Merge pull request #4996 from pixelfed/staging

Staging
This commit is contained in:
daniel 2024-03-08 06:04:27 -07:00 committed by GitHub
commit 24c467c558
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 641 additions and 477 deletions

View file

@ -2,65 +2,63 @@
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Auth;
use Cache;
use DB;
use View;
use App\AccountInterstitial;
use App\Follower;
use App\FollowRequest;
use App\Profile;
use App\Story;
use App\Status;
use App\User;
use App\UserSetting;
use App\UserFilter;
use League\Fractal;
use App\Services\AccountService;
use App\Services\FollowerService;
use App\Services\StatusService;
use App\Util\Lexer\Nickname;
use App\Util\Webfinger\Webfinger;
use App\Transformer\ActivityPub\ProfileOutbox;
use App\Status;
use App\Story;
use App\Transformer\ActivityPub\ProfileTransformer;
use App\User;
use App\UserFilter;
use App\UserSetting;
use Auth;
use Cache;
use Illuminate\Http\Request;
use League\Fractal;
use View;
class ProfileController extends Controller
{
public function show(Request $request, $username)
{
// redirect authed users to Metro 2.0
if($request->user()) {
// unless they force static view
if(!$request->has('fs') || $request->input('fs') != '1') {
$pid = AccountService::usernameToId($username);
if($pid) {
return redirect('/i/web/profile/' . $pid);
}
}
}
if ($request->wantsJson() && (bool) config_cache('federation.activitypub.enabled')) {
$user = $this->getCachedUser($username, true);
abort_if(! $user, 404, 'Not found');
$user = Profile::whereNull('domain')
->whereNull('status')
->whereUsername($username)
->firstOrFail();
if($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
return $this->showActivityPub($request, $user);
}
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $user->id, 86400, function() use($user) {
// redirect authed users to Metro 2.0
if ($request->user()) {
// unless they force static view
if (! $request->has('fs') || $request->input('fs') != '1') {
$pid = AccountService::usernameToId($username);
if ($pid) {
return redirect('/i/web/profile/'.$pid);
}
}
}
$user = $this->getCachedUser($username);
abort_unless($user, 404);
$aiCheck = Cache::remember('profile:ai-check:spam-login:'.$user->id, 3600, function () use ($user) {
$exists = AccountInterstitial::whereUserId($user->user_id)->where('is_spam', 1)->count();
if($exists) {
if ($exists) {
return true;
}
return false;
});
if($aiCheck) {
if ($aiCheck) {
return redirect('/login');
}
return $this->buildProfile($request, $user);
}
@ -70,15 +68,16 @@ class ProfileController extends Controller
$loggedIn = Auth::check();
$isPrivate = false;
$isBlocked = false;
if(!$loggedIn) {
$key = 'profile:settings:' . $user->id;
if (! $loggedIn) {
$key = 'profile:settings:'.$user->id;
$ttl = now()->addHours(6);
$settings = Cache::remember($key, $ttl, function() use($user) {
$settings = Cache::remember($key, $ttl, function () use ($user) {
return $user->user->settings;
});
if ($user->is_private == true) {
$profile = null;
return view('profile.private', compact('user'));
}
@ -90,18 +89,19 @@ class ProfileController extends Controller
'crawlable' => $settings->crawlable,
'following' => [
'count' => $settings->show_profile_following_count,
'list' => $settings->show_profile_following
'list' => $settings->show_profile_following,
],
'followers' => [
'count' => $settings->show_profile_follower_count,
'list' => $settings->show_profile_followers
]
'list' => $settings->show_profile_followers,
],
];
return view('profile.show', compact('profile', 'settings'));
} else {
$key = 'profile:settings:' . $user->id;
$key = 'profile:settings:'.$user->id;
$ttl = now()->addHours(6);
$settings = Cache::remember($key, $ttl, function() use($user) {
$settings = Cache::remember($key, $ttl, function () use ($user) {
return $user->user->settings;
});
@ -118,6 +118,7 @@ class ProfileController extends Controller
$requested = Auth::check() ? FollowRequest::whereFollowerId(Auth::user()->profile_id)
->whereFollowingId($user->id)
->exists() : false;
return view('profile.private', compact('user', 'is_following', 'requested'));
}
@ -127,36 +128,61 @@ class ProfileController extends Controller
'crawlable' => $settings->crawlable,
'following' => [
'count' => $settings->show_profile_following_count,
'list' => $settings->show_profile_following
'list' => $settings->show_profile_following,
],
'followers' => [
'count' => $settings->show_profile_follower_count,
'list' => $settings->show_profile_followers
]
'list' => $settings->show_profile_followers,
],
];
return view('profile.show', compact('profile', 'settings'));
}
}
protected function getCachedUser($username, $withTrashed = false)
{
$val = str_replace(['_', '.', '-'], '', $username);
if (! ctype_alnum($val)) {
return;
}
$hash = ($withTrashed ? 'wt:' : 'wot:').strtolower($username);
return Cache::remember('pfc:cached-user:'.$hash, ($withTrashed ? 14400 : 900), function () use ($username, $withTrashed) {
if (! $withTrashed) {
return Profile::whereNull(['domain', 'status'])
->whereUsername($username)
->first();
} else {
return Profile::withTrashed()
->whereNull('domain')
->whereUsername($username)
->first();
}
});
}
public function permalinkRedirect(Request $request, $username)
{
$user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
if ($request->wantsJson() && (bool) config_cache('federation.activitypub.enabled')) {
$user = $this->getCachedUser($username, true);
if ($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
return $this->showActivityPub($request, $user);
}
$user = $this->getCachedUser($username);
return redirect($user->url());
}
protected function privateProfileCheck(Profile $profile, $loggedIn)
{
if (!Auth::check()) {
if (! Auth::check()) {
return true;
}
$user = Auth::user()->profile;
if($user->id == $profile->id || !$profile->is_private) {
if ($user->id == $profile->id || ! $profile->is_private) {
return false;
}
@ -180,6 +206,7 @@ class ProfileController extends Controller
default:
break;
}
return abort(404);
}
@ -200,36 +227,38 @@ class ProfileController extends Controller
public function showActivityPub(Request $request, $user)
{
abort_if(!config_cache('federation.activitypub.enabled'), 404);
abort_if(! config_cache('federation.activitypub.enabled'), 404);
abort_if(! $user, 404, 'Not found');
abort_if($user->domain, 404);
return Cache::remember('pf:activitypub:user-object:by-id:' . $user->id, 3600, function() use($user) {
return Cache::remember('pf:activitypub:user-object:by-id:'.$user->id, 1800, function () use ($user) {
$fractal = new Fractal\Manager();
$resource = new Fractal\Resource\Item($user, new ProfileTransformer);
$res = $fractal->createData($resource)->toArray();
return response(json_encode($res['data']))->header('Content-Type', 'application/activity+json');
});
}
public function showAtomFeed(Request $request, $user)
{
abort_if(!config('federation.atom.enabled'), 404);
abort_if(! config('federation.atom.enabled'), 404);
$pid = AccountService::usernameToId($user);
abort_if(!$pid, 404);
abort_if(! $pid, 404);
$profile = AccountService::get($pid, true);
abort_if(!$profile || $profile['locked'] || !$profile['local'], 404);
abort_if(! $profile || $profile['locked'] || ! $profile['local'], 404);
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $profile['id'], 86400, function() use($profile) {
$aiCheck = Cache::remember('profile:ai-check:spam-login:'.$profile['id'], 86400, function () use ($profile) {
$uid = User::whereProfileId($profile['id'])->first();
if(!$uid) {
if (! $uid) {
return true;
}
$exists = AccountInterstitial::whereUserId($uid->id)->where('is_spam', 1)->count();
if($exists) {
if ($exists) {
return true;
}
@ -238,54 +267,55 @@ class ProfileController extends Controller
abort_if($aiCheck, 404);
$enabled = Cache::remember('profile:atom:enabled:' . $profile['id'], 84600, function() use ($profile) {
$enabled = Cache::remember('profile:atom:enabled:'.$profile['id'], 84600, function () use ($profile) {
$uid = User::whereProfileId($profile['id'])->first();
if(!$uid) {
if (! $uid) {
return false;
}
$settings = UserSetting::whereUserId($uid->id)->first();
if(!$settings) {
if (! $settings) {
return false;
}
return $settings->show_atom;
});
abort_if(!$enabled, 404);
abort_if(! $enabled, 404);
$data = Cache::remember('pf:atom:user-feed:by-id:' . $profile['id'], 900, function() use($pid, $profile) {
$data = Cache::remember('pf:atom:user-feed:by-id:'.$profile['id'], 14400, function () use ($pid, $profile) {
$items = Status::whereProfileId($pid)
->whereScope('public')
->whereIn('type', ['photo', 'photo:album'])
->orderByDesc('id')
->take(10)
->get()
->map(function($status) {
->map(function ($status) {
return StatusService::get($status->id, true);
})
->filter(function($status) {
->filter(function ($status) {
return $status &&
isset($status['account']) &&
isset($status['media_attachments']) &&
count($status['media_attachments']);
})
->values();
$permalink = config('app.url') . "/users/{$profile['username']}.atom";
$permalink = config('app.url')."/users/{$profile['username']}.atom";
$headers = ['Content-Type' => 'application/atom+xml'];
if($items && $items->count()) {
if ($items && $items->count()) {
$headers['Last-Modified'] = now()->parse($items->first()['created_at'])->toRfc7231String();
}
return compact('items', 'permalink', 'headers');
});
abort_if(!$data || !isset($data['items']) || !isset($data['permalink']), 404);
abort_if(! $data || ! isset($data['items']) || ! isset($data['permalink']), 404);
return response()
->view('atom.user',
[
'profile' => $profile,
'items' => $data['items'],
'permalink' => $data['permalink']
'permalink' => $data['permalink'],
]
)
->withHeaders($data['headers']);
@ -293,7 +323,8 @@ class ProfileController extends Controller
public function meRedirect()
{
abort_if(!Auth::check(), 404);
abort_if(! Auth::check(), 404);
return redirect(Auth::user()->url());
}
@ -301,57 +332,55 @@ class ProfileController extends Controller
{
$res = view('profile.embed-removed');
if(!config('instance.embed.profile')) {
if (! config('instance.embed.profile')) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
if(strlen($username) > 15 || strlen($username) < 2) {
if (strlen($username) > 15 || strlen($username) < 2) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
$profile = Profile::whereUsername($username)
->whereIsPrivate(false)
->whereNull('status')
->whereNull('domain')
->first();
$profile = $this->getCachedUser($username);
if(!$profile) {
if (! $profile || $profile->is_private) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $profile->id, 86400, function() use($profile) {
$aiCheck = Cache::remember('profile:ai-check:spam-login:'.$profile->id, 86400, function () use ($profile) {
$exists = AccountInterstitial::whereUserId($profile->user_id)->where('is_spam', 1)->count();
if($exists) {
if ($exists) {
return true;
}
return false;
});
if($aiCheck) {
if ($aiCheck) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
if(AccountService::canEmbed($profile->user_id) == false) {
if (AccountService::canEmbed($profile->user_id) == false) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
$profile = AccountService::get($profile->id);
$res = view('profile.embed', compact('profile'));
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
public function stories(Request $request, $username)
{
abort_if(!config_cache('instance.stories.enabled') || !$request->user(), 404);
abort_if(! config_cache('instance.stories.enabled') || ! $request->user(), 404);
$profile = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
$pid = $profile->id;
$authed = Auth::user()->profile_id;
abort_if($pid != $authed && !FollowerService::follows($authed, $pid), 404);
abort_if($pid != $authed && ! FollowerService::follows($authed, $pid), 404);
$exists = Story::whereProfileId($pid)
->whereActive(true)
->exists();
abort_unless($exists, 404);
return view('profile.story', compact('pid', 'profile'));
}
}

View file

@ -95,6 +95,8 @@ trait PrivacySettings
Cache::forget('pf:acct:settings:hidden-following:' . $pid);
Cache::forget('pf:acct-trans:hideFollowing:' . $pid);
Cache::forget('pf:acct-trans:hideFollowers:' . $pid);
Cache::forget('pfc:cached-user:wt:' . strtolower($profile->username));
Cache::forget('pfc:cached-user:wot:' . strtolower($profile->username));
return redirect(route('settings.privacy'))->with('status', 'Settings successfully updated!');
}

View file

@ -2,14 +2,18 @@
namespace App\Http\Controllers;
use App\Page;
use App\Profile;
use App\Services\FollowerService;
use App\Status;
use App\User;
use App\Util\ActivityPub\Helpers;
use App\Util\Localization\Localization;
use Auth;
use Cache;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use App, Auth, Cache, View;
use App\Util\Lexer\PrettyNumber;
use App\{Follower, Page, Profile, Status, User, UserFilter};
use App\Util\Localization\Localization;
use App\Services\FollowerService;
use App\Util\ActivityPub\Helpers;
use View;
class SiteController extends Controller
{
@ -29,7 +33,7 @@ class SiteController extends Controller
public function homeTimeline(Request $request)
{
if($request->has('force_old_ui')) {
if ($request->has('force_old_ui')) {
return view('timeline.home', ['layout' => 'feed']);
}
@ -40,8 +44,8 @@ class SiteController extends Controller
{
// todo: add other locales after pushing new l10n strings
$locales = Localization::languages();
if(in_array($locale, $locales)) {
if($request->user()) {
if (in_array($locale, $locales)) {
if ($request->user()) {
$user = $request->user();
$user->language = $locale;
$user->save();
@ -54,10 +58,11 @@ class SiteController extends Controller
public function about()
{
return Cache::remember('site.about_v2', now()->addMinutes(15), function() {
return Cache::remember('site.about_v2', now()->addMinutes(15), function () {
$user_count = number_format(User::count());
$post_count = number_format(Status::count());
$rules = config_cache('app.rules') ? json_decode(config_cache('app.rules'), true) : null;
return view('site.about', compact('rules', 'user_count', 'post_count'))->render();
});
}
@ -69,39 +74,45 @@ class SiteController extends Controller
public function communityGuidelines(Request $request)
{
return Cache::remember('site:help:community-guidelines', now()->addDays(120), function() {
return Cache::remember('site:help:community-guidelines', now()->addDays(120), function () {
$slug = '/site/kb/community-guidelines';
$page = Page::whereSlug($slug)->whereActive(true)->first();
return View::make('site.help.community-guidelines')->with(compact('page'))->render();
});
}
public function privacy(Request $request)
{
$page = Cache::remember('site:privacy', now()->addDays(120), function() {
$page = Cache::remember('site:privacy', now()->addDays(120), function () {
$slug = '/site/privacy';
return Page::whereSlug($slug)->whereActive(true)->first();
});
return View::make('site.privacy')->with(compact('page'))->render();
}
public function terms(Request $request)
{
$page = Cache::remember('site:terms', now()->addDays(120), function() {
$page = Cache::remember('site:terms', now()->addDays(120), function () {
$slug = '/site/terms';
return Page::whereSlug($slug)->whereActive(true)->first();
});
return View::make('site.terms')->with(compact('page'))->render();
}
public function redirectUrl(Request $request)
{
abort_if(!$request->user(), 404);
abort_if(! $request->user(), 404);
$this->validate($request, [
'url' => 'required|url'
'url' => 'required|url',
]);
$url = request()->input('url');
abort_if(Helpers::validateUrl($url) == false, 404);
return view('site.redirect', compact('url'));
}
@ -114,17 +125,18 @@ class SiteController extends Controller
$user = $request->user();
abort_if($user && $profile->id == $user->profile_id, 404);
$following = $user != null ? FollowerService::follows($user->profile_id, $profile->id) : false;
return view('site.intents.follow', compact('profile', 'user', 'following'));
}
public function legacyProfileRedirect(Request $request, $username)
{
$username = Str::contains($username, '@') ? '@' . $username : $username;
if(str_contains($username, '@')) {
$username = Str::contains($username, '@') ? '@'.$username : $username;
if (str_contains($username, '@')) {
$profile = Profile::whereUsername($username)
->firstOrFail();
if($profile->domain == null) {
if ($profile->domain == null) {
$url = "/$profile->username";
} else {
$url = "/i/web/profile/_/{$profile->id}";
@ -146,7 +158,7 @@ class SiteController extends Controller
$profile = Profile::whereUsername($un)
->firstOrFail();
if($profile->domain == null) {
if ($profile->domain == null) {
$url = "/$profile->username";
} else {
$url = $request->user() ? "/i/web/profile/_/{$profile->id}" : $profile->url();
@ -157,11 +169,35 @@ class SiteController extends Controller
public function legalNotice(Request $request)
{
$page = Cache::remember('site:legal-notice', now()->addDays(120), function() {
$page = Cache::remember('site:legal-notice', now()->addDays(120), function () {
$slug = '/site/legal-notice';
return Page::whereSlug($slug)->whereActive(true)->first();
});
abort_if(!$page, 404);
abort_if(! $page, 404);
return View::make('site.legal-notice')->with(compact('page'))->render();
}
public function curatedOnboarding(Request $request)
{
if ($request->user()) {
return redirect('/i/web');
}
$regOpen = (bool) config_cache('pixelfed.open_registration');
$curOnboarding = (bool) config_cache('instance.curated_registration.enabled');
$curOnlyClosed = (bool) config('instance.curated_registration.state.only_enabled_on_closed_reg');
if ($regOpen) {
if ($curOnlyClosed) {
return redirect('/register');
}
} else {
if (! $curOnboarding) {
return redirect('/');
}
}
return view('auth.curated-register.index', ['step' => 1]);
}
}

View file

@ -3,8 +3,8 @@
namespace App\Transformer\ActivityPub;
use App\Profile;
use League\Fractal;
use App\Services\AccountService;
use League\Fractal;
class ProfileTransformer extends Fractal\TransformerAbstract
{
@ -19,13 +19,14 @@ class ProfileTransformer extends Fractal\TransformerAbstract
'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
'alsoKnownAs' => [
'@id' => 'as:alsoKnownAs',
'@type' => '@id'
'@type' => '@id',
],
'movedTo' => [
'@id' => 'as:movedTo',
'@type' => '@id'
'@type' => '@id',
],
'indexable' => 'toot:indexable',
'suspended' => 'toot:suspended',
],
],
'id' => $profile->permalink(),
@ -40,7 +41,7 @@ class ProfileTransformer extends Fractal\TransformerAbstract
'url' => $profile->url(),
'manuallyApprovesFollowers' => (bool) $profile->is_private,
'indexable' => (bool) $profile->indexable,
'published' => $profile->created_at->format('Y-m-d') . 'T00:00:00Z',
'published' => $profile->created_at->format('Y-m-d').'T00:00:00Z',
'publicKey' => [
'id' => $profile->permalink().'#main-key',
'owner' => $profile->permalink(),
@ -52,16 +53,28 @@ class ProfileTransformer extends Fractal\TransformerAbstract
'url' => $profile->avatarUrl(),
],
'endpoints' => [
'sharedInbox' => config('app.url') . '/f/inbox'
]
'sharedInbox' => config('app.url').'/f/inbox',
],
];
if($profile->aliases->count()) {
$res['alsoKnownAs'] = $profile->aliases->map(fn($alias) => $alias->uri);
if ($profile->status === 'delete' || $profile->deleted_at != null) {
$res['suspended'] = true;
$res['name'] = '';
unset($res['icon']);
$res['summary'] = '';
$res['indexable'] = false;
$res['manuallyApprovesFollowers'] = false;
} else {
if ($profile->aliases->count()) {
$res['alsoKnownAs'] = $profile->aliases->map(fn ($alias) => $alias->uri);
}
if($profile->moved_to_profile_id) {
$res['movedTo'] = AccountService::get($profile->moved_to_profile_id)['url'];
if ($profile->moved_to_profile_id) {
$movedTo = AccountService::get($profile->moved_to_profile_id);
if ($movedTo && isset($movedTo['url'], $movedTo['id'])) {
$res['movedTo'] = $movedTo['url'];
}
}
}
return $res;

View file

@ -0,0 +1,24 @@
<?php
namespace App\Transformer\ActivityPub\Verb;
use App\Profile;
use League\Fractal;
class DeleteActor extends Fractal\TransformerAbstract
{
public function transform(Profile $profile)
{
return [
'@context' => 'https://www.w3.org/ns/activitystreams',
'id' => $profile->permalink('#delete'),
'type' => 'Delete',
'actor' => $profile->permalink(),
'to' => [
'https://www.w3.org/ns/activitystreams#Public'
],
'object' => $profile->permalink()
];
}
}

View file

@ -0,0 +1,28 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::table('instances', function (Blueprint $table) {
$table->string('shared_inbox')->nullable()->index();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::table('instances', function (Blueprint $table) {
$table->dropColumn('shared_inbox');
});
}
};

View file

@ -0,0 +1,32 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
use App\Instance;
use App\Profile;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
foreach(Instance::lazyById(50, 'id') as $instance) {
$si = Profile::whereDomain($instance->domain)->whereNotNull('sharedInbox')->first();
if($si && $si->sharedInbox) {
$instance->shared_inbox = $si->sharedInbox;
$instance->save();
}
}
}
/**
* Reverse the migrations.
*/
public function down(): void
{
}
};

View file

@ -29,7 +29,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
Route::get('auth/pci/{id}/{code}', 'ParentalControlsController@inviteRegister');
Route::post('auth/pci/{id}/{code}', 'ParentalControlsController@inviteRegisterStore');
Route::get('auth/sign_up', 'CuratedRegisterController@index')->name('auth.curated-onboarding');
Route::get('auth/sign_up', 'SiteController@curatedOnboarding')->name('auth.curated-onboarding');
Route::post('auth/sign_up', 'CuratedRegisterController@proceed');
Route::get('auth/sign_up/concierge/response-sent', 'CuratedRegisterController@conciergeResponseSent');
Route::get('auth/sign_up/concierge', 'CuratedRegisterController@concierge');