Merge pull request #3615 from pixelfed/staging

Staging
This commit is contained in:
daniel 2022-08-07 21:08:35 -06:00 committed by GitHub
commit 35a0c6b99b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 46 additions and 0 deletions

View file

@ -53,6 +53,7 @@
- Fix email verification requests filtering to gracefully handle deleted accounts and accounts already verified ([b57066d1](https://github.com/pixelfed/pixelfed/commit/b57066d1)) - Fix email verification requests filtering to gracefully handle deleted accounts and accounts already verified ([b57066d1](https://github.com/pixelfed/pixelfed/commit/b57066d1))
- Add configuration to v1/instance endpoint. Fixes #3605 ([2fb18b7d](https://github.com/pixelfed/pixelfed/commit/2fb18b7d)) - Add configuration to v1/instance endpoint. Fixes #3605 ([2fb18b7d](https://github.com/pixelfed/pixelfed/commit/2fb18b7d))
- Fix remote account post counts ([149cf9dc](https://github.com/pixelfed/pixelfed/commit/149cf9dc)) - Fix remote account post counts ([149cf9dc](https://github.com/pixelfed/pixelfed/commit/149cf9dc))
- Enforce blocks on incoming likes, shares, replies and follows on all endpoints ([1545e37c](https://github.com/pixelfed/pixelfed/commit/1545e37c))
- ([](https://github.com/pixelfed/pixelfed/commit/)) - ([](https://github.com/pixelfed/pixelfed/commit/))
## [v0.11.3 (2022-05-09)](https://github.com/pixelfed/pixelfed/compare/v0.11.2...v0.11.3) ## [v0.11.3 (2022-05-09)](https://github.com/pixelfed/pixelfed/compare/v0.11.2...v0.11.3)

View file

@ -1089,6 +1089,11 @@ class ApiV1Controller extends Controller
429 429
); );
$blocks = UserFilterService::blocks($spid);
if($blocks && in_array($user->profile_id, $blocks)) {
abort(422);
}
$like = Like::firstOrCreate([ $like = Like::firstOrCreate([
'profile_id' => $user->profile_id, 'profile_id' => $user->profile_id,
'status_id' => $status['id'] 'status_id' => $status['id']
@ -2494,6 +2499,8 @@ class ApiV1Controller extends Controller
if($in_reply_to_id) { if($in_reply_to_id) {
$parent = Status::findOrFail($in_reply_to_id); $parent = Status::findOrFail($in_reply_to_id);
$blocks = UserFilterService::blocks($parent->profile_id);
abort_if(in_array($profile->id, $blocks), 422, 'Cannot reply to this post at this time.');
$status = new Status; $status = new Status;
$status->caption = $content; $status->caption = $content;
@ -2625,6 +2632,11 @@ class ApiV1Controller extends Controller
} else { } else {
abort_if(!in_array($status->scope, ['public','unlisted']), 403); abort_if(!in_array($status->scope, ['public','unlisted']), 403);
} }
$blocks = UserFilterService::blocks($status->profile_id);
if($blocks && in_array($user->profile_id, $blocks)) {
abort(422);
}
} }
$share = Status::firstOrCreate([ $share = Status::firstOrCreate([

View file

@ -25,6 +25,9 @@ class LikeController extends Controller
'item' => 'required|integer|min:1', 'item' => 'required|integer|min:1',
]); ]);
// API deprecated
return;
$user = Auth::user(); $user = Auth::user();
$profile = $user->profile; $profile = $user->profile;
$status = Status::findOrFail($request->input('item')); $status = Status::findOrFail($request->input('item'));

View file

@ -18,6 +18,7 @@ use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Foundation\Bus\Dispatchable; use Illuminate\Foundation\Bus\Dispatchable;
use Illuminate\Queue\InteractsWithQueue; use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Queue\SerializesModels; use Illuminate\Queue\SerializesModels;
use App\Services\UserFilterService;
class StatusEntityLexer implements ShouldQueue class StatusEntityLexer implements ShouldQueue
{ {
@ -134,6 +135,10 @@ class StatusEntityLexer implements ShouldQueue
if (empty($mentioned) || !isset($mentioned->id)) { if (empty($mentioned) || !isset($mentioned->id)) {
continue; continue;
} }
$blocks = UserFilterService::blocks($mentioned->id);
if($blocks && in_array($status->profile_id, $blocks)) {
continue;
}
DB::transaction(function () use ($status, $mentioned) { DB::transaction(function () use ($status, $mentioned) {
$m = new Mention(); $m = new Mention();

View file

@ -40,6 +40,7 @@ use App\Models\Poll;
use Illuminate\Contracts\Cache\LockTimeoutException; use Illuminate\Contracts\Cache\LockTimeoutException;
use App\Jobs\ProfilePipeline\IncrementPostCount; use App\Jobs\ProfilePipeline\IncrementPostCount;
use App\Jobs\ProfilePipeline\DecrementPostCount; use App\Jobs\ProfilePipeline\DecrementPostCount;
use App\Services\UserFilterService;
class Helpers { class Helpers {
@ -398,6 +399,12 @@ class Helpers {
$profile = self::profileFirstOrNew($attributedTo); $profile = self::profileFirstOrNew($attributedTo);
if(isset($activity['object']['inReplyTo']) && !empty($activity['object']['inReplyTo']) || $replyTo == true) { if(isset($activity['object']['inReplyTo']) && !empty($activity['object']['inReplyTo']) || $replyTo == true) {
$reply_to = self::statusFirstOrFetch(self::pluckval($activity['object']['inReplyTo']), false); $reply_to = self::statusFirstOrFetch(self::pluckval($activity['object']['inReplyTo']), false);
if($reply_to) {
$blocks = UserFilterService::blocks($reply_to->profile_id);
if(in_array($profile->id, $blocks)) {
return;
}
}
$reply_to = optional($reply_to)->id; $reply_to = optional($reply_to)->id;
} else { } else {
$reply_to = null; $reply_to = null;

View file

@ -37,6 +37,7 @@ use App\Util\ActivityPub\Validator\UndoFollow as UndoFollowValidator;
use App\Services\PollService; use App\Services\PollService;
use App\Services\FollowerService; use App\Services\FollowerService;
use App\Services\StatusService; use App\Services\StatusService;
use App\Services\UserFilterService;
use App\Models\Conversation; use App\Models\Conversation;
use App\Jobs\ProfilePipeline\IncrementPostCount; use App\Jobs\ProfilePipeline\IncrementPostCount;
use App\Jobs\ProfilePipeline\DecrementPostCount; use App\Jobs\ProfilePipeline\DecrementPostCount;
@ -475,6 +476,12 @@ class Inbox
) { ) {
return; return;
} }
$blocks = UserFilterService::blocks($target->id);
if($blocks && in_array($actor->id, $blocks)) {
return;
}
if($target->is_private == true) { if($target->is_private == true) {
FollowRequest::updateOrCreate([ FollowRequest::updateOrCreate([
'follower_id' => $actor->id, 'follower_id' => $actor->id,
@ -532,6 +539,11 @@ class Inbox
return; return;
} }
$blocks = UserFilterService::blocks($parent->profile_id);
if($blocks && in_array($actor->id, $blocks)) {
return;
}
$status = Status::firstOrCreate([ $status = Status::firstOrCreate([
'profile_id' => $actor->id, 'profile_id' => $actor->id,
'reblog_of_id' => $parent->id, 'reblog_of_id' => $parent->id,
@ -693,6 +705,12 @@ class Inbox
if(!$status || !$profile) { if(!$status || !$profile) {
return; return;
} }
$blocks = UserFilterService::blocks($status->profile_id);
if($blocks && in_array($profile->id, $blocks)) {
return;
}
$like = Like::firstOrCreate([ $like = Like::firstOrCreate([
'profile_id' => $profile->id, 'profile_id' => $profile->id,
'status_id' => $status->id 'status_id' => $status->id