Merge pull request #5001 from pixelfed/staging

Staging
This commit is contained in:
daniel 2024-03-10 05:44:24 -06:00 committed by GitHub
commit 8aae92d75b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 494 additions and 494 deletions

View file

@ -473,15 +473,15 @@ class ApiV1Dot1Controller extends Controller
{ {
return [ return [
'open' => (bool) config_cache('pixelfed.open_registration'), 'open' => (bool) config_cache('pixelfed.open_registration'),
'iara' => config('pixelfed.allow_app_registration') 'iara' => (bool) config_cache('pixelfed.allow_app_registration'),
]; ];
} }
public function inAppRegistration(Request $request) public function inAppRegistration(Request $request)
{ {
abort_if($request->user(), 404); abort_if($request->user(), 404);
abort_unless(config_cache('pixelfed.open_registration'), 404); abort_unless((bool) config_cache('pixelfed.open_registration'), 404);
abort_unless(config('pixelfed.allow_app_registration'), 404); abort_unless((bool) config_cache('pixelfed.allow_app_registration'), 404);
abort_unless($request->hasHeader('X-PIXELFED-APP'), 403); abort_unless($request->hasHeader('X-PIXELFED-APP'), 403);
if(config('pixelfed.bouncer.cloud_ips.ban_signups')) { if(config('pixelfed.bouncer.cloud_ips.ban_signups')) {
abort_if(BouncerService::checkIp($request->ip()), 404); abort_if(BouncerService::checkIp($request->ip()), 404);
@ -609,8 +609,8 @@ class ApiV1Dot1Controller extends Controller
public function inAppRegistrationConfirm(Request $request) public function inAppRegistrationConfirm(Request $request)
{ {
abort_if($request->user(), 404); abort_if($request->user(), 404);
abort_unless(config_cache('pixelfed.open_registration'), 404); abort_unless((bool) config_cache('pixelfed.open_registration'), 404);
abort_unless(config('pixelfed.allow_app_registration'), 404); abort_unless((bool) config_cache('pixelfed.allow_app_registration'), 404);
abort_unless($request->hasHeader('X-PIXELFED-APP'), 403); abort_unless($request->hasHeader('X-PIXELFED-APP'), 403);
if(config('pixelfed.bouncer.cloud_ips.ban_signups')) { if(config('pixelfed.bouncer.cloud_ips.ban_signups')) {
abort_if(BouncerService::checkIp($request->ip()), 404); abort_if(BouncerService::checkIp($request->ip()), 404);

View file

@ -332,7 +332,7 @@ class ProfileController extends Controller
{ {
$res = view('profile.embed-removed'); $res = view('profile.embed-removed');
if (! config('instance.embed.profile')) { if (! (bool) config_cache('instance.embed.profile')) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
} }

View file

@ -2,458 +2,466 @@
namespace App\Http\Controllers; namespace App\Http\Controllers;
use App\Jobs\ImageOptimizePipeline\ImageOptimize; use App\AccountInterstitial;
use App\Jobs\StatusPipeline\NewStatusPipeline;
use App\Jobs\StatusPipeline\StatusDelete;
use App\Jobs\StatusPipeline\RemoteStatusDelete;
use App\Jobs\SharePipeline\SharePipeline; use App\Jobs\SharePipeline\SharePipeline;
use App\Jobs\SharePipeline\UndoSharePipeline; use App\Jobs\SharePipeline\UndoSharePipeline;
use App\AccountInterstitial; use App\Jobs\StatusPipeline\RemoteStatusDelete;
use App\Media; use App\Jobs\StatusPipeline\StatusDelete;
use App\Profile; use App\Profile;
use App\Services\HashidService;
use App\Services\ReblogService;
use App\Services\StatusService;
use App\Status; use App\Status;
use App\StatusArchived;
use App\StatusView; use App\StatusView;
use App\Transformer\ActivityPub\StatusTransformer;
use App\Transformer\ActivityPub\Verb\Note; use App\Transformer\ActivityPub\Verb\Note;
use App\Transformer\ActivityPub\Verb\Question; use App\Transformer\ActivityPub\Verb\Question;
use App\User; use App\Util\Media\License;
use Auth, DB, Cache; use Auth;
use Cache;
use DB;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use League\Fractal; use League\Fractal;
use App\Util\Media\Filter;
use Illuminate\Support\Str;
use App\Services\HashidService;
use App\Services\StatusService;
use App\Util\Media\License;
use App\Services\ReblogService;
class StatusController extends Controller class StatusController extends Controller
{ {
public function show(Request $request, $username, $id) public function show(Request $request, $username, $id)
{ {
// redirect authed users to Metro 2.0 // redirect authed users to Metro 2.0
if($request->user()) { if ($request->user()) {
// unless they force static view // unless they force static view
if(!$request->has('fs') || $request->input('fs') != '1') { if (! $request->has('fs') || $request->input('fs') != '1') {
return redirect('/i/web/post/' . $id); return redirect('/i/web/post/'.$id);
} }
} }
$user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail(); $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
if($user->status != null) { if ($user->status != null) {
return ProfileController::accountCheck($user); return ProfileController::accountCheck($user);
} }
$status = Status::whereProfileId($user->id) $status = Status::whereProfileId($user->id)
->whereNull('reblog_of_id') ->whereNull('reblog_of_id')
->whereIn('scope', ['public','unlisted', 'private']) ->whereIn('scope', ['public', 'unlisted', 'private'])
->findOrFail($id); ->findOrFail($id);
if($status->uri || $status->url) { if ($status->uri || $status->url) {
$url = $status->uri ?? $status->url; $url = $status->uri ?? $status->url;
if(ends_with($url, '/activity')) { if (ends_with($url, '/activity')) {
$url = str_replace('/activity', '', $url); $url = str_replace('/activity', '', $url);
} }
return redirect($url);
} return redirect($url);
}
if($status->visibility == 'private' || $user->is_private) {
if(!Auth::check()) { if ($status->visibility == 'private' || $user->is_private) {
abort(404); if (! Auth::check()) {
} abort(404);
$pid = Auth::user()->profile; }
if($user->followedBy($pid) == false && $user->id !== $pid->id && Auth::user()->is_admin == false) { $pid = Auth::user()->profile;
abort(404); if ($user->followedBy($pid) == false && $user->id !== $pid->id && Auth::user()->is_admin == false) {
} abort(404);
} }
}
if($status->type == 'archived') {
if(Auth::user()->profile_id !== $status->profile_id) { if ($status->type == 'archived') {
abort(404); if (Auth::user()->profile_id !== $status->profile_id) {
} abort(404);
} }
}
if($request->user() && $request->user()->profile_id != $status->profile_id) {
StatusView::firstOrCreate([ if ($request->user() && $request->user()->profile_id != $status->profile_id) {
'status_id' => $status->id, StatusView::firstOrCreate([
'status_profile_id' => $status->profile_id, 'status_id' => $status->id,
'profile_id' => $request->user()->profile_id 'status_profile_id' => $status->profile_id,
]); 'profile_id' => $request->user()->profile_id,
} ]);
}
if ($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
return $this->showActivityPub($request, $status); if ($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
} return $this->showActivityPub($request, $status);
}
$template = $status->in_reply_to_id ? 'status.reply' : 'status.show';
return view($template, compact('user', 'status')); $template = $status->in_reply_to_id ? 'status.reply' : 'status.show';
}
return view($template, compact('user', 'status'));
public function shortcodeRedirect(Request $request, $id) }
{
abort(404); public function shortcodeRedirect(Request $request, $id)
} {
$hid = HashidService::decode($id);
public function showId(int $id) abort_if(! $hid, 404);
{
abort(404); return redirect('/i/web/post/'.$hid);
$status = Status::whereNull('reblog_of_id') }
->whereIn('scope', ['public', 'unlisted'])
->findOrFail($id); public function showId(int $id)
return redirect($status->url()); {
} abort(404);
$status = Status::whereNull('reblog_of_id')
public function showEmbed(Request $request, $username, int $id) ->whereIn('scope', ['public', 'unlisted'])
{ ->findOrFail($id);
if(!config('instance.embed.post')) {
$res = view('status.embed-removed'); return redirect($status->url());
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); }
}
public function showEmbed(Request $request, $username, int $id)
$profile = Profile::whereNull(['domain','status']) {
->whereIsPrivate(false) if (! (bool) config_cache('instance.embed.post')) {
->whereUsername($username) $res = view('status.embed-removed');
->first();
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
if(!$profile) { }
$content = view('status.embed-removed');
return response($content)->header('X-Frame-Options', 'ALLOWALL'); $profile = Profile::whereNull(['domain', 'status'])
} ->whereIsPrivate(false)
->whereUsername($username)
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $profile->id, 86400, function() use($profile) { ->first();
$exists = AccountInterstitial::whereUserId($profile->user_id)->where('is_spam', 1)->count();
if($exists) { if (! $profile) {
return true; $content = view('status.embed-removed');
}
return response($content)->header('X-Frame-Options', 'ALLOWALL');
return false; }
});
$aiCheck = Cache::remember('profile:ai-check:spam-login:'.$profile->id, 86400, function () use ($profile) {
if($aiCheck) { $exists = AccountInterstitial::whereUserId($profile->user_id)->where('is_spam', 1)->count();
$res = view('status.embed-removed'); if ($exists) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); return true;
} }
$status = Status::whereProfileId($profile->id)
->whereNull('uri') return false;
->whereScope('public') });
->whereIsNsfw(false)
->whereIn('type', ['photo', 'video','photo:album']) if ($aiCheck) {
->find($id); $res = view('status.embed-removed');
if(!$status) {
$content = view('status.embed-removed'); return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
return response($content)->header('X-Frame-Options', 'ALLOWALL'); }
} $status = Status::whereProfileId($profile->id)
$showLikes = $request->filled('likes') && $request->likes == true; ->whereNull('uri')
$showCaption = $request->filled('caption') && $request->caption !== false; ->whereScope('public')
$layout = $request->filled('layout') && $request->layout == 'compact' ? 'compact' : 'full'; ->whereIsNsfw(false)
$content = view('status.embed', compact('status', 'showLikes', 'showCaption', 'layout')); ->whereIn('type', ['photo', 'video', 'photo:album'])
return response($content)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); ->find($id);
} if (! $status) {
$content = view('status.embed-removed');
public function showObject(Request $request, $username, int $id)
{ return response($content)->header('X-Frame-Options', 'ALLOWALL');
$user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail(); }
$showLikes = $request->filled('likes') && $request->likes == true;
if($user->status != null) { $showCaption = $request->filled('caption') && $request->caption !== false;
return ProfileController::accountCheck($user); $layout = $request->filled('layout') && $request->layout == 'compact' ? 'compact' : 'full';
} $content = view('status.embed', compact('status', 'showLikes', 'showCaption', 'layout'));
$status = Status::whereProfileId($user->id) return response($content)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
->whereNotIn('visibility',['draft','direct']) }
->findOrFail($id);
public function showObject(Request $request, $username, int $id)
abort_if($status->uri, 404); {
$user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
if($status->visibility == 'private' || $user->is_private) {
if(!Auth::check()) { if ($user->status != null) {
abort(403); return ProfileController::accountCheck($user);
} }
$pid = Auth::user()->profile;
if($user->followedBy($pid) == false && $user->id !== $pid->id) { $status = Status::whereProfileId($user->id)
abort(403); ->whereNotIn('visibility', ['draft', 'direct'])
} ->findOrFail($id);
}
abort_if($status->uri, 404);
return $this->showActivityPub($request, $status);
} if ($status->visibility == 'private' || $user->is_private) {
if (! Auth::check()) {
public function compose() abort(403);
{ }
$this->authCheck(); $pid = Auth::user()->profile;
if ($user->followedBy($pid) == false && $user->id !== $pid->id) {
return view('status.compose'); abort(403);
} }
}
public function store(Request $request)
{ return $this->showActivityPub($request, $status);
return; }
}
public function compose()
public function delete(Request $request) {
{ $this->authCheck();
$this->authCheck();
return view('status.compose');
$this->validate($request, [ }
'item' => 'required|integer|min:1',
]); public function store(Request $request)
{
$status = Status::findOrFail($request->input('item'));
}
$user = Auth::user();
public function delete(Request $request)
if($status->profile_id != $user->profile->id && {
$user->is_admin == true && $this->authCheck();
$status->uri == null
) { $this->validate($request, [
$media = $status->media; 'item' => 'required|integer|min:1',
]);
$ai = new AccountInterstitial;
$ai->user_id = $status->profile->user_id; $status = Status::findOrFail($request->input('item'));
$ai->type = 'post.removed';
$ai->view = 'account.moderation.post.removed'; $user = Auth::user();
$ai->item_type = 'App\Status';
$ai->item_id = $status->id; if ($status->profile_id != $user->profile->id &&
$ai->has_media = (bool) $media->count(); $user->is_admin == true &&
$ai->blurhash = $media->count() ? $media->first()->blurhash : null; $status->uri == null
$ai->meta = json_encode([ ) {
'caption' => $status->caption, $media = $status->media;
'created_at' => $status->created_at,
'type' => $status->type, $ai = new AccountInterstitial;
'url' => $status->url(), $ai->user_id = $status->profile->user_id;
'is_nsfw' => $status->is_nsfw, $ai->type = 'post.removed';
'scope' => $status->scope, $ai->view = 'account.moderation.post.removed';
'reblog' => $status->reblog_of_id, $ai->item_type = 'App\Status';
'likes_count' => $status->likes_count, $ai->item_id = $status->id;
'reblogs_count' => $status->reblogs_count, $ai->has_media = (bool) $media->count();
]); $ai->blurhash = $media->count() ? $media->first()->blurhash : null;
$ai->save(); $ai->meta = json_encode([
'caption' => $status->caption,
$u = $status->profile->user; 'created_at' => $status->created_at,
$u->has_interstitial = true; 'type' => $status->type,
$u->save(); 'url' => $status->url(),
} 'is_nsfw' => $status->is_nsfw,
'scope' => $status->scope,
if($status->in_reply_to_id) { 'reblog' => $status->reblog_of_id,
$parent = Status::find($status->in_reply_to_id); 'likes_count' => $status->likes_count,
if($parent && ($parent->profile_id == $user->profile_id) || ($status->profile_id == $user->profile_id) || $user->is_admin) { 'reblogs_count' => $status->reblogs_count,
Cache::forget('_api:statuses:recent_9:' . $status->profile_id); ]);
Cache::forget('profile:status_count:' . $status->profile_id); $ai->save();
Cache::forget('profile:embed:' . $status->profile_id);
StatusService::del($status->id, true); $u = $status->profile->user;
Cache::forget('profile:status_count:'.$status->profile_id); $u->has_interstitial = true;
$status->uri ? RemoteStatusDelete::dispatch($status) : StatusDelete::dispatch($status); $u->save();
} }
} else if ($status->profile_id == $user->profile_id || $user->is_admin == true) {
Cache::forget('_api:statuses:recent_9:' . $status->profile_id); if ($status->in_reply_to_id) {
Cache::forget('profile:status_count:' . $status->profile_id); $parent = Status::find($status->in_reply_to_id);
Cache::forget('profile:embed:' . $status->profile_id); if ($parent && ($parent->profile_id == $user->profile_id) || ($status->profile_id == $user->profile_id) || $user->is_admin) {
StatusService::del($status->id, true); Cache::forget('_api:statuses:recent_9:'.$status->profile_id);
Cache::forget('profile:status_count:'.$status->profile_id); Cache::forget('profile:status_count:'.$status->profile_id);
$status->uri ? RemoteStatusDelete::dispatch($status) : StatusDelete::dispatch($status); Cache::forget('profile:embed:'.$status->profile_id);
} StatusService::del($status->id, true);
Cache::forget('profile:status_count:'.$status->profile_id);
if($request->wantsJson()) { $status->uri ? RemoteStatusDelete::dispatch($status) : StatusDelete::dispatch($status);
return response()->json(['Status successfully deleted.']); }
} else { } elseif ($status->profile_id == $user->profile_id || $user->is_admin == true) {
return redirect($user->url()); Cache::forget('_api:statuses:recent_9:'.$status->profile_id);
} Cache::forget('profile:status_count:'.$status->profile_id);
} Cache::forget('profile:embed:'.$status->profile_id);
StatusService::del($status->id, true);
public function storeShare(Request $request) Cache::forget('profile:status_count:'.$status->profile_id);
{ $status->uri ? RemoteStatusDelete::dispatch($status) : StatusDelete::dispatch($status);
$this->authCheck(); }
$this->validate($request, [ if ($request->wantsJson()) {
'item' => 'required|integer|min:1', return response()->json(['Status successfully deleted.']);
]); } else {
return redirect($user->url());
$user = Auth::user(); }
$profile = $user->profile; }
$status = Status::whereScope('public')
->findOrFail($request->input('item')); public function storeShare(Request $request)
{
$count = $status->reblogs_count; $this->authCheck();
$exists = Status::whereProfileId(Auth::user()->profile->id) $this->validate($request, [
->whereReblogOfId($status->id) 'item' => 'required|integer|min:1',
->exists(); ]);
if ($exists == true) {
$shares = Status::whereProfileId(Auth::user()->profile->id) $user = Auth::user();
->whereReblogOfId($status->id) $profile = $user->profile;
->get(); $status = Status::whereScope('public')
foreach ($shares as $share) { ->findOrFail($request->input('item'));
UndoSharePipeline::dispatch($share);
ReblogService::del($profile->id, $status->id); $count = $status->reblogs_count;
$count--;
} $exists = Status::whereProfileId(Auth::user()->profile->id)
} else { ->whereReblogOfId($status->id)
$share = new Status(); ->exists();
$share->profile_id = $profile->id; if ($exists == true) {
$share->reblog_of_id = $status->id; $shares = Status::whereProfileId(Auth::user()->profile->id)
$share->in_reply_to_profile_id = $status->profile_id; ->whereReblogOfId($status->id)
$share->type = 'share'; ->get();
$share->save(); foreach ($shares as $share) {
$count++; UndoSharePipeline::dispatch($share);
SharePipeline::dispatch($share); ReblogService::del($profile->id, $status->id);
ReblogService::add($profile->id, $status->id); $count--;
} }
} else {
Cache::forget('status:'.$status->id.':sharedby:userid:'.$user->id); $share = new Status();
StatusService::del($status->id); $share->profile_id = $profile->id;
$share->reblog_of_id = $status->id;
if ($request->ajax()) { $share->in_reply_to_profile_id = $status->profile_id;
$response = ['code' => 200, 'msg' => 'Share saved', 'count' => $count]; $share->type = 'share';
} else { $share->save();
$response = redirect($status->url()); $count++;
} SharePipeline::dispatch($share);
ReblogService::add($profile->id, $status->id);
return $response; }
}
Cache::forget('status:'.$status->id.':sharedby:userid:'.$user->id);
public function showActivityPub(Request $request, $status) StatusService::del($status->id);
{
$object = $status->type == 'poll' ? new Question() : new Note(); if ($request->ajax()) {
$fractal = new Fractal\Manager(); $response = ['code' => 200, 'msg' => 'Share saved', 'count' => $count];
$resource = new Fractal\Resource\Item($status, $object); } else {
$res = $fractal->createData($resource)->toArray(); $response = redirect($status->url());
}
return response()->json($res['data'], 200, ['Content-Type' => 'application/activity+json'], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES);
} return $response;
}
public function edit(Request $request, $username, $id)
{ public function showActivityPub(Request $request, $status)
$this->authCheck(); {
$user = Auth::user()->profile; $object = $status->type == 'poll' ? new Question() : new Note();
$status = Status::whereProfileId($user->id) $fractal = new Fractal\Manager();
->with(['media']) $resource = new Fractal\Resource\Item($status, $object);
->findOrFail($id); $res = $fractal->createData($resource)->toArray();
$licenses = License::get();
return view('status.edit', compact('user', 'status', 'licenses')); return response()->json($res['data'], 200, ['Content-Type' => 'application/activity+json'], JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
} }
public function editStore(Request $request, $username, $id) public function edit(Request $request, $username, $id)
{ {
$this->authCheck(); $this->authCheck();
$user = Auth::user()->profile; $user = Auth::user()->profile;
$status = Status::whereProfileId($user->id) $status = Status::whereProfileId($user->id)
->with(['media']) ->with(['media'])
->findOrFail($id); ->findOrFail($id);
$licenses = License::get();
$this->validate($request, [
'license' => 'nullable|integer|min:1|max:16', return view('status.edit', compact('user', 'status', 'licenses'));
]); }
$licenseId = $request->input('license'); public function editStore(Request $request, $username, $id)
{
$status->media->each(function($media) use($licenseId) { $this->authCheck();
$media->license = $licenseId; $user = Auth::user()->profile;
$media->save(); $status = Status::whereProfileId($user->id)
Cache::forget('status:transformer:media:attachments:'.$media->status_id); ->with(['media'])
}); ->findOrFail($id);
return redirect($status->url()); $this->validate($request, [
} 'license' => 'nullable|integer|min:1|max:16',
]);
protected function authCheck()
{ $licenseId = $request->input('license');
if (Auth::check() == false) {
abort(403); $status->media->each(function ($media) use ($licenseId) {
} $media->license = $licenseId;
} $media->save();
Cache::forget('status:transformer:media:attachments:'.$media->status_id);
protected function validateVisibility($visibility) });
{
$allowed = ['public', 'unlisted', 'private']; return redirect($status->url());
return in_array($visibility, $allowed) ? $visibility : 'public'; }
}
protected function authCheck()
public static function mimeTypeCheck($mimes) {
{ if (Auth::check() == false) {
$allowed = explode(',', config_cache('pixelfed.media_types')); abort(403);
$count = count($mimes); }
$photos = 0; }
$videos = 0;
foreach($mimes as $mime) { protected function validateVisibility($visibility)
if(in_array($mime, $allowed) == false && $mime !== 'video/mp4') { {
continue; $allowed = ['public', 'unlisted', 'private'];
}
if(str_contains($mime, 'image/')) { return in_array($visibility, $allowed) ? $visibility : 'public';
$photos++; }
}
if(str_contains($mime, 'video/')) { public static function mimeTypeCheck($mimes)
$videos++; {
} $allowed = explode(',', config_cache('pixelfed.media_types'));
} $count = count($mimes);
if($photos == 1 && $videos == 0) { $photos = 0;
return 'photo'; $videos = 0;
} foreach ($mimes as $mime) {
if($videos == 1 && $photos == 0) { if (in_array($mime, $allowed) == false && $mime !== 'video/mp4') {
return 'video'; continue;
} }
if($photos > 1 && $videos == 0) { if (str_contains($mime, 'image/')) {
return 'photo:album'; $photos++;
} }
if($videos > 1 && $photos == 0) { if (str_contains($mime, 'video/')) {
return 'video:album'; $videos++;
} }
if($photos >= 1 && $videos >= 1) { }
return 'photo:video:album'; if ($photos == 1 && $videos == 0) {
} return 'photo';
}
return 'text'; if ($videos == 1 && $photos == 0) {
} return 'video';
}
public function toggleVisibility(Request $request) { if ($photos > 1 && $videos == 0) {
$this->authCheck(); return 'photo:album';
$this->validate($request, [ }
'item' => 'required|string|min:1|max:20', if ($videos > 1 && $photos == 0) {
'disableComments' => 'required|boolean' return 'video:album';
]); }
if ($photos >= 1 && $videos >= 1) {
$user = Auth::user(); return 'photo:video:album';
$id = $request->input('item'); }
$state = $request->input('disableComments');
return 'text';
$status = Status::findOrFail($id); }
if($status->profile_id != $user->profile->id && $user->is_admin == false) { public function toggleVisibility(Request $request)
abort(403); {
} $this->authCheck();
$this->validate($request, [
$status->comments_disabled = $status->comments_disabled == true ? false : true; 'item' => 'required|string|min:1|max:20',
$status->save(); 'disableComments' => 'required|boolean',
]);
return response()->json([200]);
} $user = Auth::user();
$id = $request->input('item');
public function storeView(Request $request) $state = $request->input('disableComments');
{
abort_if(!$request->user(), 403); $status = Status::findOrFail($id);
$views = $request->input('_v'); if ($status->profile_id != $user->profile->id && $user->is_admin == false) {
$uid = $request->user()->profile_id; abort(403);
}
if(empty($views) || !is_array($views)) {
return response()->json(0); $status->comments_disabled = $status->comments_disabled == true ? false : true;
} $status->save();
Cache::forget('profile:home-timeline-cursor:' . $request->user()->id); return response()->json([200]);
}
foreach($views as $view) {
if(!isset($view['sid']) || !isset($view['pid'])) { public function storeView(Request $request)
continue; {
} abort_if(! $request->user(), 403);
DB::transaction(function () use($view, $uid) {
StatusView::firstOrCreate([ $views = $request->input('_v');
'status_id' => $view['sid'], $uid = $request->user()->profile_id;
'status_profile_id' => $view['pid'],
'profile_id' => $uid if (empty($views) || ! is_array($views)) {
]); return response()->json(0);
}); }
}
Cache::forget('profile:home-timeline-cursor:'.$request->user()->id);
return response()->json(1);
} foreach ($views as $view) {
if (! isset($view['sid']) || ! isset($view['pid'])) {
continue;
}
DB::transaction(function () use ($view, $uid) {
StatusView::firstOrCreate([
'status_id' => $view['sid'],
'status_profile_id' => $view['pid'],
'profile_id' => $uid,
]);
});
}
return response()->json(1);
}
} }

View file

@ -87,6 +87,8 @@ class ConfigCacheService
'pixelfed.app_registration_rate_limit_decay', 'pixelfed.app_registration_rate_limit_decay',
'pixelfed.app_registration_confirm_rate_limit_attempts', 'pixelfed.app_registration_confirm_rate_limit_attempts',
'pixelfed.app_registration_confirm_rate_limit_decay', 'pixelfed.app_registration_confirm_rate_limit_decay',
'instance.embed.profile',
'instance.embed.post',
// 'system.user_mode' // 'system.user_mode'
]; ];

View file

@ -2,54 +2,38 @@
namespace App\Services; namespace App\Services;
use Cache; class HashidService
{
public const CMAP = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_';
class HashidService { public static function encode($id, $minLimit = true)
{
if (! is_numeric($id) || $id > PHP_INT_MAX) {
return null;
}
public const MIN_LIMIT = 15; $cmap = self::CMAP;
public const CMAP = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_'; $base = strlen($cmap);
$shortcode = '';
while ($id) {
$id = ($id - ($r = $id % $base)) / $base;
$shortcode = $cmap[$r].$shortcode;
}
public static function encode($id, $minLimit = true) return $shortcode;
{ }
if(!is_numeric($id) || $id > PHP_INT_MAX) {
return null;
}
if($minLimit && strlen($id) < self::MIN_LIMIT) { public static function decode($short = false)
return null; {
} if (! $short) {
return;
$key = "hashids:{$id}"; }
return Cache::remember($key, now()->hours(48), function() use($id) { $id = 0;
$cmap = self::CMAP; foreach (str_split($short) as $needle) {
$base = strlen($cmap); $pos = strpos(self::CMAP, $needle);
$shortcode = ''; $id = ($id * 64) + $pos;
while($id) { }
$id = ($id - ($r = $id % $base)) / $base;
$shortcode = $cmap[$r] . $shortcode;
}
return $shortcode;
});
}
public static function decode($short)
{
$len = strlen($short);
if($len < 3 || $len > 11) {
return null;
}
$id = 0;
foreach(str_split($short) as $needle) {
$pos = strpos(self::CMAP, $needle);
// if(!$pos) {
// return null;
// }
$id = ($id*64) + $pos;
}
if(strlen($id) < self::MIN_LIMIT) {
return null;
}
return $id;
}
return $id;
}
} }

View file

@ -32,7 +32,7 @@ class Config
'uploader' => [ 'uploader' => [
'max_photo_size' => (int) config('pixelfed.max_photo_size'), 'max_photo_size' => (int) config('pixelfed.max_photo_size'),
'max_caption_length' => (int) config_cache('pixelfed.max_caption_length'), 'max_caption_length' => (int) config_cache('pixelfed.max_caption_length'),
'max_altext_length' => (int) config('pixelfed.max_altext_length', 150), 'max_altext_length' => (int) config_cache('pixelfed.max_altext_length', 150),
'album_limit' => (int) config_cache('pixelfed.max_album_length'), 'album_limit' => (int) config_cache('pixelfed.max_album_length'),
'image_quality' => (int) config_cache('pixelfed.image_quality'), 'image_quality' => (int) config_cache('pixelfed.image_quality'),
@ -102,6 +102,12 @@ class Config
}); });
} }
public static function refresh()
{
Cache::forget(self::CACHE_KEY);
return self::get();
}
public static function json() public static function json()
{ {
return json_encode(self::get(), JSON_FORCE_OBJECT); return json_encode(self::get(), JSON_FORCE_OBJECT);