using System.ComponentModel; using System.ComponentModel.DataAnnotations; using System.Net.Mime; using AsyncKeyedLock; using Iceshrimp.Backend.Controllers.Attributes; using Iceshrimp.Backend.Controllers.Renderers; using Iceshrimp.Shared.Schemas; using Iceshrimp.Backend.Core.Database; using Iceshrimp.Backend.Core.Database.Tables; using Iceshrimp.Backend.Core.Extensions; using Iceshrimp.Backend.Core.Helpers; using Iceshrimp.Backend.Core.Middleware; using Iceshrimp.Backend.Core.Services; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.RateLimiting; using Microsoft.EntityFrameworkCore; namespace Iceshrimp.Backend.Controllers; [ApiController] [EnableRateLimiting("sliding")] [Route("/api/iceshrimp/notes")] [Produces(MediaTypeNames.Application.Json)] public class NoteController( DatabaseContext db, NoteService noteSvc, NoteRenderer noteRenderer, UserRenderer userRenderer, CacheService cache ) : ControllerBase { private static readonly AsyncKeyedLocker KeyedLocker = new(o => { o.PoolSize = 100; o.PoolInitialFill = 5; }); [HttpGet("{id}")] [Authenticate] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(NoteResponse))] [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(ErrorResponse))] public async Task GetNote(string id) { var user = HttpContext.GetUser(); var note = await db.Notes.Where(p => p.Id == id) .IncludeCommonProperties() .EnsureVisibleFor(user) .FilterHidden(user, db, filterOutgoingBlocks: false, filterMutes: false) .PrecomputeVisibilities(user) .FirstOrDefaultAsync() ?? throw GracefulException.NotFound("Note not found"); return Ok(await noteRenderer.RenderOne(note.EnforceRenoteReplyVisibility(), user)); } [HttpGet("{id}/ascendants")] [Authenticate] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(IEnumerable))] [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(ErrorResponse))] public async Task GetNoteAscendants( string id, [FromQuery] [DefaultValue(20)] [Range(1, 100)] int? limit ) { var user = HttpContext.GetUser(); var note = await db.Notes.Where(p => p.Id == id) .EnsureVisibleFor(user) .FilterHidden(user, db, filterOutgoingBlocks: false, filterMutes: false) .FirstOrDefaultAsync() ?? throw GracefulException.NotFound("Note not found"); var notes = await db.NoteAncestors(note, limit ?? 20) .Include(p => p.User.UserProfile) .Include(p => p.Renote!.User.UserProfile) .EnsureVisibleFor(user) .FilterHidden(user, db) .PrecomputeNoteContextVisibilities(user) .ToListAsync(); var res = await noteRenderer.RenderMany(notes.EnforceRenoteReplyVisibility(), user, Filter.FilterContext.Threads); return Ok(res.ToList().OrderAncestors()); } [HttpGet("{id}/descendants")] [Authenticate] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(IEnumerable))] [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(ErrorResponse))] public async Task GetNoteDescendants( string id, [FromQuery] [DefaultValue(20)] [Range(1, 100)] int? depth ) { var user = HttpContext.GetUser(); var note = await db.Notes.Where(p => p.Id == id) .EnsureVisibleFor(user) .FilterHidden(user, db, filterOutgoingBlocks: false, filterMutes: false) .FirstOrDefaultAsync() ?? throw GracefulException.NotFound("Note not found"); var hits = await db.NoteDescendants(note, depth ?? 20, 100) .Include(p => p.User.UserProfile) .Include(p => p.Renote!.User.UserProfile) .EnsureVisibleFor(user) .FilterHidden(user, db) .PrecomputeNoteContextVisibilities(user) .ToListAsync(); var notes = hits.EnforceRenoteReplyVisibility(); var res = await noteRenderer.RenderMany(notes, user, Filter.FilterContext.Threads); return Ok(res.ToList().OrderDescendants()); } [HttpGet("{id}/reactions/{name}")] [Authenticate] [Authorize] [LinkPagination(20, 40)] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(IEnumerable))] [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(ErrorResponse))] public async Task GetNoteReactions(string id, string name) { var user = HttpContext.GetUser(); var note = await db.Notes.Where(p => p.Id == id) .EnsureVisibleFor(user) .FirstOrDefaultAsync() ?? throw GracefulException.NotFound("Note not found"); var users = await db.NoteReactions .Where(p => p.Note == note && p.Reaction == $":{name.Trim(':')}:") .Include(p => p.User.UserProfile) .Select(p => p.User) .ToListAsync(); return Ok(await userRenderer.RenderMany(users)); } [HttpPost("{id}/like")] [Authenticate] [Authorize] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(ValueResponse))] [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(ErrorResponse))] public async Task LikeNote(string id) { var user = HttpContext.GetUserOrFail(); var note = await db.Notes.Where(p => p.Id == id) .EnsureVisibleFor(user) .FirstOrDefaultAsync() ?? throw GracefulException.NotFound("Note not found"); var success = await noteSvc.LikeNoteAsync(note, user); return Ok(new ValueResponse(success ? ++note.LikeCount : note.LikeCount)); } [HttpPost("{id}/unlike")] [Authenticate] [Authorize] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(ValueResponse))] [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(ErrorResponse))] public async Task UnlikeNote(string id) { var user = HttpContext.GetUserOrFail(); var note = await db.Notes.Where(p => p.Id == id) .EnsureVisibleFor(user) .FirstOrDefaultAsync() ?? throw GracefulException.NotFound("Note not found"); var success = await noteSvc.UnlikeNoteAsync(note, user); return Ok(new ValueResponse(success ? --note.LikeCount : note.LikeCount)); } [HttpPost("{id}/react/{name}")] [Authenticate] [Authorize] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(ValueResponse))] [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(ErrorResponse))] public async Task ReactToNote(string id, string name) { var user = HttpContext.GetUserOrFail(); var note = await db.Notes.Where(p => p.Id == id) .IncludeCommonProperties() .EnsureVisibleFor(user) .FirstOrDefaultAsync() ?? throw GracefulException.NotFound("Note not found"); var res = await noteSvc.ReactToNoteAsync(note, user, name); note.Reactions.TryGetValue(res.name, out var count); return Ok(new ValueResponse(res.success ? ++count : count)); } [HttpPost("{id}/unreact/{name}")] [Authenticate] [Authorize] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(ValueResponse))] [ProducesResponseType(StatusCodes.Status404NotFound, Type = typeof(ErrorResponse))] public async Task RemoveReactionFromNote(string id, string name) { var user = HttpContext.GetUserOrFail(); var note = await db.Notes.Where(p => p.Id == id) .IncludeCommonProperties() .EnsureVisibleFor(user) .FirstOrDefaultAsync() ?? throw GracefulException.NotFound("Note not found"); var res = await noteSvc.RemoveReactionFromNoteAsync(note, user, name); note.Reactions.TryGetValue(res.name, out var count); return Ok(new ValueResponse(res.success ? --count : count)); } [HttpPost] [Authenticate] [Authorize] [Consumes(MediaTypeNames.Application.Json)] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(NoteResponse))] public async Task CreateNote(NoteCreateRequest request) { var user = HttpContext.GetUserOrFail(); if (request.IdempotencyKey != null) { var key = $"idempotency:{user.Id}:{request.IdempotencyKey}"; string hit; using (await KeyedLocker.LockAsync(key)) { hit = await cache.FetchAsync(key, TimeSpan.FromHours(24), () => $"_:{HttpContext.TraceIdentifier}"); } if (hit != $"_:{HttpContext.TraceIdentifier}") { for (var i = 0; i <= 10; i++) { if (!hit.StartsWith('_')) break; await Task.Delay(100); hit = await cache.GetAsync(key) ?? throw new Exception("Idempotency key status disappeared in for loop"); if (i >= 10) throw GracefulException.RequestTimeout("Failed to resolve idempotency key note within 1000 ms"); } return await GetNote(hit); } } var reply = request.ReplyId != null ? await db.Notes.Where(p => p.Id == request.ReplyId) .IncludeCommonProperties() .EnsureVisibleFor(user) .FirstOrDefaultAsync() ?? throw GracefulException.BadRequest("Reply target is nonexistent or inaccessible") : null; var renote = request.RenoteId != null ? await db.Notes.Where(p => p.Id == request.RenoteId) .IncludeCommonProperties() .EnsureVisibleFor(user) .FirstOrDefaultAsync() ?? throw GracefulException.BadRequest("Renote target is nonexistent or inaccessible") : null; var attachments = request.MediaIds != null ? await db.DriveFiles.Where(p => request.MediaIds.Contains(p.Id)).ToListAsync() : null; var note = await noteSvc.CreateNoteAsync(user, (Note.NoteVisibility)request.Visibility, request.Text, request.Cw, reply, renote, attachments); if (request.IdempotencyKey != null) await cache.SetAsync($"idempotency:{user.Id}:{request.IdempotencyKey}", note.Id, TimeSpan.FromHours(24)); return Ok(await noteRenderer.RenderOne(note, user)); } }