET #statuses' do
it 'returns http success' do it 'returns http success' do
get :statuses, params: { id: user.account.id } get :statuses, params: { id: user.account.id }