# frozen_string_literal: true
class AuthorizeFollowsController < ApplicationController
layout 'public'
before_action :authenticate_user!
def show
@account = located_account || render(:error)
end
def create
@account = follow_attempt.try(:target_account)
if @account.nil?
render :error
else
render :success
rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
private
def follow_attempt
FollowService.new.call(current_account, acct_without_prefix)
def located_account
if acct_param_is_url?
account_from_remote_fetch
account_from_remote_follow
def account_from_remote_fetch
FetchRemoteAccountService.new.call(acct_without_prefix)
def account_from_remote_follow
ResolveRemoteAccountService.new.call(acct_without_prefix)
def acct_param_is_url?
parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
def parsed_uri
Addressable::URI.parse(acct_without_prefix).normalize
def acct_without_prefix
acct_params.gsub(/\Aacct:/, '')
def acct_params
params.fetch(:acct, '')