From 6a2daf1f63a6ae58d53d9da8520b40b809f61ba2 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Sun, 14 May 2023 20:15:41 -0600 Subject: [PATCH] Update ApiControllers, remove cloud ip blocks --- app/Http/Controllers/Api/ApiV1Controller.php | 201 ------------------- app/Http/Controllers/Api/ApiV2Controller.php | 8 - 2 files changed, 209 deletions(-) diff --git a/app/Http/Controllers/Api/ApiV1Controller.php b/app/Http/Controllers/Api/ApiV1Controller.php index a51e16de0..d72878e7d 100644 --- a/app/Http/Controllers/Api/ApiV1Controller.php +++ b/app/Http/Controllers/Api/ApiV1Controller.php @@ -125,10 +125,6 @@ class ApiV1Controller extends Controller return response('', 403); } - if(config('pixelfed.bouncer.cloud_ips.ban_signups')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $client = $request->user()->token()->client; $res = [ 'name' => $client->name, @@ -148,10 +144,6 @@ class ApiV1Controller extends Controller 'redirect_uris' => 'required' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_signups')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $uris = implode(',', explode('\n', $request->redirect_uris)); $client = Passport::client()->forceFill([ @@ -194,10 +186,6 @@ class ApiV1Controller extends Controller abort_if(!$user, 403); abort_if($user->status != null, 403); - if(config('pixelfed.bouncer.cloud_ips.ban_signups')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $res = $request->has(self::PF_API_ENTITY_KEY) ? AccountService::get($user->profile_id) : AccountService::getMastodon($user->profile_id); $res['source'] = [ @@ -220,10 +208,6 @@ class ApiV1Controller extends Controller */ public function accountById(Request $request, $id) { - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $res = $request->has(self::PF_API_ENTITY_KEY) ? AccountService::get($id, true) : AccountService::getMastodon($id, true); if(!$res) { return response()->json(['error' => 'Record not found'], 404); @@ -482,10 +466,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $account = AccountService::get($id); abort_if(!$account, 404); $pid = $request->user()->profile_id; @@ -578,10 +558,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $account = AccountService::get($id); abort_if(!$account, 404); $pid = $request->user()->profile_id; @@ -672,10 +648,6 @@ class ApiV1Controller extends Controller */ public function accountStatusesById(Request $request, $id) { - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $this->validate($request, [ @@ -777,10 +749,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $target = Profile::where('id', '!=', $user->profile_id) @@ -865,10 +833,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $target = Profile::where('id', '!=', $user->profile_id) @@ -937,10 +901,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'id' => 'required|array|min:1|max:20', 'id.*' => 'required|integer|min:1|max:' . PHP_INT_MAX @@ -973,10 +933,6 @@ class ApiV1Controller extends Controller 'resolve' => 'nullable' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $query = $request->input('q'); $limit = $request->input('limit') ?? 20; @@ -1016,10 +972,6 @@ class ApiV1Controller extends Controller 'page' => 'nullable|integer|min:1|max:10' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $limit = $request->input('limit') ?? 40; @@ -1052,10 +1004,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $pid = $user->profile_id ?? $user->profile->id; @@ -1148,10 +1096,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $pid = $user->profile_id ?? $user->profile->id; @@ -1231,10 +1175,6 @@ class ApiV1Controller extends Controller 'limit' => 'sometimes|integer|min:1|max:20' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $maxId = $request->input('max_id'); $minId = $request->input('min_id'); @@ -1288,10 +1228,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $status = StatusService::getMastodon($id, false); @@ -1351,10 +1287,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $status = Status::findOrFail($id); @@ -1412,10 +1344,6 @@ class ApiV1Controller extends Controller 'limit' => 'sometimes|integer|min:1|max:100' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $res = FollowRequest::whereFollowingId($user->profile->id) @@ -1659,10 +1587,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'file.*' => [ 'required_without:file', @@ -1796,10 +1720,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'description' => 'nullable|string|max:' . config_cache('pixelfed.max_altext_length') ]); @@ -1850,10 +1770,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $media = Media::whereUserId($user->id) @@ -1875,10 +1791,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'file.*' => [ 'required_without:file', @@ -2052,10 +1964,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $pid = $user->profile_id; @@ -2109,10 +2017,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $pid = $user->profile_id; @@ -2149,10 +2053,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api_strict_mode')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'limit' => 'nullable|integer|min:1|max:100', 'min_id' => 'nullable|integer|min:1|max:'.PHP_INT_MAX, @@ -2232,10 +2132,6 @@ class ApiV1Controller extends Controller 'limit' => 'sometimes|integer|min:1|max:100' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api_strict_mode')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $napi = $request->has(self::PF_API_ENTITY_KEY); $page = $request->input('page'); $min = $request->input('min_id'); @@ -2383,10 +2279,6 @@ class ApiV1Controller extends Controller 'local' => 'sometimes' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api_strict_mode')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $napi = $request->has(self::PF_API_ENTITY_KEY); $min = $request->input('min_id'); $max = $request->input('max_id'); @@ -2514,10 +2406,6 @@ class ApiV1Controller extends Controller 'scope' => 'nullable|in:inbox,sent,requests' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api_strict_mode')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $limit = $request->input('limit', 20); $scope = $request->input('scope', 'inbox'); $pid = $request->user()->profile_id; @@ -2584,10 +2472,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api_strict_mode')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $res = $request->has(self::PF_API_ENTITY_KEY) ? StatusService::get($id, false) : StatusService::getMastodon($id, false); @@ -2624,10 +2508,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api_strict_mode')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $pid = $user->profile_id; $status = StatusService::getMastodon($id, false); @@ -2713,10 +2593,6 @@ class ApiV1Controller extends Controller 'limit' => 'sometimes|integer|min:1|max:80' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $limit = $request->input('limit', 10); $user = $request->user(); $pid = $user->profile_id; @@ -2809,10 +2685,6 @@ class ApiV1Controller extends Controller 'limit' => 'nullable|integer|min:1|max:80' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $limit = $request->input('limit', 10); $user = $request->user(); $pid = $user->profile_id; @@ -2902,10 +2774,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'status' => 'nullable|string', 'in_reply_to_id' => 'nullable', @@ -3105,10 +2973,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $status = Status::whereProfileId($request->user()->profile->id) ->findOrFail($id); @@ -3135,10 +2999,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $status = Status::whereScope('public')->findOrFail($id); @@ -3185,10 +3045,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $user = $request->user(); $status = Status::whereScope('public')->findOrFail($id); @@ -3230,10 +3086,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request,[ 'page' => 'nullable|integer|max:40', 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX, @@ -3320,10 +3172,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'limit' => 'nullable|integer|min:1|max:40', 'max_id' => 'nullable|integer|min:0', @@ -3391,10 +3239,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $status = Status::findOrFail($id); $pid = $request->user()->profile_id; @@ -3434,10 +3278,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $status = Status::findOrFail($id); $pid = $request->user()->profile_id; @@ -3469,10 +3309,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'limit' => 'integer|min:1|max:40' ]); @@ -3510,10 +3346,6 @@ class ApiV1Controller extends Controller 'sort' => 'in:all,newest,popular' ]); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $limit = $request->input('limit', 3); $pid = $request->user()->profile_id; $status = StatusService::getMastodon($id, false); @@ -3605,10 +3437,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $status = Status::findOrFail($id); $pid = $request->user()->profile_id; abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404); @@ -3626,10 +3454,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $pid = $request->user()->profile_id; $ids = Cache::remember('api:v1.1:discover:accounts:popular', 86400, function() { @@ -3679,10 +3503,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $pid = $request->user()->profile_id; $account = AccountService::get($pid); @@ -3731,10 +3551,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $type = $request->input('timeline'); if(is_array($type)) { $type = $type[0]; @@ -3756,10 +3572,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $pid = $request->user()->profile_id; $home = $request->input('home.last_read_id'); $notifications = $request->input('notifications.last_read_id'); @@ -3785,10 +3597,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $account = AccountService::get($request->user()->profile_id); $this->validate($request, [ @@ -3829,9 +3637,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } $pid = $request->user()->profile_id; $account = AccountService::get($pid); @@ -3873,9 +3678,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } $pid = $request->user()->profile_id; $account = AccountService::get($pid); @@ -3919,9 +3721,6 @@ class ApiV1Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } $pid = $request->user()->profile_id; $account = AccountService::get($pid); $operator = config('database.default') == 'pgsql' ? 'ilike' : 'like'; diff --git a/app/Http/Controllers/Api/ApiV2Controller.php b/app/Http/Controllers/Api/ApiV2Controller.php index f470a7ced..63c63c56f 100644 --- a/app/Http/Controllers/Api/ApiV2Controller.php +++ b/app/Http/Controllers/Api/ApiV2Controller.php @@ -150,10 +150,6 @@ class ApiV2Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'q' => 'required|string|min:1|max:100', 'account_id' => 'nullable|string', @@ -197,10 +193,6 @@ class ApiV2Controller extends Controller { abort_if(!$request->user(), 403); - if(config('pixelfed.bouncer.cloud_ips.ban_api')) { - abort_if(BouncerService::checkIp($request->ip()), 404); - } - $this->validate($request, [ 'file.*' => [ 'required_without:file',