From 4dac1a43dd1aaf39877b34d259b1da200d4b89fa Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Fri, 30 Apr 2021 21:38:14 -0600 Subject: [PATCH 1/5] Update web routes --- routes/web.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/routes/web.php b/routes/web.php index 5f3831842..58a6d636d 100644 --- a/routes/web.php +++ b/routes/web.php @@ -190,7 +190,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact Route::get('loops', 'DiscoverController@loopsApi'); Route::post('loops/watch', 'DiscoverController@loopWatch'); Route::get('discover/tag', 'DiscoverController@getHashtags'); - Route::post('status/compose', 'InternalApiController@composePost')->middleware('throttle:maxPostsPerHour,60')->middleware('throttle:maxPostsPerDay,1440'); + Route::post('status/compose', 'InternalApiController@composePost'); Route::get('discover/posts/trending', 'DiscoverController@trendingApi'); Route::get('discover/posts/hashtags', 'DiscoverController@trendingHashtags'); Route::get('discover/posts/places', 'DiscoverController@trendingPlaces'); @@ -202,7 +202,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact Route::group(['prefix' => 'local'], function () { // Route::post('status/compose', 'InternalApiController@composePost')->middleware('throttle:maxPostsPerHour,60')->middleware('throttle:maxPostsPerDay,1440'); Route::get('exp/rec', 'ApiController@userRecommendations'); - Route::post('discover/tag/subscribe', 'HashtagFollowController@store')->middleware('throttle:maxHashtagFollowsPerHour,60')->middleware('throttle:maxHashtagFollowsPerDay,1440'); + Route::post('discover/tag/subscribe', 'HashtagFollowController@store'); Route::get('discover/tag/list', 'HashtagFollowController@getTags'); // Route::get('profile/sponsor/{id}', 'ProfileSponsorController@get'); Route::get('bookmarks', 'InternalApiController@bookmarks'); @@ -211,8 +211,8 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact Route::delete('collection/item', 'CollectionController@deleteId'); Route::get('collection/{id}', 'CollectionController@get'); Route::post('collection/{id}', 'CollectionController@store'); - Route::delete('collection/{id}', 'CollectionController@delete')->middleware('throttle:maxCollectionsPerHour,60')->middleware('throttle:maxCollectionsPerDay,1440')->middleware('throttle:maxCollectionsPerMonth,43800'); - Route::post('collection/{id}/publish', 'CollectionController@publish')->middleware('throttle:maxCollectionsPerHour,60')->middleware('throttle:maxCollectionsPerDay,1440')->middleware('throttle:maxCollectionsPerMonth,43800'); + Route::delete('collection/{id}', 'CollectionController@delete'); + Route::post('collection/{id}/publish', 'CollectionController@publish'); Route::get('profile/collections/{id}', 'CollectionController@getUserCollections'); Route::get('compose/location/search', 'ApiController@composeLocationSearch'); @@ -223,11 +223,11 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact }); Route::group(['prefix' => 'stories'], function () { Route::get('v0/recent', 'StoryController@apiV1Recent'); - Route::post('v0/add', 'StoryController@apiV1Add')->middleware('throttle:maxStoriesPerDay,1440'); + Route::post('v0/add', 'StoryController@apiV1Add'); Route::get('v0/fetch/{id}', 'StoryController@apiV1Fetch'); Route::get('v0/profile/{id}', 'StoryController@apiV1Profile'); Route::get('v0/exists/{id}', 'StoryController@apiV1Exists'); - Route::delete('v0/delete/{id}', 'StoryController@apiV1Delete')->middleware('throttle:maxStoryDeletePerDay,1440'); + Route::delete('v0/delete/{id}', 'StoryController@apiV1Delete'); Route::get('v0/me', 'StoryController@apiV1Me'); Route::get('v0/item/{id}', 'StoryController@apiV1Item'); Route::post('v0/crop', 'StoryController@cropPhoto'); @@ -244,14 +244,14 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact Route::group(['prefix' => 'i'], function () { Route::redirect('/', '/'); Route::get('compose', 'StatusController@compose')->name('compose'); - Route::post('comment', 'CommentController@store')->middleware('throttle:maxCommentsPerDay,1440'); + Route::post('comment', 'CommentController@store'); Route::post('delete', 'StatusController@delete'); Route::post('mute', 'AccountController@mute'); Route::post('unmute', 'AccountController@unmute'); Route::post('block', 'AccountController@block'); Route::post('unblock', 'AccountController@unblock'); - Route::post('like', 'LikeController@store')->middleware('throttle:maxLikesPerDay,1440'); - Route::post('share', 'StatusController@storeShare')->middleware('throttle:maxSharesPerHour,60')->middleware('throttle:maxSharesPerDay,1440'); + Route::post('like', 'LikeController@store'); + Route::post('share', 'StatusController@storeShare'); Route::post('follow', 'FollowerController@store'); Route::post('bookmark', 'BookmarkController@store'); Route::get('lang/{locale}', 'SiteController@changeLocale'); @@ -347,7 +347,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact Route::get('privacy/blocked-users', 'SettingsController@blockedUsers')->name('settings.privacy.blocked-users'); Route::post('privacy/blocked-users', 'SettingsController@blockedUsersUpdate'); Route::get('privacy/blocked-instances', 'SettingsController@blockedInstances')->name('settings.privacy.blocked-instances'); - Route::post('privacy/blocked-instances', 'SettingsController@blockedInstanceStore')->middleware('throttle:maxInstanceBansPerDay,1440'); + Route::post('privacy/blocked-instances', 'SettingsController@blockedInstanceStore'); Route::post('privacy/blocked-instances/unblock', 'SettingsController@blockedInstanceUnblock')->name('settings.privacy.blocked-instances.unblock'); Route::get('privacy/blocked-keywords', 'SettingsController@blockedKeywords')->name('settings.privacy.blocked-keywords'); Route::post('privacy/account', 'SettingsController@privateAccountOptions')->name('settings.privacy.account'); @@ -489,7 +489,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact Route::get('p/{username}/{id}/c', 'CommentController@showAll'); Route::get('p/{username}/{id}/embed', 'StatusController@showEmbed'); Route::get('p/{username}/{id}/edit', 'StatusController@edit'); - Route::post('p/{username}/{id}/edit', 'StatusController@editStore')->middleware('throttle:maxPostEditsPerHour,60')->middleware('throttle:maxPostEditsPerDay,1440'); + Route::post('p/{username}/{id}/edit', 'StatusController@editStore'); Route::get('p/{username}/{id}.json', 'StatusController@showObject'); Route::get('p/{username}/{id}', 'StatusController@show'); Route::get('{username}/embed', 'ProfileController@embed'); From c799a01aa9d390ea3fbcd1fb52c2f241c9018d96 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Fri, 30 Apr 2021 21:41:42 -0600 Subject: [PATCH 2/5] Update StatusController, allow license edits without 24 hour limit --- app/Http/Controllers/StatusController.php | 684 +++++++++++----------- resources/views/status/edit.blade.php | 98 +--- 2 files changed, 343 insertions(+), 439 deletions(-) diff --git a/app/Http/Controllers/StatusController.php b/app/Http/Controllers/StatusController.php index cda8c77ee..4e2d1a16a 100644 --- a/app/Http/Controllers/StatusController.php +++ b/app/Http/Controllers/StatusController.php @@ -21,422 +21,398 @@ use App\Util\Media\Filter; use Illuminate\Support\Str; use App\Services\HashidService; use App\Services\StatusService; +use App\Util\Media\License; class StatusController extends Controller { - public function show(Request $request, $username, int $id) - { - $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail(); + public function show(Request $request, $username, int $id) + { + $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail(); - if($user->status != null) { - return ProfileController::accountCheck($user); - } + if($user->status != null) { + return ProfileController::accountCheck($user); + } - $status = Status::whereProfileId($user->id) - ->whereNull('reblog_of_id') - ->whereIn('scope', ['public','unlisted', 'private']) - ->findOrFail($id); + $status = Status::whereProfileId($user->id) + ->whereNull('reblog_of_id') + ->whereIn('scope', ['public','unlisted', 'private']) + ->findOrFail($id); - if($status->uri || $status->url) { - $url = $status->uri ?? $status->url; - if(ends_with($url, '/activity')) { - $url = str_replace('/activity', '', $url); - } - return redirect($url); - } + if($status->uri || $status->url) { + $url = $status->uri ?? $status->url; + if(ends_with($url, '/activity')) { + $url = str_replace('/activity', '', $url); + } + return redirect($url); + } - if($status->visibility == 'private' || $user->is_private) { - if(!Auth::check()) { - abort(404); - } - $pid = Auth::user()->profile; - if($user->followedBy($pid) == false && $user->id !== $pid->id && Auth::user()->is_admin == false) { - abort(404); - } - } + if($status->visibility == 'private' || $user->is_private) { + if(!Auth::check()) { + abort(404); + } + $pid = Auth::user()->profile; + if($user->followedBy($pid) == false && $user->id !== $pid->id && Auth::user()->is_admin == false) { + abort(404); + } + } - if($status->type == 'archived') { - if(Auth::user()->profile_id !== $status->profile_id) { - abort(404); - } - } + if($status->type == 'archived') { + if(Auth::user()->profile_id !== $status->profile_id) { + abort(404); + } + } - if($request->user() && $request->user()->profile_id != $status->profile_id) { - StatusView::firstOrCreate([ - 'status_id' => $status->id, - 'status_profile_id' => $status->profile_id, - 'profile_id' => $request->user()->profile_id - ]); - } + if($request->user() && $request->user()->profile_id != $status->profile_id) { + StatusView::firstOrCreate([ + 'status_id' => $status->id, + 'status_profile_id' => $status->profile_id, + 'profile_id' => $request->user()->profile_id + ]); + } - if ($request->wantsJson() && config('federation.activitypub.enabled')) { - return $this->showActivityPub($request, $status); - } + if ($request->wantsJson() && config('federation.activitypub.enabled')) { + return $this->showActivityPub($request, $status); + } - $template = $status->in_reply_to_id ? 'status.reply' : 'status.show'; - // $template = $status->type === 'video' && - // $request->has('video_beta') && - // $request->video_beta == 1 && - // $request->user() ? - // 'status.show_video' : 'status.show'; + $template = $status->in_reply_to_id ? 'status.reply' : 'status.show'; - return view($template, compact('user', 'status')); - } + return view($template, compact('user', 'status')); + } - public function shortcodeRedirect(Request $request, $id) - { - abort_if(strlen($id) < 5, 404); - if(!Auth::check()) { - return redirect('/login?next='.urlencode('/' . $request->path())); - } - $id = HashidService::decode($id); - $status = Status::find($id); - if(!$status) { - return redirect('/404'); - } - return redirect($status->url()); - } + public function shortcodeRedirect(Request $request, $id) + { + abort_if(strlen($id) < 5, 404); + if(!Auth::check()) { + return redirect('/login?next='.urlencode('/' . $request->path())); + } + $id = HashidService::decode($id); + $status = Status::find($id); + if(!$status) { + return redirect('/404'); + } + return redirect($status->url()); + } - public function showId(int $id) - { - abort(404); - $status = Status::whereNull('reblog_of_id') - ->whereIn('scope', ['public', 'unlisted']) - ->findOrFail($id); - return redirect($status->url()); - } + public function showId(int $id) + { + abort(404); + $status = Status::whereNull('reblog_of_id') + ->whereIn('scope', ['public', 'unlisted']) + ->findOrFail($id); + return redirect($status->url()); + } - public function showEmbed(Request $request, $username, int $id) - { - $profile = Profile::whereNull(['domain','status']) - ->whereIsPrivate(false) - ->whereUsername($username) - ->first(); - if(!$profile) { - $content = view('status.embed-removed'); - return response($content)->header('X-Frame-Options', 'ALLOWALL'); - } - $status = Status::whereProfileId($profile->id) - ->whereNull('uri') - ->whereScope('public') - ->whereIsNsfw(false) - ->whereIn('type', ['photo', 'video','photo:album']) - ->find($id); - if(!$status) { - $content = view('status.embed-removed'); - return response($content)->header('X-Frame-Options', 'ALLOWALL'); - } - $showLikes = $request->filled('likes') && $request->likes == true; - $showCaption = $request->filled('caption') && $request->caption !== false; - $layout = $request->filled('layout') && $request->layout == 'compact' ? 'compact' : 'full'; - $content = view('status.embed', compact('status', 'showLikes', 'showCaption', 'layout')); - return response($content)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); - } + public function showEmbed(Request $request, $username, int $id) + { + $profile = Profile::whereNull(['domain','status']) + ->whereIsPrivate(false) + ->whereUsername($username) + ->first(); + if(!$profile) { + $content = view('status.embed-removed'); + return response($content)->header('X-Frame-Options', 'ALLOWALL'); + } + $status = Status::whereProfileId($profile->id) + ->whereNull('uri') + ->whereScope('public') + ->whereIsNsfw(false) + ->whereIn('type', ['photo', 'video','photo:album']) + ->find($id); + if(!$status) { + $content = view('status.embed-removed'); + return response($content)->header('X-Frame-Options', 'ALLOWALL'); + } + $showLikes = $request->filled('likes') && $request->likes == true; + $showCaption = $request->filled('caption') && $request->caption !== false; + $layout = $request->filled('layout') && $request->layout == 'compact' ? 'compact' : 'full'; + $content = view('status.embed', compact('status', 'showLikes', 'showCaption', 'layout')); + return response($content)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); + } - public function showObject(Request $request, $username, int $id) - { - $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail(); + public function showObject(Request $request, $username, int $id) + { + $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail(); - if($user->status != null) { - return ProfileController::accountCheck($user); - } + if($user->status != null) { + return ProfileController::accountCheck($user); + } - $status = Status::whereProfileId($user->id) - ->whereNotIn('visibility',['draft','direct']) - ->findOrFail($id); + $status = Status::whereProfileId($user->id) + ->whereNotIn('visibility',['draft','direct']) + ->findOrFail($id); - abort_if($status->uri, 404); + abort_if($status->uri, 404); - if($status->visibility == 'private' || $user->is_private) { - if(!Auth::check()) { - abort(403); - } - $pid = Auth::user()->profile; - if($user->followedBy($pid) == false && $user->id !== $pid->id) { - abort(403); - } - } + if($status->visibility == 'private' || $user->is_private) { + if(!Auth::check()) { + abort(403); + } + $pid = Auth::user()->profile; + if($user->followedBy($pid) == false && $user->id !== $pid->id) { + abort(403); + } + } - return $this->showActivityPub($request, $status); - } + return $this->showActivityPub($request, $status); + } - public function compose() - { - $this->authCheck(); + public function compose() + { + $this->authCheck(); - return view('status.compose'); - } + return view('status.compose'); + } - public function store(Request $request) - { - return; - } + public function store(Request $request) + { + return; + } - public function delete(Request $request) - { - $this->authCheck(); + public function delete(Request $request) + { + $this->authCheck(); - $this->validate($request, [ - 'item' => 'required|integer|min:1', - ]); + $this->validate($request, [ + 'item' => 'required|integer|min:1', + ]); - $status = Status::findOrFail($request->input('item')); + $status = Status::findOrFail($request->input('item')); - $user = Auth::user(); + $user = Auth::user(); - if($status->profile_id != $user->profile->id && - $user->is_admin == true && - $status->uri == null - ) { - $media = $status->media; + if($status->profile_id != $user->profile->id && + $user->is_admin == true && + $status->uri == null + ) { + $media = $status->media; - $ai = new AccountInterstitial; - $ai->user_id = $status->profile->user_id; - $ai->type = 'post.removed'; - $ai->view = 'account.moderation.post.removed'; - $ai->item_type = 'App\Status'; - $ai->item_id = $status->id; - $ai->has_media = (bool) $media->count(); - $ai->blurhash = $media->count() ? $media->first()->blurhash : null; - $ai->meta = json_encode([ - 'caption' => $status->caption, - 'created_at' => $status->created_at, - 'type' => $status->type, - 'url' => $status->url(), - 'is_nsfw' => $status->is_nsfw, - 'scope' => $status->scope, - 'reblog' => $status->reblog_of_id, - 'likes_count' => $status->likes_count, - 'reblogs_count' => $status->reblogs_count, - ]); - $ai->save(); + $ai = new AccountInterstitial; + $ai->user_id = $status->profile->user_id; + $ai->type = 'post.removed'; + $ai->view = 'account.moderation.post.removed'; + $ai->item_type = 'App\Status'; + $ai->item_id = $status->id; + $ai->has_media = (bool) $media->count(); + $ai->blurhash = $media->count() ? $media->first()->blurhash : null; + $ai->meta = json_encode([ + 'caption' => $status->caption, + 'created_at' => $status->created_at, + 'type' => $status->type, + 'url' => $status->url(), + 'is_nsfw' => $status->is_nsfw, + 'scope' => $status->scope, + 'reblog' => $status->reblog_of_id, + 'likes_count' => $status->likes_count, + 'reblogs_count' => $status->reblogs_count, + ]); + $ai->save(); - $u = $status->profile->user; - $u->has_interstitial = true; - $u->save(); - } + $u = $status->profile->user; + $u->has_interstitial = true; + $u->save(); + } - Cache::forget('_api:statuses:recent_9:' . $status->profile_id); - Cache::forget('profile:status_count:' . $status->profile_id); - Cache::forget('profile:embed:' . $status->profile_id); - StatusService::del($status->id); - if ($status->profile_id == $user->profile->id || $user->is_admin == true) { - Cache::forget('profile:status_count:'.$status->profile_id); - StatusDelete::dispatch($status); - } + Cache::forget('_api:statuses:recent_9:' . $status->profile_id); + Cache::forget('profile:status_count:' . $status->profile_id); + Cache::forget('profile:embed:' . $status->profile_id); + StatusService::del($status->id); + if ($status->profile_id == $user->profile->id || $user->is_admin == true) { + Cache::forget('profile:status_count:'.$status->profile_id); + StatusDelete::dispatch($status); + } - if($request->wantsJson()) { - return response()->json(['Status successfully deleted.']); - } else { - return redirect($user->url()); - } - } + if($request->wantsJson()) { + return response()->json(['Status successfully deleted.']); + } else { + return redirect($user->url()); + } + } - public function storeShare(Request $request) - { - $this->authCheck(); - - $this->validate($request, [ - 'item' => 'required|integer|min:1', - ]); + public function storeShare(Request $request) + { + $this->authCheck(); - $user = Auth::user(); - $profile = $user->profile; - $status = Status::withCount('shares') - ->whereIn('scope', ['public', 'unlisted']) - ->findOrFail($request->input('item')); + $this->validate($request, [ + 'item' => 'required|integer|min:1', + ]); - $count = $status->shares()->count(); + $user = Auth::user(); + $profile = $user->profile; + $status = Status::withCount('shares') + ->whereIn('scope', ['public', 'unlisted']) + ->findOrFail($request->input('item')); - $exists = Status::whereProfileId(Auth::user()->profile->id) - ->whereReblogOfId($status->id) - ->count(); - if ($exists !== 0) { - $shares = Status::whereProfileId(Auth::user()->profile->id) - ->whereReblogOfId($status->id) - ->get(); - foreach ($shares as $share) { - $share->delete(); - $count--; - } - } else { - $share = new Status(); - $share->profile_id = $profile->id; - $share->reblog_of_id = $status->id; - $share->in_reply_to_profile_id = $status->profile_id; - $share->save(); - $count++; - SharePipeline::dispatch($share); - } - - if($count >= 0) { - $status->reblogs_count = $count; - $status->save(); - } - - Cache::forget('status:'.$status->id.':sharedby:userid:'.$user->id); - StatusService::del($status->id); - - if ($request->ajax()) { - $response = ['code' => 200, 'msg' => 'Share saved', 'count' => $count]; - } else { - $response = redirect($status->url()); - } + $count = $status->shares()->count(); - return $response; - } + $exists = Status::whereProfileId(Auth::user()->profile->id) + ->whereReblogOfId($status->id) + ->count(); + if ($exists !== 0) { + $shares = Status::whereProfileId(Auth::user()->profile->id) + ->whereReblogOfId($status->id) + ->get(); + foreach ($shares as $share) { + $share->delete(); + $count--; + } + } else { + $share = new Status(); + $share->profile_id = $profile->id; + $share->reblog_of_id = $status->id; + $share->in_reply_to_profile_id = $status->profile_id; + $share->save(); + $count++; + SharePipeline::dispatch($share); + } - public function showActivityPub(Request $request, $status) - { - $fractal = new Fractal\Manager(); - $resource = new Fractal\Resource\Item($status, new Note()); - $res = $fractal->createData($resource)->toArray(); + if($count >= 0) { + $status->reblogs_count = $count; + $status->save(); + } - return response()->json($res['data'], 200, ['Content-Type' => 'application/activity+json'], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES); - } + Cache::forget('status:'.$status->id.':sharedby:userid:'.$user->id); + StatusService::del($status->id); - public function edit(Request $request, $username, $id) - { - $this->authCheck(); - $user = Auth::user()->profile; - $status = Status::whereProfileId($user->id) - ->with(['media']) - ->where('created_at', '>', now()->subHours(24)) - ->findOrFail($id); - return view('status.edit', compact('user', 'status')); - } + if ($request->ajax()) { + $response = ['code' => 200, 'msg' => 'Share saved', 'count' => $count]; + } else { + $response = redirect($status->url()); + } - public function editStore(Request $request, $username, $id) - { - $this->authCheck(); - $user = Auth::user()->profile; - $status = Status::whereProfileId($user->id) - ->with(['media']) - ->where('created_at', '>', now()->subHours(24)) - ->findOrFail($id); + return $response; + } - $this->validate($request, [ - 'id' => 'required|integer|min:1', - 'caption' => 'nullable', - 'filter' => 'nullable|alpha_dash|max:30', - ]); + public function showActivityPub(Request $request, $status) + { + $fractal = new Fractal\Manager(); + $resource = new Fractal\Resource\Item($status, new Note()); + $res = $fractal->createData($resource)->toArray(); - $id = $request->input('id'); - $caption = $request->input('caption'); - $filter = $request->input('filter'); + return response()->json($res['data'], 200, ['Content-Type' => 'application/activity+json'], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES); + } - $media = Media::whereProfileId($user->id) - ->whereStatusId($status->id) - ->findOrFail($id); + public function edit(Request $request, $username, $id) + { + $this->authCheck(); + $user = Auth::user()->profile; + $status = Status::whereProfileId($user->id) + ->with(['media']) + ->findOrFail($id); + $licenses = License::get(); + return view('status.edit', compact('user', 'status', 'licenses')); + } - $changed = false; + public function editStore(Request $request, $username, $id) + { + $this->authCheck(); + $user = Auth::user()->profile; + $status = Status::whereProfileId($user->id) + ->with(['media']) + ->findOrFail($id); - if ($media->caption != $caption) { - $media->caption = $caption; - $changed = true; - } + $this->validate($request, [ + 'license' => 'nullable|integer|min:1|max:16', + ]); - if ($media->filter_class != $filter && in_array($filter, Filter::classes())) { - $media->filter_class = $filter; - $changed = true; - } + $licenseId = $request->input('license'); - if ($changed === true) { - $media->save(); - Cache::forget('status:transformer:media:attachments:'.$media->status_id); - } + $status->media->each(function($media) use($licenseId) { + $media->license = $licenseId; + $media->save(); + Cache::forget('status:transformer:media:attachments:'.$media->status_id); + }); - return response()->json([], 200); - } + return redirect($status->url()); + } - protected function authCheck() - { - if (Auth::check() == false) { - abort(403); - } - } + protected function authCheck() + { + if (Auth::check() == false) { + abort(403); + } + } - protected function validateVisibility($visibility) - { - $allowed = ['public', 'unlisted', 'private']; - return in_array($visibility, $allowed) ? $visibility : 'public'; - } + protected function validateVisibility($visibility) + { + $allowed = ['public', 'unlisted', 'private']; + return in_array($visibility, $allowed) ? $visibility : 'public'; + } - public static function mimeTypeCheck($mimes) - { - $allowed = explode(',', config('pixelfed.media_types')); - $count = count($mimes); - $photos = 0; - $videos = 0; - foreach($mimes as $mime) { - if(in_array($mime, $allowed) == false && $mime !== 'video/mp4') { - continue; - } - if(str_contains($mime, 'image/')) { - $photos++; - } - if(str_contains($mime, 'video/')) { - $videos++; - } - } - if($photos == 1 && $videos == 0) { - return 'photo'; - } - if($videos == 1 && $photos == 0) { - return 'video'; - } - if($photos > 1 && $videos == 0) { - return 'photo:album'; - } - if($videos > 1 && $photos == 0) { - return 'video:album'; - } - if($photos >= 1 && $videos >= 1) { - return 'photo:video:album'; - } - } + public static function mimeTypeCheck($mimes) + { + $allowed = explode(',', config('pixelfed.media_types')); + $count = count($mimes); + $photos = 0; + $videos = 0; + foreach($mimes as $mime) { + if(in_array($mime, $allowed) == false && $mime !== 'video/mp4') { + continue; + } + if(str_contains($mime, 'image/')) { + $photos++; + } + if(str_contains($mime, 'video/')) { + $videos++; + } + } + if($photos == 1 && $videos == 0) { + return 'photo'; + } + if($videos == 1 && $photos == 0) { + return 'video'; + } + if($photos > 1 && $videos == 0) { + return 'photo:album'; + } + if($videos > 1 && $photos == 0) { + return 'video:album'; + } + if($photos >= 1 && $videos >= 1) { + return 'photo:video:album'; + } + } - public function toggleVisibility(Request $request) { - $this->authCheck(); - $this->validate($request, [ - 'item' => 'required|string|min:1|max:20', - 'disableComments' => 'required|boolean' - ]); + public function toggleVisibility(Request $request) { + $this->authCheck(); + $this->validate($request, [ + 'item' => 'required|string|min:1|max:20', + 'disableComments' => 'required|boolean' + ]); - $user = Auth::user(); - $id = $request->input('item'); - $state = $request->input('disableComments'); + $user = Auth::user(); + $id = $request->input('item'); + $state = $request->input('disableComments'); - $status = Status::findOrFail($id); + $status = Status::findOrFail($id); - if($status->profile_id != $user->profile->id && $user->is_admin == false) { - abort(403); - } + if($status->profile_id != $user->profile->id && $user->is_admin == false) { + abort(403); + } - $status->comments_disabled = $status->comments_disabled == true ? false : true; - $status->save(); + $status->comments_disabled = $status->comments_disabled == true ? false : true; + $status->save(); - return response()->json([200]); - } + return response()->json([200]); + } - public function storeView(Request $request) - { - abort_if(!$request->user(), 403); + public function storeView(Request $request) + { + abort_if(!$request->user(), 403); - $this->validate($request, [ - 'status_id' => 'required|integer|exists:statuses,id', - 'profile_id' => 'required|integer|exists:profiles,id' - ]); + $this->validate($request, [ + 'status_id' => 'required|integer|exists:statuses,id', + 'profile_id' => 'required|integer|exists:profiles,id' + ]); - $sid = (int) $request->input('status_id'); - $pid = (int) $request->input('profile_id'); + $sid = (int) $request->input('status_id'); + $pid = (int) $request->input('profile_id'); - StatusView::firstOrCreate([ - 'status_id' => $sid, - 'status_profile_id' => $pid, - 'profile_id' => $request->user()->profile_id - ]); + StatusView::firstOrCreate([ + 'status_id' => $sid, + 'status_profile_id' => $pid, + 'profile_id' => $request->user()->profile_id + ]); - return response()->json(1); - } + return response()->json(1); + } } diff --git a/resources/views/status/edit.blade.php b/resources/views/status/edit.blade.php index 5d7203ade..fafda8072 100644 --- a/resources/views/status/edit.blade.php +++ b/resources/views/status/edit.blade.php @@ -5,99 +5,27 @@
-
+
Edit Status Back to post
- @csrf -
- -
- is_nsfw==true?'checked=""':''}} disabled=""> - +
+ @csrf +
+ +
-
+
+ +
-
- @foreach($status->media()->orderBy('order')->get() as $media) -
-
- Media #{{$media->order + 1}} - - - {{$media->mime}} - - -
-
-
-
- @csrf - -
- -
-
-
- - -
- @if($media->activityVerb() == 'Image') -
- - -
- @endif -
-
-

Last Updated: {{$media->updated_at->diffForHumans()}}

- -
-
-
-
-
-
- @endforeach -
-
@endsection - -@push('scripts') - -@endpush \ No newline at end of file From 7694487aea9becbc3cf3e464e6a003fff9db5666 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Fri, 30 Apr 2021 21:42:23 -0600 Subject: [PATCH 3/5] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7dcad03ee..61c8d053c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -75,6 +75,7 @@ - Updated StoryController, fix cache crop bug. ([c2f8faae](https://github.com/pixelfed/pixelfed/commit/c2f8faae)) - Updated StoryController, optimize photo size by resizing to 9:16 aspect. ([e66ed9a2](https://github.com/pixelfed/pixelfed/commit/e66ed9a2)) - Updated StoryCompose crop logic. ([2ead622c](https://github.com/pixelfed/pixelfed/commit/2ead622c)) +- Updated StatusController, allow license edits without 24 hour limit. ([c799a01a](https://github.com/pixelfed/pixelfed/commit/c799a01a)) - ([](https://github.com/pixelfed/pixelfed/commit/)) ## [v0.10.10 (2021-01-28)](https://github.com/pixelfed/pixelfed/compare/v0.10.9...v0.10.10) From 9341f0b38fb53849d86f398c23d4a1ab382f6b5b Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Fri, 30 Apr 2021 23:48:36 -0600 Subject: [PATCH 4/5] Update components, remove like counts --- .../js/components/DiscoverComponent.vue | 14 +++--------- resources/assets/js/components/Hashtag.vue | 10 ++------- resources/assets/js/components/Profile.vue | 22 ++++++------------- 3 files changed, 12 insertions(+), 34 deletions(-) diff --git a/resources/assets/js/components/DiscoverComponent.vue b/resources/assets/js/components/DiscoverComponent.vue index b16bf3375..4b94f970b 100644 --- a/resources/assets/js/components/DiscoverComponent.vue +++ b/resources/assets/js/components/DiscoverComponent.vue @@ -41,7 +41,7 @@ />
- +
- - - {{formatCount(s.favourites_count)}} - {{formatCount(s.reply_count)}} @@ -106,7 +102,7 @@ />
- +
- - - {{formatCount(s.favourites_count)}} - {{formatCount(s.reply_count)}} @@ -239,4 +231,4 @@ } } } - \ No newline at end of file + diff --git a/resources/assets/js/components/Hashtag.vue b/resources/assets/js/components/Hashtag.vue index 0a792998f..a319d6d8b 100644 --- a/resources/assets/js/components/Hashtag.vue +++ b/resources/assets/js/components/Hashtag.vue @@ -48,9 +48,6 @@
- - {{tag.status.like_count}} - {{tag.status.share_count}} @@ -92,9 +89,6 @@
- - {{tag.status.favourites_count}} - {{tag.status.reply_count}} @@ -227,8 +221,8 @@ }).then(res => { this.following = false; }); - }, + }, } } - \ No newline at end of file + diff --git a/resources/assets/js/components/Profile.vue b/resources/assets/js/components/Profile.vue index 50e5b0745..5cae79fd1 100644 --- a/resources/assets/js/components/Profile.vue +++ b/resources/assets/js/components/Profile.vue @@ -13,7 +13,7 @@
- {{this.profileUsername}} + {{this.profileUsername}}
@@ -121,7 +121,7 @@ - +
@@ -199,7 +199,7 @@ />
- +
- - - {{formatCount(s.favourites_count)}} - {{formatCount(s.reply_count)}} @@ -260,10 +256,6 @@
- - - {{s.favourites_count}} - {{s.reblogs_count}} @@ -707,7 +699,7 @@ if(forceMetro == true || u.has('ui') && u.get('ui') == 'metro' && this.layout != 'metro') { this.layout = 'metro'; } - + if(this.layout == 'metro' && u.has('t')) { if(this.modes.indexOf(u.get('t')) != -1) { if(u.get('t') == 'bookmarks') { @@ -813,7 +805,7 @@ if(self.ids.indexOf(d.id) == -1) { self.timeline.push(d); self.ids.push(d.id); - } + } }); let max = Math.min(...this.ids); if(max == this.max_id) { @@ -1305,8 +1297,8 @@ this.followingModalSearch = null; } if(q.length > 0) { - let url = '/api/pixelfed/v1/accounts/' + - self.profileId + '/following?page=1&fbu=' + + let url = '/api/pixelfed/v1/accounts/' + + self.profileId + '/following?page=1&fbu=' + q; axios.get(url).then(res => { From f2055b4dcd8cc02d8e6a3350cb1dca0bbe4e9ef1 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Fri, 30 Apr 2021 23:49:39 -0600 Subject: [PATCH 5/5] Update compiled assets --- public/js/discover.js | Bin 9685 -> 9319 bytes public/js/hashtag.js | Bin 15378 -> 15068 bytes public/js/profile.js | Bin 112489 -> 112118 bytes public/mix-manifest.json | Bin 2083 -> 2083 bytes 4 files changed, 0 insertions(+), 0 deletions(-) diff --git a/public/js/discover.js b/public/js/discover.js index 2850656fa0d6b7fcf123c5409c11566bf16da7a9..e0632473e395eb3c71c8ae8b100f31ab13ba5956 100644 GIT binary patch delta 21 bcmccW{oG@NhS=u&ViN2?B8YL5!c|rPX)y?_ delta 94 zcmaFvan*Z+h8RmmYGTo3J+Vx&w8XOf(xS|g)Z+N${L;JM&DhC_vZ9+g#mw1> NR9MKkd6L{!Rsb{)AZq{s diff --git a/public/js/hashtag.js b/public/js/hashtag.js index 85ca138773171b2b79d1086f775a43522b92509f..e118b27907c002cb34ff4380f44a44ca8e0cf408 100644 GIT binary patch delta 1524 zcmZuxU1%It6lStN`D;k6Rg+@tW=Pk$+1bf%wn;WSxrESCrHVg91epx+X7}#yNOC65 z+%;L(L5fd(5KOK<46orLW6!bx%4~h>yR*Qm96;TQbB7&Z~*`$#cma{YGo_prp z@8|Ap{m^))oG3j1c0N+F`Dfb8Q_O>#ID_DHY8P?pISmI&FXxxO6N>qN*Pl-A?zk z@o_SCp9XRvnZ$W6CSM-}LzvtQO)#1KI$6VPq4&2qOQ)GU+qZlYAB-~f7OD*>3(p6G zw3vLa?+HA|t-f0^h=}~9e;RkC2Bt8#G;j^$z~F6+e++((v3+cY00q98S_}f#G&r%t zd2WYzQgA{S2Mk?1;Gz*g3fd=zDm^ivp}cwgqWogG7aQLg{(YR$(5f)O6voUFtagA{ z7cJAL47V^1+Vc-=YB40SeeJ}TiQ_;ymIpO15bd!skXJ?&5uc3+jkR;5Z)mvV>Z$j8 zWO4k|UgFID>$KLkQ!BA{ar{Q2cWSCIyIQEqZLmOuj*t5eA4#Xi_UF5) z19kWaeRqSk(Fp6tCLZQTGhMt-op)Gq*w*BP*xjLM%d3-HU=jzYbcwya|Gk{++SGmasKp!fIth22@!-A z_)z8u`cL_{VoJ8vsrDm4&s(b=R15_p%Go!^^29`r3oF`5piBQ-?W_wUV6M~u27??205Hx zwQF@}Zz@@Fvnl_cog9XJ)1apobRF3%7AF!b21iJ0#j^_fViVQJt#w}UI*vo^g%xtK zi0FH(4Z#h)v!{t_pNw>mhy-YIkowB?H9U5tfHHmae-lv6Ty$ o{Lr4wqZo*dp!sFC7Ip-~w>Eq<2HI~wNutPfocxTLbJf=W0LAzG@&Et; delta 1602 zcmaJ>O>7%g5Z1tKYhthCRh_r) z?m9nBEL19SZu+=XRi&a{IDjf@i9-({Q6V@W)EgJd0WLr#5F8L(5c6Wk1QpoBXfTU%dAz-{T0#P~z$eYDrQH1vGl z703VIx~}&F^^LTt+ht`O_>Dlkn^DD~!0!hxW8Ar53hi6LG)CVI-g*P*Mnh#Zsk3>% zVtZQEVoQESXR#RBSOGWeQsFk3X(UZuX7%Mo%atkh*K3wj4!e_^PFPDyWQCx|gud``teUStP>vCp`JyUlrzwWXyG~etmbp?QW{M68M zJh86_6VL4X`AJ4Stpq*@%$erH(hiJm2vvtNyaEz5-y2$$0$5`+vj1La2&jeO?vmvr z1>@tu{}>VM#72FIHE)h?N_gX&BN?fA=7|du-;@WtYi@j6Ztx3oI9Rd3<=>A@K328Q zTZN)iXFiF^3v9vXaB#R!^|iu^B8O$7Ht&udZ>4%W_+ME@%CO?pUE8<3|INiQ7tc?I znp^U_q0V4Ft;`J|YpN@z$)O5Pn6eNSgfR*l)N0jrMa+?k&DNJK=6i%7$z9|&wtI&p z(0)q@LJNE_dTan0saLBF%kWL~sX*%#e~B(eRCngvuAM2}bwR7uy^6Am4IGL^_@~hW6L!bd$)j3?=*1nn={?-=l7;>ZC&gnbQs-}N-+u%d-<9Zp^j2nF3tHiv9z24WE##D>l;TZ5>^{z%o-C;A zR4ItpI!gdo2H9vUv>*n?QVV=Ko7e{}^`SWPvWyhD*=Ps_j=j8-oe)@N*9V0Fm#vb$ zEnVQJXAWVLm6_|kC~~dnc^KS3o5J9yX2Up@B?ZLXilxWT&)P>B!7nCDDw7-C%WwUuFaPI-m8LF1l9008@Hh>n>f27 jKjVIGrW@HMI`9v2!y^crQ-rEV8V%JjQdu==irBvZwonpY diff --git a/public/js/profile.js b/public/js/profile.js index c887dba5311325dd69da0a751380647eb38aa7ec..2638697a4e3e082cc300075187e0c0647ffb27c7 100644 GIT binary patch delta 405 zcmaF)j_uoPwha#)Swe#Y3pPJ-RA6Gvn>=B@_~e2m9GgvCO0_m8j)-5i{FRF}ANi0d!Ez^Z5n0#v6L4?-H+p7^Au^q<{oF_Xf5S)~q fF$m6yopuNg->xE-Qp2FU$$S5qZBO81$8Wb((g z(vx@R`HH0_mgScgWtOBC$0z5P=9Oq_YQ}2DPA*6j-CUJ-fOYbMH>@Z+Y{gUcF!eyS zOs>k4+H6%~Xs2mtW@2n%WNE0RlUJIPqiLP0my(*6SejE}Tcnp-QIKC$Qe3O!8d~8y z`So$j>G^Do0vs?c)AzG6DokIFE@X(JKyJDiJEI^%NS~c?0fKj(ozVor6Xsw{NAQ|B z7;O-|V;qe72;N@~#)AmnF;2#61kaO;@fd<9&dpeX;7#Xdj6v{zb2Hi@c#b@bMVlvV zIxWT$m64S{`2)Yk<}D|C#aWd=F*f<*Lj?{ErQBS7e95Qc9Y!xq;#2ToxUXG@~?wq(n0#po~dsilL=Z mnz7O3wJd)`j7*J;O$?HgQ!G-GlP!~tO;Zg`H}7RlV*&v3u^58@ delta 83 zcmV~$u?>JQ3bHJedz*QY++TZnGLmc;8qdrDA8 k!+C@`s;Cpe)wxh9oDKE7!WX$Zkj0eMRxAxW;d#e4{0Y|?Gynhq