Change interaction modal in web UI (mastodon#26075)

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

app/chewy/instances_index.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class InstancesIndex < Chewy::Index
+  settings index: { refresh_interval: '30s' }
+
+  index_scope ::Instance.searchable
+
+  root date_detection: false do
+    field :domain, type: 'text', index_prefixes: { min_chars: 1 }
+    field :accounts_count, type: 'long'
+  end
+end

app/controllers/api/v1/instances/peers_controller.rb

@@ -15,7 +15,7 @@ def current_user
 
   def index
     cache_even_if_authenticated!
-    render_with_cache(expires_in: 1.day) { Instance.where.not(domain: DomainBlock.select(:domain)).pluck(:domain) }
+    render_with_cache(expires_in: 1.day) { Instance.searchable.pluck(:domain) }
   end
 
   private

app/controllers/api/v1/peers/search_controller.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+class Api::V1::Peers::SearchController < Api::BaseController
+  before_action :require_enabled_api!
+  before_action :set_domains
+
+  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_around_action :set_locale
+
+  vary_by ''
+
+  def index
+    cache_even_if_authenticated!
+    render json: @domains
+  end
+
+  private
+
+  def require_enabled_api!
+    head 404 unless Setting.peers_api_enabled && !whitelist_mode?
+  end
+
+  def set_domains
+    return if params[:q].blank?
+
+    if Chewy.enabled?
+      @domains = InstancesIndex.query(function_score: {
+        query: {
+          prefix: {
+            domain: params[:q],
+          },
+        },
+
+        field_value_factor: {
+          field: 'accounts_count',
+          modifier: 'log2p',
+        },
+      }).limit(10).pluck(:domain)
+    else
+      domain = params[:q].strip
+      domain = TagManager.instance.normalize_domain(domain)
+      @domains = Instance.searchable.where(Instance.arel_table[:domain].matches("#{Instance.sanitize_sql_like(domain)}%", false, true)).limit(10).pluck(:domain)
+    end
+  end
+end

app/controllers/authorize_interactions_controller.rb

@@ -3,32 +3,19 @@
 class AuthorizeInteractionsController < ApplicationController
   include Authorization
 
-  layout 'modal'
-
   before_action :authenticate_user!
-  before_action :set_body_classes
   before_action :set_resource
 
   def show
     if @resource.is_a?(Account)
-      render :show
+      redirect_to web_url("@#{@resource.pretty_acct}")
     elsif @resource.is_a?(Status)
       redirect_to web_url("@#{@resource.account.pretty_acct}/#{@resource.id}")
     else
-      render :error
+      not_found
     end
   end
 
-  def create
-    if @resource.is_a?(Account) && FollowService.new.call(current_account, @resource, with_rate_limit: true)
-      render :success
-    else
-      render :error
-    end
-  rescue ActiveRecord::RecordNotFound
-    render :error
-  end
-
   private
 
   def set_resource
@@ -61,8 +48,4 @@ def parsed_uri
   def uri_param
     params[:uri] || params.fetch(:acct, '').delete_prefix('acct:')
   end
-
-  def set_body_classes
-    @body_classes = 'modal-layout'
-  end
 end

app/controllers/remote_interaction_helper_controller.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+class RemoteInteractionHelperController < ApplicationController
+  vary_by ''
+
+  skip_before_action :require_functional!
+  skip_around_action :set_locale
+  skip_before_action :update_user_sign_in
+
+  content_security_policy do |p|
+    # We inherit the normal `script-src`
+
+    # Set every directive that does not have a fallback
+    p.default_src :none
+    p.form_action :none
+    p.base_uri :none
+
+    # Disable every directive with a fallback to cut on response size
+    p.base_uri false
+    p.font_src false
+    p.img_src false
+    p.style_src false
+    p.media_src false
+    p.frame_src false
+    p.manifest_src false
+    p.connect_src false
+    p.child_src false
+    p.worker_src false
+
+    # Widen the directives that we do need
+    p.frame_ancestors :self
+    p.connect_src :https
+  end
+
+  def index
+    expires_in(5.minutes, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day)
+
+    response.headers['X-Frame-Options'] = 'SAMEORIGIN'
+    response.headers['Referrer-Policy'] = 'no-referrer'
+
+    render layout: 'helper_frame'
+  end
+end

app/controllers/well_known/webfinger_controller.rb

@@ -19,6 +19,7 @@ def show
 
     def set_account
       username = username_from_resource
+
       @account = begin
         if username == Rails.configuration.x.local_domain
           Account.representative

app/javascript/mastodon/containers/status_container.jsx

@@ -278,7 +278,7 @@ const mapDispatchToProps = (dispatch, { intl, contextType }) => ({
       modalProps: {
         type,
         accountId: status.getIn(['account', 'id']),
-        url: status.get('url'),
+        url: status.get('uri'),
       },
     }));
   },

app/javascript/mastodon/features/account_timeline/containers/header_container.jsx

@@ -83,7 +83,7 @@ const mapDispatchToProps = (dispatch, { intl }) => ({
       modalProps: {
         type: 'follow',
         accountId: account.get('id'),
-        url: account.get('url'),
+        url: account.get('uri'),
       },
     }));
   },

app/javascript/mastodon/features/compose/components/search.jsx

@@ -139,10 +139,6 @@ class Search extends PureComponent {
     this.setState({ expanded: false, selectedOption: -1 });
   };
 
-  findTarget = () => {
-    return this.searchForm;
-  };
-
   handleHashtagClick = () => {
     const { router } = this.context;
     const { value, onClickSearchResult } = this.props;