Update BookmarkController, add parental control support

This commit is contained in:
Daniel Supernault 2024-01-11 03:22:35 -07:00
parent 42298a2e9c
commit 1a16ec2078
No known key found for this signature in database
GPG key ID: 23740873EE6F76A1
2 changed files with 43 additions and 45 deletions

View file

@ -3438,6 +3438,7 @@ class ApiV1Controller extends Controller
$status = Status::findOrFail($id); $status = Status::findOrFail($id);
$pid = $request->user()->profile_id; $pid = $request->user()->profile_id;
abort_if($user->has_roles && !UserRoleService::can('can-bookmark', $user->id), 403, 'Invalid permissions for this action');
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404); abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404); abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404); abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);
@ -3477,6 +3478,7 @@ class ApiV1Controller extends Controller
$status = Status::findOrFail($id); $status = Status::findOrFail($id);
$pid = $request->user()->profile_id; $pid = $request->user()->profile_id;
abort_if($user->has_roles && !UserRoleService::can('can-bookmark', $user->id), 403, 'Invalid permissions for this action');
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404); abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404); abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404); abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);

View file

@ -8,6 +8,7 @@ use Auth;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use App\Services\BookmarkService; use App\Services\BookmarkService;
use App\Services\FollowerService; use App\Services\FollowerService;
use App\Services\UserRoleService;
class BookmarkController extends Controller class BookmarkController extends Controller
{ {
@ -22,17 +23,18 @@ class BookmarkController extends Controller
'item' => 'required|integer|min:1', 'item' => 'required|integer|min:1',
]); ]);
$profile = Auth::user()->profile; $user = $request->user();
$status = Status::findOrFail($request->input('item')); $status = Status::findOrFail($request->input('item'));
abort_if($user->has_roles && !UserRoleService::can('can-bookmark', $user->id), 403, 'Invalid permissions for this action');
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404); abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404); abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404); abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);
if($status->scope == 'private') { if($status->scope == 'private') {
if($profile->id !== $status->profile_id && !FollowerService::follows($profile->id, $status->profile_id)) { if($user->profile_id !== $status->profile_id && !FollowerService::follows($user->profile_id, $status->profile_id)) {
if($exists = Bookmark::whereStatusId($status->id)->whereProfileId($profile->id)->first()) { if($exists = Bookmark::whereStatusId($status->id)->whereProfileId($user->profile_id)->first()) {
BookmarkService::del($profile->id, $status->id); BookmarkService::del($user->profile_id, $status->id);
$exists->delete(); $exists->delete();
if ($request->ajax()) { if ($request->ajax()) {
@ -46,22 +48,16 @@ class BookmarkController extends Controller
} }
$bookmark = Bookmark::firstOrCreate( $bookmark = Bookmark::firstOrCreate(
['status_id' => $status->id], ['profile_id' => $profile->id] ['status_id' => $status->id], ['profile_id' => $user->profile_id]
); );
if (!$bookmark->wasRecentlyCreated) { if (!$bookmark->wasRecentlyCreated) {
BookmarkService::del($profile->id, $status->id); BookmarkService::del($user->profile_id, $status->id);
$bookmark->delete(); $bookmark->delete();
} else { } else {
BookmarkService::add($profile->id, $status->id); BookmarkService::add($user->profile_id, $status->id);
} }
if ($request->ajax()) { return $request->expectsJson() ? ['code' => 200, 'msg' => 'Bookmark saved!'] : redirect()->back();
$response = ['code' => 200, 'msg' => 'Bookmark saved!'];
} else {
$response = redirect()->back();
}
return $response;
} }
} }