From e7ad61c047384a2c05eb6413aa379ce213c2a37c Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Sun, 8 Dec 2019 13:55:27 -0700 Subject: [PATCH 1/3] Update InternalApiController, fix compose api and php 7.4 compat --- .../Controllers/InternalApiController.php | 125 +++++++++++++++++- 1 file changed, 121 insertions(+), 4 deletions(-) diff --git a/app/Http/Controllers/InternalApiController.php b/app/Http/Controllers/InternalApiController.php index 3976e56f3..25a90d8fb 100644 --- a/app/Http/Controllers/InternalApiController.php +++ b/app/Http/Controllers/InternalApiController.php @@ -22,6 +22,7 @@ use League\Fractal; use App\Transformer\Api\{ AccountTransformer, StatusTransformer, + // StatusMediaContainerTransformer, }; use App\Util\Media\Filter; use App\Jobs\StatusPipeline\NewStatusPipeline; @@ -89,7 +90,8 @@ class InternalApiController extends Controller ->whereDate('created_at', '>', now()->subMonths(3)) ->with('media') ->inRandomOrder() - ->take(36) + ->latest() + ->take(37) ->get(); $res = [ @@ -264,6 +266,7 @@ class InternalApiController extends Controller $attachments = []; $status = new Status; $mimes = []; + $place = $request->input('place'); $cw = $request->input('cw'); foreach($medias as $k => $media) { @@ -287,8 +290,8 @@ class InternalApiController extends Controller array_push($mimes, $m->mime); } - if($request->filled('place')) { - $status->place_id = $request->input('place')['id']; + if($place && is_array($place)) { + $status->place_id = $place['id']; } if($request->filled('comments_disabled')) { @@ -298,7 +301,6 @@ class InternalApiController extends Controller $status->caption = strip_tags($request->caption); $status->scope = 'draft'; $status->profile_id = $profile->id; - $status->save(); foreach($attachments as $media) { @@ -306,6 +308,10 @@ class InternalApiController extends Controller $media->save(); } + // $resource = new Fractal\Resource\Collection($status->media()->orderBy('order')->get(), new StatusMediaContainerTransformer()); + // $mediaContainer = $this->fractal->createData($resource)->toArray(); + // $status->media_container = json_encode($mediaContainer); + $visibility = $profile->unlisted == true && $visibility == 'public' ? 'unlisted' : $visibility; $cw = $profile->cw == true ? true : $cw; $status->is_nsfw = $cw; @@ -334,4 +340,115 @@ class InternalApiController extends Controller return response()->json($res); } + + public function remoteProfile(Request $request, $id) + { + $profile = Profile::whereNull('status') + ->whereNotNull('domain') + ->findOrFail($id); + + $settings = [ + 'crawlable' => false, + 'following' => [ + 'count' => true, + 'list' => false + ], + 'followers' => [ + 'count' => true, + 'list' => false + ] + ]; + + return view('profile.show', compact('profile', 'settings')); + } + + public function accountStatuses(Request $request, $id) + { + $this->validate($request, [ + 'only_media' => 'nullable', + 'pinned' => 'nullable', + 'exclude_replies' => 'nullable', + 'max_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX, + 'since_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX, + 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX, + 'limit' => 'nullable|integer|min:1|max:24' + ]); + + $profile = Profile::whereNull('status')->findOrFail($id); + + $limit = $request->limit ?? 9; + $max_id = $request->max_id; + $min_id = $request->min_id; + $scope = $request->only_media == true ? + ['photo', 'photo:album', 'video', 'video:album'] : + ['photo', 'photo:album', 'video', 'video:album', 'share', 'reply']; + + if($profile->is_private) { + if(!Auth::check()) { + return response()->json([]); + } + $pid = Auth::user()->profile->id; + $following = Cache::remember('profile:following:'.$pid, now()->addMinutes(1440), function() use($pid) { + $following = Follower::whereProfileId($pid)->pluck('following_id'); + return $following->push($pid)->toArray(); + }); + $visibility = true == in_array($profile->id, $following) ? ['public', 'unlisted', 'private'] : []; + } else { + if(Auth::check()) { + $pid = Auth::user()->profile->id; + $following = Cache::remember('profile:following:'.$pid, now()->addMinutes(1440), function() use($pid) { + $following = Follower::whereProfileId($pid)->pluck('following_id'); + return $following->push($pid)->toArray(); + }); + $visibility = true == in_array($profile->id, $following) ? ['public', 'unlisted', 'private'] : ['public', 'unlisted']; + } else { + $visibility = ['public', 'unlisted']; + } + } + + $dir = $min_id ? '>' : '<'; + $id = $min_id ?? $max_id; + $timeline = Status::select( + 'id', + 'uri', + 'caption', + 'rendered', + 'profile_id', + 'type', + 'in_reply_to_id', + 'reblog_of_id', + 'is_nsfw', + 'likes_count', + 'reblogs_count', + 'scope', + 'local', + 'created_at', + 'updated_at' + )->whereProfileId($profile->id) + ->whereIn('type', $scope) + ->where('id', $dir, $id) + ->whereIn('visibility', $visibility) + ->latest() + ->limit($limit) + ->get(); + + $resource = new Fractal\Resource\Collection($timeline, new StatusTransformer()); + $res = $this->fractal->createData($resource)->toArray(); + + return response()->json($res); + } + + public function remoteStatus(Request $request, $profileId, $statusId) + { + $user = Profile::whereNull('status') + ->whereNotNull('domain') + ->findOrFail($profileId); + + $status = Status::whereProfileId($user->id) + ->whereNull('reblog_of_id') + ->whereVisibility('public') + ->findOrFail($statusId); + $template = $status->in_reply_to_id ? 'status.reply' : 'status.show'; + return view($template, compact('user', 'status')); + } } From a7c30388d893ad197100015f354c41db6ff8e6b7 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Sun, 8 Dec 2019 14:18:18 -0700 Subject: [PATCH 2/3] Update config --- config/cache.php | 2 +- config/database.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/config/cache.php b/config/cache.php index f9d09b03f..184f7bc43 100644 --- a/config/cache.php +++ b/config/cache.php @@ -70,7 +70,7 @@ return [ 'redis' => [ 'driver' => 'redis', - 'client' => 'predis', + 'client' => env('REDIS_CLIENT', 'predis'), 'default' => [ 'scheme' => env('REDIS_SCHEME', 'tcp'), diff --git a/config/database.php b/config/database.php index 8d227e0cc..b5020f740 100644 --- a/config/database.php +++ b/config/database.php @@ -106,7 +106,7 @@ return [ 'redis' => [ - 'client' => 'predis', + 'client' => env('REDIS_CLIENT', 'predis'), 'default' => [ 'scheme' => env('REDIS_SCHEME', 'tcp'), From fa8e0dca4d573c7945d1b47b68aa873ffe7550da Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Mon, 9 Dec 2019 00:48:03 -0700 Subject: [PATCH 3/3] Update RegisterController --- .../Controllers/Auth/RegisterController.php | 22 ++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 738171ded..fd0b2fa88 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -62,10 +62,23 @@ class RegisterController extends Controller 'max:15', 'unique:users', function ($attribute, $value, $fail) { + $dash = substr_count($value, '-'); + $underscore = substr_count($value, '_'); + $period = substr_count($value, '.'); + + if(($dash + $underscore + $period) > 1) { + return $fail('Username is invalid. Can only contain one dash (-), period (.) or underscore (_).'); + } + if (!ctype_alpha($value[0])) { return $fail('Username is invalid. Must start with a letter or number.'); } - $val = str_replace(['_', '-', '.'], '', $value); + + if (!ctype_alnum($value[strlen($value) - 1])) { + return $fail('Username is invalid. Must end with a letter or number.'); + } + + $val = str_replace(['_', '.', '-'], '', $value); if(!ctype_alnum($val)) { return $fail('Username is invalid. Username must be alpha-numeric and may contain dashes (-), periods (.) and underscores (_).'); } @@ -77,7 +90,7 @@ class RegisterController extends Controller 'name' => 'nullable|string|max:'.config('pixelfed.max_name_length'), 'username' => $usernameRules, 'email' => 'required|string|email|max:255|unique:users', - 'password' => 'required|string|min:8|confirmed', + 'password' => 'required|string|min:12|confirmed', ]; return Validator::make($data, $rules); @@ -145,8 +158,11 @@ class RegisterController extends Controller */ public function register(Request $request) { + abort_if(config('pixelfed.open_registration') == false, 400); + $count = User::count(); $limit = config('pixelfed.max_users'); + if(false == config('pixelfed.open_registration') || $limit && $limit <= $count) { return abort(403); } @@ -158,6 +174,6 @@ class RegisterController extends Controller $this->guard()->login($user); return $this->registered($request, $user) - ?: redirect($this->redirectPath()); + ?: redirect($this->redirectPath()); } }