mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-25 15:55:22 +00:00
Update BookmarkController, add parental control support
This commit is contained in:
parent
42298a2e9c
commit
1a16ec2078
2 changed files with 43 additions and 45 deletions
|
@ -3438,6 +3438,7 @@ class ApiV1Controller extends Controller
|
||||||
$status = Status::findOrFail($id);
|
$status = Status::findOrFail($id);
|
||||||
$pid = $request->user()->profile_id;
|
$pid = $request->user()->profile_id;
|
||||||
|
|
||||||
|
abort_if($user->has_roles && !UserRoleService::can('can-bookmark', $user->id), 403, 'Invalid permissions for this action');
|
||||||
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
|
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
|
||||||
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
|
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
|
||||||
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);
|
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);
|
||||||
|
@ -3477,6 +3478,7 @@ class ApiV1Controller extends Controller
|
||||||
$status = Status::findOrFail($id);
|
$status = Status::findOrFail($id);
|
||||||
$pid = $request->user()->profile_id;
|
$pid = $request->user()->profile_id;
|
||||||
|
|
||||||
|
abort_if($user->has_roles && !UserRoleService::can('can-bookmark', $user->id), 403, 'Invalid permissions for this action');
|
||||||
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
|
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
|
||||||
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
|
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
|
||||||
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);
|
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);
|
||||||
|
|
|
@ -8,60 +8,56 @@ use Auth;
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
use App\Services\BookmarkService;
|
use App\Services\BookmarkService;
|
||||||
use App\Services\FollowerService;
|
use App\Services\FollowerService;
|
||||||
|
use App\Services\UserRoleService;
|
||||||
|
|
||||||
class BookmarkController extends Controller
|
class BookmarkController extends Controller
|
||||||
{
|
{
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
$this->middleware('auth');
|
$this->middleware('auth');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function store(Request $request)
|
public function store(Request $request)
|
||||||
{
|
{
|
||||||
$this->validate($request, [
|
$this->validate($request, [
|
||||||
'item' => 'required|integer|min:1',
|
'item' => 'required|integer|min:1',
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$profile = Auth::user()->profile;
|
$user = $request->user();
|
||||||
$status = Status::findOrFail($request->input('item'));
|
$status = Status::findOrFail($request->input('item'));
|
||||||
|
|
||||||
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
|
abort_if($user->has_roles && !UserRoleService::can('can-bookmark', $user->id), 403, 'Invalid permissions for this action');
|
||||||
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
|
abort_if($status->in_reply_to_id || $status->reblog_of_id, 404);
|
||||||
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);
|
abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404);
|
||||||
|
abort_if(!in_array($status->type, ['photo','photo:album', 'video', 'video:album', 'photo:video:album']), 404);
|
||||||
|
|
||||||
if($status->scope == 'private') {
|
if($status->scope == 'private') {
|
||||||
if($profile->id !== $status->profile_id && !FollowerService::follows($profile->id, $status->profile_id)) {
|
if($user->profile_id !== $status->profile_id && !FollowerService::follows($user->profile_id, $status->profile_id)) {
|
||||||
if($exists = Bookmark::whereStatusId($status->id)->whereProfileId($profile->id)->first()) {
|
if($exists = Bookmark::whereStatusId($status->id)->whereProfileId($user->profile_id)->first()) {
|
||||||
BookmarkService::del($profile->id, $status->id);
|
BookmarkService::del($user->profile_id, $status->id);
|
||||||
$exists->delete();
|
$exists->delete();
|
||||||
|
|
||||||
if ($request->ajax()) {
|
if ($request->ajax()) {
|
||||||
return ['code' => 200, 'msg' => 'Bookmark removed!'];
|
return ['code' => 200, 'msg' => 'Bookmark removed!'];
|
||||||
} else {
|
} else {
|
||||||
return redirect()->back();
|
return redirect()->back();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
abort(404, 'Error: You cannot bookmark private posts from accounts you do not follow.');
|
abort(404, 'Error: You cannot bookmark private posts from accounts you do not follow.');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$bookmark = Bookmark::firstOrCreate(
|
$bookmark = Bookmark::firstOrCreate(
|
||||||
['status_id' => $status->id], ['profile_id' => $profile->id]
|
['status_id' => $status->id], ['profile_id' => $user->profile_id]
|
||||||
);
|
);
|
||||||
|
|
||||||
if (!$bookmark->wasRecentlyCreated) {
|
if (!$bookmark->wasRecentlyCreated) {
|
||||||
BookmarkService::del($profile->id, $status->id);
|
BookmarkService::del($user->profile_id, $status->id);
|
||||||
$bookmark->delete();
|
$bookmark->delete();
|
||||||
} else {
|
} else {
|
||||||
BookmarkService::add($profile->id, $status->id);
|
BookmarkService::add($user->profile_id, $status->id);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($request->ajax()) {
|
return $request->expectsJson() ? ['code' => 200, 'msg' => 'Bookmark saved!'] : redirect()->back();
|
||||||
$response = ['code' => 200, 'msg' => 'Bookmark saved!'];
|
}
|
||||||
} else {
|
|
||||||
$response = redirect()->back();
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue