Update ApiV1Controller, fix account settings bug

This commit is contained in:
Daniel Supernault 2022-01-08 04:02:14 -07:00
parent 75a44fdc2f
commit 08246f2482
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
3 changed files with 127 additions and 103 deletions

View file

@ -411,34 +411,40 @@ class ApiV1Controller extends Controller
public function accountFollowersById(Request $request, $id) public function accountFollowersById(Request $request, $id)
{ {
abort_if(!$request->user(), 403); abort_if(!$request->user(), 403);
$account = AccountService::get($id);
abort_if(!$account, 404);
$pid = $request->user()->profile_id;
$user = $request->user(); if($pid != $account['id']) {
$profile = Profile::whereNull('status')->findOrFail($id); if($account['locked']) {
$limit = $request->input('limit') ?? 40; if(FollowerService::follows($pid, $account['id'])) {
return [];
}
}
if($profile->domain) { if(AccountService::hiddenFollowers($id)) {
$res = []; return [];
} else {
if($profile->id == $user->profile_id) {
$followers = $profile->followers()->paginate($limit);
$resource = new Fractal\Resource\Collection($followers, new AccountTransformer());
$res = $this->fractal->createData($resource)->toArray();
} else {
if($profile->is_private) {
abort_if(!$profile->followedBy($user->profile), 403);
}
$settings = $profile->user->settings;
if( in_array($user->profile_id, $profile->blockedIds()->toArray()) ||
$settings->show_profile_followers == false
) {
$res = [];
} else {
$followers = $profile->followers()->paginate($limit);
$resource = new Fractal\Resource\Collection($followers, new AccountTransformer());
$res = $this->fractal->createData($resource)->toArray();
} }
if($request->has('page') && $request->page >= 5) {
return [];
} }
} }
$res = DB::table('followers')
->select('id', 'profile_id', 'following_id')
->whereFollowingId($account['id'])
->orderByDesc('id')
->simplePaginate(10)
->map(function($follower) {
return AccountService::getMastodon($follower->profile_id);
})
->filter(function($account) {
return $account && isset($account['id']);
})
->values()
->toArray();
return response()->json($res); return response()->json($res);
} }
@ -452,35 +458,39 @@ class ApiV1Controller extends Controller
public function accountFollowingById(Request $request, $id) public function accountFollowingById(Request $request, $id)
{ {
abort_if(!$request->user(), 403); abort_if(!$request->user(), 403);
$account = AccountService::get($id);
abort_if(!$account, 404);
$pid = $request->user()->profile_id;
$user = $request->user(); if($pid != $account['id']) {
$profile = Profile::whereNull('status')->findOrFail($id); if($account['locked']) {
$limit = $request->input('limit') ?? 40; if(FollowerService::follows($pid, $account['id'])) {
return [];
if($profile->domain) {
$res = [];
} else {
if($profile->id == $user->profile_id) {
$following = $profile->following()->paginate($limit);
$resource = new Fractal\Resource\Collection($following, new AccountTransformer());
$res = $this->fractal->createData($resource)->toArray();
} else {
if($profile->is_private) {
abort_if(!$profile->followedBy($user->profile), 403);
}
$settings = $profile->user->settings;
if( in_array($user->profile_id, $profile->blockedIds()->toArray()) ||
$settings->show_profile_following == false
) {
$res = [];
} else {
$following = $profile->following()->paginate($limit);
$resource = new Fractal\Resource\Collection($following, new AccountTransformer());
$res = $this->fractal->createData($resource)->toArray();
}
} }
} }
if(AccountService::hiddenFollowing($id)) {
return [];
}
if($request->has('page') && $request->page >= 5) {
return [];
}
}
$res = DB::table('followers')
->select('id', 'profile_id', 'following_id')
->whereProfileId($account['id'])
->orderByDesc('id')
->simplePaginate(10)
->map(function($follower) {
return AccountService::get($follower->following_id);
})
->filter(function($account) {
return $account && isset($account['id']);
})
->values()
->toArray();
return response()->json($res); return response()->json($res);
} }

View file

@ -15,7 +15,7 @@ use App\{
StatusView, StatusView,
UserFilter UserFilter
}; };
use Auth, Cache; use Auth, Cache, DB;
use Illuminate\Support\Facades\Redis; use Illuminate\Support\Facades\Redis;
use Carbon\Carbon; use Carbon\Carbon;
use League\Fractal; use League\Fractal;
@ -651,27 +651,39 @@ class PublicApiController extends Controller
public function accountFollowers(Request $request, $id) public function accountFollowers(Request $request, $id)
{ {
abort_unless(Auth::check(), 403); abort_if(!$request->user(), 403);
$profile = Profile::with('user')->whereNull('status')->findOrFail($id); $account = AccountService::get($id);
$owner = Auth::id() == $profile->user_id; abort_if(!$account, 404);
$pid = $request->user()->profile_id;
if(Auth::id() != $profile->user_id && $profile->is_private) { if($pid != $account['id']) {
return response()->json([]); if($account['locked']) {
if(FollowerService::follows($pid, $account['id'])) {
return [];
} }
if(!$profile->domain && !$profile->user->settings->show_profile_followers) {
return response()->json([]);
} }
if(!$owner && $request->page > 5) {
if(AccountService::hiddenFollowers($id)) {
return []; return [];
} }
$res = Follower::select('id', 'profile_id', 'following_id') if($request->has('page') && $request->page >= 5) {
->whereFollowingId($profile->id) return [];
}
}
$res = DB::table('followers')
->select('id', 'profile_id', 'following_id')
->whereFollowingId($account['id'])
->orderByDesc('id') ->orderByDesc('id')
->simplePaginate(10) ->simplePaginate(10)
->map(function($follower) { ->map(function($follower) {
return ProfileService::get($follower['profile_id']); return AccountService::get($follower->profile_id);
}) })
->filter(function($account) {
return $account && isset($account['id']);
})
->values()
->toArray(); ->toArray();
return response()->json($res); return response()->json($res);
@ -679,40 +691,40 @@ class PublicApiController extends Controller
public function accountFollowing(Request $request, $id) public function accountFollowing(Request $request, $id)
{ {
abort_unless(Auth::check(), 403); abort_if(!$request->user(), 403);
$account = AccountService::get($id);
abort_if(!$account, 404);
$pid = $request->user()->profile_id;
$profile = Profile::with('user') if($pid != $account['id']) {
->whereNull('status') if($account['locked']) {
->findOrFail($id); if(FollowerService::follows($pid, $account['id'])) {
return [];
// filter by username }
$search = $request->input('fbu');
$owner = Auth::id() == $profile->user_id;
$filter = ($owner == true) && ($search != null);
abort_if($owner == false && $profile->is_private == true && !$profile->followedBy(Auth::user()->profile), 404);
if(!$profile->domain) {
abort_if($profile->user->settings->show_profile_following == false && $owner == false, 404);
} }
if(!$owner && $request->page > 5) { if(AccountService::hiddenFollowing($id)) {
return []; return [];
} }
if($search) { if($request->has('page') && $request->page >= 5) {
abort_if(!$owner, 404); return [];
$following = $profile->following()
->where('profiles.username', 'like', '%'.$search.'%')
->orderByDesc('followers.created_at')
->paginate(10);
} else {
$following = $profile->following()
->orderByDesc('followers.created_at')
->paginate(10);
} }
$resource = new Fractal\Resource\Collection($following, new AccountTransformer()); }
$res = $this->fractal->createData($resource)->toArray();
$res = DB::table('followers')
->select('id', 'profile_id', 'following_id')
->whereProfileId($account['id'])
->orderByDesc('id')
->simplePaginate(10)
->map(function($follower) {
return AccountService::get($follower->following_id);
})
->filter(function($account) {
return $account && isset($account['id']);
})
->values()
->toArray();
return response()->json($res); return response()->json($res);
} }

View file

@ -77,6 +77,8 @@ trait PrivacySettings
Cache::forget('profile:follower_count:' . $profile->id); Cache::forget('profile:follower_count:' . $profile->id);
Cache::forget('profile:following_count:' . $profile->id); Cache::forget('profile:following_count:' . $profile->id);
Cache::forget('profile:embed:' . $profile->id); Cache::forget('profile:embed:' . $profile->id);
Cache::forget('pf:acct:settings:hidden-followers:' . $profile->id);
Cache::forget('pf:acct:settings:hidden-following:' . $profile->id);
return redirect(route('settings.privacy'))->with('status', 'Settings successfully updated!'); return redirect(route('settings.privacy'))->with('status', 'Settings successfully updated!');
} }