Merge branch 'staging' of https://github.com/pixelfed/pixelfed into translation-coverage-extension

2024-11-05 22:34:51 +00:00 · 2024-07-23 00:38:32 +00:00 · 2024-07-23 00:38:32 +00:00 · 96d5eb184c
commit 96d5eb184c
parent df4303d4c7 0cac17d8d5
14 changed files with 585 additions and 409 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -7,7 +7,7 @@ jobs:
  build:
    docker:
      # Specify the version you desire here
-      - image: cimg/php:8.2.5
+      - image: cimg/php:8.3.8

      # Specify service dependencies here if necessary
      # CircleCI maintains a library of pre-built images
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,6 +6,9 @@
 - Update ApiV1Controller, add support for notification filter types ([f61159a1](https://github.com/pixelfed/pixelfed/commit/f61159a1))
 - Update ApiV1Dot1Controller, fix mutual api ([a8bb97b2](https://github.com/pixelfed/pixelfed/commit/a8bb97b2))
 - Update ApiV1Controller, fix /api/v1/favourits pagination ([72f68160](https://github.com/pixelfed/pixelfed/commit/72f68160))
+- Update RegisterController, update username constraints, require atleast one alpha char ([dd6e3cc2](https://github.com/pixelfed/pixelfed/commit/dd6e3cc2))
+- Update AdminUser, fix entity casting ([cb5620d4](https://github.com/pixelfed/pixelfed/commit/cb5620d4))
+-  ([](https://github.com/pixelfed/pixelfed/commit/))
 -  ([](https://github.com/pixelfed/pixelfed/commit/))

 ## [v0.12.3 (2024-07-01)](https://github.com/pixelfed/pixelfed/compare/v0.12.2...v0.12.3)
--- a/app/Console/Commands/DeleteRemoteProfile.php
+++ b/app/Console/Commands/DeleteRemoteProfile.php
@ -0,0 +1,51 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Jobs\DeletePipeline\DeleteRemoteProfilePipeline;
+use App\Profile;
+use Illuminate\Console\Command;
+
+use function Laravel\Prompts\confirm;
+use function Laravel\Prompts\search;
+
+class DeleteRemoteProfile extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'app:delete-remote-profile';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Delete remote profile';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $id = search(
+            'Search for the account',
+            fn (string $value) => strlen($value) > 2
+                ? Profile::whereNotNull('domain')->where('username', 'like', $value.'%')->pluck('username', 'id')->all()
+                : []
+        );
+        $profile = Profile::whereNotNull('domain')->find($id);
+
+        if (! $profile) {
+            $this->error('Could not find profile.');
+            exit;
+        }
+
+        $confirmed = confirm('Are you sure you want to delete '.$profile->username.'\'s account? This action cannot be reversed.');
+        DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('adelete');
+        $this->info('Dispatched delete job, it may take a few minutes...');
+        exit;
+    }
+}
--- a/app/Http/Controllers/Api/AdminApiController.php
+++ b/app/Http/Controllers/Api/AdminApiController.php
@ -2,45 +2,40 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
+use App\AccountInterstitial;
 use App\Http\Controllers\Controller;
+use App\Http\Resources\AdminInstance;
+use App\Http\Resources\AdminUser;
+use App\Instance;
+use App\Jobs\DeletePipeline\DeleteAccountPipeline;
+use App\Jobs\DeletePipeline\DeleteRemoteProfilePipeline;
 use App\Jobs\StatusPipeline\StatusDelete;
-use Auth, Cache, DB;
-use Carbon\Carbon;
-use App\{
-    AccountInterstitial,
-    Instance,
-    Like,
-    Notification,
-    Media,
-    Profile,
-    Report,
-    Status,
-    User
-};
 use App\Models\Conversation;
 use App\Models\RemoteReport;
+use App\Notification;
+use App\Profile;
+use App\Report;
 use App\Services\AccountService;
 use App\Services\AdminStatsService;
 use App\Services\ConfigCacheService;
 use App\Services\InstanceService;
 use App\Services\ModLogService;
-use App\Services\SnowflakeService;
-use App\Services\StatusService;
-use App\Services\PublicTimelineService;
 use App\Services\NetworkTimelineService;
 use App\Services\NotificationService;
-use App\Http\Resources\AdminInstance;
-use App\Http\Resources\AdminUser;
-use App\Jobs\DeletePipeline\DeleteAccountPipeline;
-use App\Jobs\DeletePipeline\DeleteRemoteProfilePipeline;
-use App\Jobs\DeletePipeline\DeleteRemoteStatusPipeline;
+use App\Services\PublicTimelineService;
+use App\Services\SnowflakeService;
+use App\Services\StatusService;
+use App\Status;
+use App\User;
+use Cache;
+use DB;
+use Illuminate\Http\Request;

 class AdminApiController extends Controller
 {
    public function supported(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -50,7 +45,7 @@ class AdminApiController extends Controller

    public function getStats(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -59,12 +54,13 @@ class AdminApiController extends Controller
        $res['autospam_count'] = AccountInterstitial::whereType('post.autospam')
            ->whereNull('appeal_handled_at')
            ->count();
+
        return $res;
    }

    public function autospam(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -73,26 +69,27 @@ class AdminApiController extends Controller
            ->whereNull('appeal_handled_at')
            ->latest()
            ->simplePaginate(6)
-            ->map(function($report) {
+            ->map(function ($report) {
                $r = [
                    'id' => $report->id,
                    'type' => $report->type,
                    'item_id' => $report->item_id,
                    'item_type' => $report->item_type,
-                    'created_at' => $report->created_at
+                    'created_at' => $report->created_at,
                ];
-                if($report->item_type === 'App\\Status') {
+                if ($report->item_type === 'App\\Status') {
                    $status = StatusService::get($report->item_id, false);
-                    if(!$status) {
+                    if (! $status) {
                        return;
                    }

                    $r['status'] = $status;

-                    if($status['in_reply_to_id']) {
+                    if ($status['in_reply_to_id']) {
                        $r['parent'] = StatusService::get($status['in_reply_to_id'], false);
                    }
                }
+
                return $r;
            });

@ -101,14 +98,14 @@ class AdminApiController extends Controller

    public function autospamHandle(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:write'), 404);

        $this->validate($request, [
            'action' => 'required|in:dismiss,approve,dismiss-all,approve-all,delete-post,delete-account',
-            'id' => 'required'
+            'id' => 'required',
        ]);

        $action = $request->input('action');
@ -122,18 +119,19 @@ class AdminApiController extends Controller
        $user = $appeal->user;
        $profile = $user->profile;

-        if($action == 'dismiss') {
+        if ($action == 'dismiss') {
            $appeal->is_spam = true;
            $appeal->appeal_handled_at = $now;
            $appeal->save();

-            Cache::forget('pf:bouncer_v0:exemption_by_pid:' . $profile->id);
-            Cache::forget('pf:bouncer_v0:recent_by_pid:' . $profile->id);
+            Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$profile->id);
+            Cache::forget('pf:bouncer_v0:recent_by_pid:'.$profile->id);
            Cache::forget('admin-dash:reports:spam-count');
+
            return $res;
        }

-        if($action == 'delete-post') {
+        if ($action == 'delete-post') {
            $appeal->appeal_handled_at = now();
            $appeal->is_spam = true;
            $appeal->save();
@ -148,10 +146,11 @@ class AdminApiController extends Controller
            PublicTimelineService::deleteByProfileId($profile->id);
            StatusDelete::dispatch($appeal->status)->onQueue('high');
            Cache::forget('admin-dash:reports:spam-count');
+
            return $res;
        }

-        if($action == 'delete-account') {
+        if ($action == 'delete-account') {
            abort_if($user->is_admin, 400, 'Cannot delete an admin account.');
            $appeal->appeal_handled_at = now();
            $appeal->is_spam = true;
@ -167,22 +166,24 @@ class AdminApiController extends Controller
            PublicTimelineService::deleteByProfileId($profile->id);
            DeleteAccountPipeline::dispatch($appeal->user)->onQueue('high');
            Cache::forget('admin-dash:reports:spam-count');
+
            return $res;
        }

-        if($action == 'dismiss-all') {
+        if ($action == 'dismiss-all') {
            AccountInterstitial::whereType('post.autospam')
                ->whereItemType('App\Status')
                ->whereNull('appeal_handled_at')
                ->whereUserId($appeal->user_id)
                ->update(['appeal_handled_at' => $now, 'is_spam' => true]);
-            Cache::forget('pf:bouncer_v0:exemption_by_pid:' . $appeal->user->profile_id);
-            Cache::forget('pf:bouncer_v0:recent_by_pid:' . $appeal->user->profile_id);
+            Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
+            Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
            Cache::forget('admin-dash:reports:spam-count');
+
            return $res;
        }

-        if($action == 'approve') {
+        if ($action == 'approve') {
            $status = $appeal->status;
            $status->is_nsfw = $meta->is_nsfw;
            $status->scope = 'public';
@ -198,29 +199,30 @@ class AdminApiController extends Controller
            Notification::whereAction('autospam.warning')
                ->whereProfileId($appeal->user->profile_id)
                ->get()
-                ->each(function($n) use($appeal) {
+                ->each(function ($n) use ($appeal) {
                    NotificationService::del($appeal->user->profile_id, $n->id);
                    $n->forceDelete();
                });

-            Cache::forget('pf:bouncer_v0:exemption_by_pid:' . $appeal->user->profile_id);
-            Cache::forget('pf:bouncer_v0:recent_by_pid:' . $appeal->user->profile_id);
+            Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
+            Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
            Cache::forget('admin-dash:reports:spam-count');
+
            return $res;
        }

-        if($action == 'approve-all') {
+        if ($action == 'approve-all') {
            AccountInterstitial::whereType('post.autospam')
                ->whereItemType('App\Status')
                ->whereNull('appeal_handled_at')
                ->whereUserId($appeal->user_id)
                ->get()
-                ->each(function($report) use($meta) {
+                ->each(function ($report) use ($meta) {
                    $report->is_spam = false;
                    $report->appeal_handled_at = now();
                    $report->save();
                    $status = Status::find($report->item_id);
-                    if($status) {
+                    if ($status) {
                        $status->is_nsfw = $meta->is_nsfw;
                        $status->scope = 'public';
                        $status->visibility = 'public';
@ -231,14 +233,15 @@ class AdminApiController extends Controller
                    Notification::whereAction('autospam.warning')
                        ->whereProfileId($report->user->profile_id)
                        ->get()
-                        ->each(function($n) use($report) {
+                        ->each(function ($n) use ($report) {
                            NotificationService::del($report->user->profile_id, $n->id);
                            $n->forceDelete();
                        });
                });
-            Cache::forget('pf:bouncer_v0:exemption_by_pid:' . $appeal->user->profile_id);
-            Cache::forget('pf:bouncer_v0:recent_by_pid:' . $appeal->user->profile_id);
+            Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
+            Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
            Cache::forget('admin-dash:reports:spam-count');
+
            return $res;
        }

@ -247,44 +250,48 @@ class AdminApiController extends Controller

    public function modReports(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);

        $reports = Report::whereNull('admin_seen')
-            ->orderBy('created_at','desc')
+            ->orderBy('created_at', 'desc')
            ->paginate(6)
-            ->map(function($report) {
+            ->map(function ($report) {
                $r = [
                    'id' => $report->id,
                    'type' => $report->type,
                    'message' => $report->message,
                    'object_id' => $report->object_id,
                    'object_type' => $report->object_type,
-                    'created_at' => $report->created_at
+                    'created_at' => $report->created_at,
                ];

-                if($report->profile_id) {
+                if ($report->profile_id) {
                    $r['reported_by_account'] = AccountService::get($report->profile_id, true);
                }

-                if($report->object_type === 'App\\Status') {
+                if ($report->object_type === 'App\\Status') {
                    $status = StatusService::get($report->object_id, false);
-                    if(!$status) {
+                    if (! $status) {
                        return;
                    }

                    $r['status'] = $status;

-                    if($status['in_reply_to_id']) {
+                    if (isset($status['in_reply_to_id'])) {
                        $r['parent'] = StatusService::get($status['in_reply_to_id'], false);
                    }
                }

-                if($report->object_type === 'App\\Profile') {
-                    $r['account'] = AccountService::get($report->object_id, false);
+                if ($report->object_type === 'App\\Profile') {
+                    $acct = AccountService::get($report->object_id, true);
+                    if ($acct) {
+                        $r['account'] = $acct;
                    }
+                }
+
                return $r;
            })
            ->filter()
@ -295,14 +302,14 @@ class AdminApiController extends Controller

    public function modReportHandle(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:write'), 404);

        $this->validate($request, [
            'action' => 'required|string',
-            'id' => 'required'
+            'id' => 'required',
        ]);

        $action = $request->input('action');
@ -311,10 +318,10 @@ class AdminApiController extends Controller
        $actions = [
            'ignore',
            'cw',
-            'unlist'
+            'unlist',
        ];

-        if (!in_array($action, $actions)) {
+        if (! in_array($action, $actions)) {
            return abort(403);
        }

@ -355,7 +362,7 @@ class AdminApiController extends Controller

    public function getConfiguration(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -366,42 +373,43 @@ class AdminApiController extends Controller
            [
                'name' => 'ActivityPub Federation',
                'description' => 'Enable activitypub federation support, compatible with Pixelfed, Mastodon and other platforms.',
-                'key' => 'federation.activitypub.enabled'
+                'key' => 'federation.activitypub.enabled',
            ],

            [
                'name' => 'Open Registration',
                'description' => 'Allow new account registrations.',
-                'key' => 'pixelfed.open_registration'
+                'key' => 'pixelfed.open_registration',
            ],

            [
                'name' => 'Stories',
                'description' => 'Enable the ephemeral Stories feature.',
-                'key' => 'instance.stories.enabled'
+                'key' => 'instance.stories.enabled',
            ],

            [
                'name' => 'Require Email Verification',
                'description' => 'Require new accounts to verify their email address.',
-                'key' => 'pixelfed.enforce_email_verification'
+                'key' => 'pixelfed.enforce_email_verification',
            ],

            [
                'name' => 'AutoSpam Detection',
                'description' => 'Detect and remove spam from public timelines.',
-                'key' => 'pixelfed.bouncer.enabled'
+                'key' => 'pixelfed.bouncer.enabled',
            ],
        ])
-        ->map(function($s) {
+            ->map(function ($s) {
                $s['state'] = (bool) config_cache($s['key']);
+
                return $s;
            });
    }

    public function updateConfiguration(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -410,7 +418,7 @@ class AdminApiController extends Controller

        $this->validate($request, [
            'key' => 'required',
-            'value' => 'required'
+            'value' => 'required',
        ]);

        $allowedKeys = [
@ -423,7 +431,7 @@ class AdminApiController extends Controller

        $key = $request->input('key');
        $value = (bool) filter_var($request->input('value'), FILTER_VALIDATE_BOOLEAN);
-        abort_if(!in_array($key, $allowedKeys), 400, 'Invalid cache key.');
+        abort_if(! in_array($key, $allowedKeys), 400, 'Invalid cache key.');

        ConfigCacheService::put($key, $value);

@ -431,42 +439,43 @@ class AdminApiController extends Controller
            [
                'name' => 'ActivityPub Federation',
                'description' => 'Enable activitypub federation support, compatible with Pixelfed, Mastodon and other platforms.',
-                'key' => 'federation.activitypub.enabled'
+                'key' => 'federation.activitypub.enabled',
            ],

            [
                'name' => 'Open Registration',
                'description' => 'Allow new account registrations.',
-                'key' => 'pixelfed.open_registration'
+                'key' => 'pixelfed.open_registration',
            ],

            [
                'name' => 'Stories',
                'description' => 'Enable the ephemeral Stories feature.',
-                'key' => 'instance.stories.enabled'
+                'key' => 'instance.stories.enabled',
            ],

            [
                'name' => 'Require Email Verification',
                'description' => 'Require new accounts to verify their email address.',
-                'key' => 'pixelfed.enforce_email_verification'
+                'key' => 'pixelfed.enforce_email_verification',
            ],

            [
                'name' => 'AutoSpam Detection',
                'description' => 'Detect and remove spam from public timelines.',
-                'key' => 'pixelfed.bouncer.enabled'
+                'key' => 'pixelfed.bouncer.enabled',
            ],
        ])
-        ->map(function($s) {
+            ->map(function ($s) {
                $s['state'] = (bool) config_cache($s['key']);
+
                return $s;
            });
    }

    public function getUsers(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -477,27 +486,29 @@ class AdminApiController extends Controller
        $q = $request->input('q');
        $sort = $request->input('sort', 'desc') === 'asc' ? 'asc' : 'desc';
        $res = User::whereNull('status')
-            ->when($q, function($query, $q) {
-                return $query->where('username', 'like', '%' . $q . '%');
+            ->when($q, function ($query, $q) {
+                return $query->where('username', 'like', '%'.$q.'%');
            })
            ->orderBy('id', $sort)
            ->cursorPaginate(10);
+
        return AdminUser::collection($res);
    }

    public function getUser(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);

        $id = $request->input('user_id');
-        $key = 'pf-admin-api:getUser:byId:' . $id;
-        if($request->has('refresh')) {
+        $key = 'pf-admin-api:getUser:byId:'.$id;
+        if ($request->has('refresh')) {
            Cache::forget($key);
        }
-        return Cache::remember($key, 86400, function() use($id) {
+
+        return Cache::remember($key, 86400, function () use ($id) {
            $user = User::findOrFail($id);
            $profile = $user->profile;
            $account = AccountService::get($user->profile_id, true);
@ -510,8 +521,8 @@ class AdminApiController extends Controller
                'moderation' => [
                    'unlisted' => (bool) $profile->unlisted,
                    'cw' => (bool) $profile->cw,
-                    'no_autolink' => (bool) $profile->no_autolink
-                ]
+                    'no_autolink' => (bool) $profile->no_autolink,
+                ],
            ]]);

            return $res;
@ -520,7 +531,7 @@ class AdminApiController extends Controller

    public function userAdminAction(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -528,7 +539,7 @@ class AdminApiController extends Controller
        $this->validate($request, [
            'id' => 'required',
            'action' => 'required|in:unlisted,cw,no_autolink,refresh_stats,verify_email,delete',
-            'value' => 'sometimes'
+            'value' => 'sometimes',
        ]);

        $id = $request->input('id');
@ -538,8 +549,8 @@ class AdminApiController extends Controller

        abort_if($user->is_admin == true && $action !== 'refresh_stats', 400, 'Cannot moderate admin accounts');

-        if($action === 'delete') {
-            if(config('pixelfed.account_deletion') == false) {
+        if ($action === 'delete') {
+            if (config('pixelfed.account_deletion') == false) {
                abort(404);
            }

@ -567,7 +578,7 @@ class AdminApiController extends Controller
            PublicTimelineService::deleteByProfileId($profile->id);
            NetworkTimelineService::deleteByProfileId($profile->id);

-            if($profile->user_id) {
+            if ($profile->user_id) {
                DB::table('oauth_access_tokens')->whereUserId($user->id)->delete();
                DB::table('oauth_auth_codes')->whereUserId($user->id)->delete();
                $user->email = $user->id;
@ -586,11 +597,12 @@ class AdminApiController extends Controller
                AccountService::del($profile->id);
                DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('high');
            }
+
            return [
                'status' => 200,
                'msg' => 'deleted',
            ];
-        } else if($action === 'refresh_stats') {
+        } elseif ($action === 'refresh_stats') {
            $profile->following_count = DB::table('followers')->whereProfileId($user->profile_id)->count();
            $profile->followers_count = DB::table('followers')->whereFollowingId($user->profile_id)->count();
            $statusCount = Status::whereProfileId($user->profile_id)
@ -600,7 +612,7 @@ class AdminApiController extends Controller
                ->count();
            $profile->status_count = $statusCount;
            $profile->save();
-        } else if($action === 'verify_email') {
+        } elseif ($action === 'verify_email') {
            $user->email_verified_at = now();
            $user->save();

@ -612,11 +624,11 @@ class AdminApiController extends Controller
                ->action('admin.user.moderate')
                ->metadata([
                    'action' => 'Manually verified email address',
-                    'message' => 'Success!'
+                    'message' => 'Success!',
                ])
                ->accessLevel('admin')
                ->save();
-        } else if($action === 'unlisted') {
+        } elseif ($action === 'unlisted') {
            ModLogService::boot()
                ->objectUid($profile->id)
                ->objectId($profile->id)
@ -625,13 +637,13 @@ class AdminApiController extends Controller
                ->action('admin.user.moderate')
                ->metadata([
                    'action' => $action,
-                    'message' => 'Success!'
+                    'message' => 'Success!',
                ])
                ->accessLevel('admin')
                ->save();
-            $profile->unlisted = !$profile->unlisted;
+            $profile->unlisted = ! $profile->unlisted;
            $profile->save();
-        } else if($action === 'cw') {
+        } elseif ($action === 'cw') {
            ModLogService::boot()
                ->objectUid($profile->id)
                ->objectId($profile->id)
@ -640,13 +652,13 @@ class AdminApiController extends Controller
                ->action('admin.user.moderate')
                ->metadata([
                    'action' => $action,
-                    'message' => 'Success!'
+                    'message' => 'Success!',
                ])
                ->accessLevel('admin')
                ->save();
-            $profile->cw = !$profile->cw;
+            $profile->cw = ! $profile->cw;
            $profile->save();
-        } else if($action === 'no_autolink') {
+        } elseif ($action === 'no_autolink') {
            ModLogService::boot()
                ->objectUid($profile->id)
                ->objectId($profile->id)
@ -655,11 +667,11 @@ class AdminApiController extends Controller
                ->action('admin.user.moderate')
                ->metadata([
                    'action' => $action,
-                    'message' => 'Success!'
+                    'message' => 'Success!',
                ])
                ->accessLevel('admin')
                ->save();
-            $profile->no_autolink = !$profile->no_autolink;
+            $profile->no_autolink = ! $profile->no_autolink;
            $profile->save();
        } else {
            $profile->{$action} = filter_var($request->input('value'), FILTER_VALIDATE_BOOLEAN);
@ -673,7 +685,7 @@ class AdminApiController extends Controller
                ->action('admin.user.moderate')
                ->metadata([
                    'action' => $action,
-                    'message' => 'Success!'
+                    'message' => 'Success!',
                ])
                ->accessLevel('admin')
                ->save();
@ -687,14 +699,14 @@ class AdminApiController extends Controller
            'moderation' => [
                'unlisted' => (bool) $profile->unlisted,
                'cw' => (bool) $profile->cw,
-                'no_autolink' => (bool) $profile->no_autolink
-            ]
+                'no_autolink' => (bool) $profile->no_autolink,
+            ],
        ]]);
    }

    public function instances(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -711,19 +723,19 @@ class AdminApiController extends Controller
        $sortBy = $request->input('sort_by', 'id');
        $filter = $request->input('filter');

-        $res = Instance::when($q, function($query, $q) {
-                return $query->where('domain', 'like', '%' . $q . '%');
+        $res = Instance::when($q, function ($query, $q) {
+            return $query->where('domain', 'like', '%'.$q.'%');
        })
-            ->when($filter, function($query, $filter) {
-                if($filter === 'all') {
+            ->when($filter, function ($query, $filter) {
+                if ($filter === 'all') {
                    return $query;
                } else {
                    return $query->where($filter, true);
                }
            })
-            ->when($sortBy, function($query, $sortBy) use($sort) {
+            ->when($sortBy, function ($query, $sortBy) use ($sort) {
                return $query->orderBy($sortBy, $sort);
-            }, function($query) {
+            }, function ($query) {
                return $query->orderBy('id', 'desc');
            })
            ->cursorPaginate(10)
@ -734,7 +746,7 @@ class AdminApiController extends Controller

    public function getInstance(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -747,7 +759,7 @@ class AdminApiController extends Controller

    public function moderateInstance(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -755,7 +767,7 @@ class AdminApiController extends Controller
        $this->validate($request, [
            'id' => 'required',
            'key' => 'required|in:unlisted,auto_cw,banned',
-            'value' => 'required'
+            'value' => 'required',
        ]);

        $id = $request->input('id');
@ -773,7 +785,7 @@ class AdminApiController extends Controller

    public function refreshInstanceStats(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin == 1, 404);
        abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -793,51 +805,51 @@ class AdminApiController extends Controller

    public function getAllStats(Request $request)
    {
-        abort_if(!$request->user() || !$request->user()->token(), 404);
+        abort_if(! $request->user() || ! $request->user()->token(), 404);

        abort_unless($request->user()->is_admin === 1, 404);
        abort_unless($request->user()->tokenCan('admin:read'), 404);

-        if($request->has('refresh')) {
+        if ($request->has('refresh')) {
            Cache::forget('admin-api:instance-all-stats-v1');
        }

-        return Cache::remember('admin-api:instance-all-stats-v1', 1209600, function() {
+        return Cache::remember('admin-api:instance-all-stats-v1', 1209600, function () {
            $days = range(1, 7);
            $res = [
                'cached_at' => now()->format('c'),
            ];
            $minStatusId = SnowflakeService::byDate(now()->subDays(7));

-            foreach($days as $day) {
+            foreach ($days as $day) {
                $label = now()->subDays($day)->format('D');
                $labelShort = substr($label, 0, 1);
                $res['users']['days'][] = [
                    'date' => now()->subDays($day)->format('M j Y'),
                    'label_full' => $label,
                    'label' => $labelShort,
-                    'count' => User::whereDate('created_at', now()->subDays($day))->count()
+                    'count' => User::whereDate('created_at', now()->subDays($day))->count(),
                ];

                $res['posts']['days'][] = [
                    'date' => now()->subDays($day)->format('M j Y'),
                    'label_full' => $label,
                    'label' => $labelShort,
-                    'count' => Status::whereNull('uri')->where('id', '>', $minStatusId)->whereDate('created_at', now()->subDays($day))->count()
+                    'count' => Status::whereNull('uri')->where('id', '>', $minStatusId)->whereDate('created_at', now()->subDays($day))->count(),
                ];

                $res['instances']['days'][] = [
                    'date' => now()->subDays($day)->format('M j Y'),
                    'label_full' => $label,
                    'label' => $labelShort,
-                    'count' => Instance::whereDate('created_at', now()->subDays($day))->count()
+                    'count' => Instance::whereDate('created_at', now()->subDays($day))->count(),
                ];
            }

            $res['users']['total'] = DB::table('users')->count();
            $res['users']['min'] = collect($res['users']['days'])->min('count');
            $res['users']['max'] = collect($res['users']['days'])->max('count');
-            $res['users']['change'] = collect($res['users']['days'])->sum('count');;
+            $res['users']['change'] = collect($res['users']['days'])->sum('count');
            $res['posts']['total'] = DB::table('statuses')->whereNull('uri')->count();
            $res['posts']['min'] = collect($res['posts']['days'])->min('count');
            $res['posts']['max'] = collect($res['posts']['days'])->max('count');
--- a/app/Http/Controllers/Api/ApiV1Controller.php
+++ b/app/Http/Controllers/Api/ApiV1Controller.php
@ -3805,11 +3805,11 @@ class ApiV1Controller extends Controller
                        return false;
                    }
                }
-                if ($i['visibility'] === 'private') {
-                    if ((int) $i['account']['id'] !== $pid) {
-                        return FollowerService::follows($pid, $i['account']['id'], true);
-                    }
-                }
+                // if ($i['visibility'] === 'private') {
+                //     if ((int) $i['account']['id'] !== $pid) {
+                //         return FollowerService::follows($pid, $i['account']['id'], true);
+                //     }
+                // }
                if ($onlyMedia == true) {
                    if (! isset($i['media_attachments']) || ! count($i['media_attachments'])) {
                        return false;
--- a/app/Http/Resources/AdminUser.php
+++ b/app/Http/Resources/AdminUser.php
@ -2,8 +2,8 @@

 namespace App\Http\Resources;

-use Illuminate\Http\Resources\Json\JsonResource;
 use App\Services\AccountService;
+use Illuminate\Http\Resources\Json\JsonResource;

 class AdminUser extends JsonResource
 {
@ -18,8 +18,8 @@ class AdminUser extends JsonResource
        $account = AccountService::get($this->profile_id, true);

        $res = [
-            'id' => $this->id,
-            'profile_id' => $this->profile_id,
+            'id' => (string) $this->id,
+            'profile_id' => (string) $this->profile_id,
            'name' => $this->name,
            'username' => $this->username,
            'is_admin' => (bool) $this->is_admin,
@ -28,17 +28,18 @@ class AdminUser extends JsonResource
            'two_factor_enabled' => (bool) $this->{'2fa_enabled'},
            'register_source' => $this->register_source,
            'app_register_ip' => $this->app_register_ip,
+            'has_interstitial' => (bool) $this->has_interstitial,
            'last_active_at' => $this->last_active_at,
            'created_at' => $this->created_at,
        ];

-        if($account) {
+        if ($account) {
            $res['avatar'] = $account['avatar'];
            $res['bio'] = $account['note_text'];
-            $res['statuses_count'] = $account['statuses_count'];
-            $res['following_count'] = $account['following_count'];
-            $res['followers_count'] = $account['followers_count'];
-            $res['is_private'] = $account['locked'];
+            $res['statuses_count'] = (int) $account['statuses_count'];
+            $res['following_count'] = (int) $account['following_count'];
+            $res['followers_count'] = (int) $account['followers_count'];
+            $res['is_private'] = (bool) $account['locked'];
        }

        return $res;
--- a/app/Jobs/StatusPipeline/RemoteStatusDelete.php
+++ b/app/Jobs/StatusPipeline/RemoteStatusDelete.php
@ -109,7 +109,7 @@ class RemoteStatusDelete implements ShouldQueue, ShouldBeUniqueUntilProcessing
        }

        StatusService::del($status->id, true);
-        AccountStatService::decrementPostCount($status->profile_id);
+        // AccountStatService::decrementPostCount($status->profile_id);
        return $this->unlinkRemoveMedia($status);
    }

@ -176,11 +176,11 @@ class RemoteStatusDelete implements ShouldQueue, ShouldBeUniqueUntilProcessing
        StatusView::whereStatusId($status->id)->delete();
        Status::whereInReplyToId($status->id)->update(['in_reply_to_id' => null]);

-        $status->delete();
-
        StatusService::del($status->id, true);
        AccountService::del($status->profile_id);

+        $status->forceDelete();
+
        return 1;
    }
 }
--- a/app/User.php
+++ b/app/User.php
@ -8,10 +8,13 @@ use Illuminate\Database\Eloquent\SoftDeletes;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use App\Util\RateLimit\User as UserRateLimit;
 use App\Services\AvatarService;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use NotificationChannels\WebPush\HasPushSubscriptions;
+use NotificationChannels\Expo\ExpoPushToken;

 class User extends Authenticatable
 {
-    use Notifiable, SoftDeletes, HasApiTokens, UserRateLimit;
+    use Notifiable, SoftDeletes, HasApiTokens, UserRateLimit, HasFactory, HasPushSubscriptions;

    /**
     * The attributes that should be mutated to dates.
@ -23,6 +26,7 @@ class User extends Authenticatable
        'email_verified_at' => 'datetime',
        '2fa_setup_at' => 'datetime',
        'last_active_at' => 'datetime',
+        'expo_token' => ExpoPushToken::class
    ];

    /**
@ -115,4 +119,8 @@ class User extends Authenticatable
        return AvatarService::get($this->profile_id);
    }

+    public function routeNotificationForExpo(): ?ExpoPushToken
+    {
+        return $this->expo_token;
+    }
 }
--- a/composer.json
+++ b/composer.json
@ -19,6 +19,7 @@
 		"doctrine/dbal": "^3.0",
 		"intervention/image": "^2.4",
 		"jenssegers/agent": "^2.6",
+		"laravel-notification-channels/expo": "^1.3.0|^2.0",
 		"laravel-notification-channels/webpush": "^8.0",
 		"laravel/framework": "^11.0",
 		"laravel/helpers": "^1.1",
--- a/composer.lock
+++ b/composer.lock
--- a/config/horizon.php
+++ b/config/horizon.php
@ -90,6 +90,7 @@ return [
        'redis:story' => 30,
        'redis:mmo' => 30,
        'redis:intbg' => 30,
+        'redis:adelete' => 30,
        'redis:groups' => 30,
    ],

@ -174,7 +175,7 @@ return [
        'production' => [
            'supervisor-1' => [
                'connection'    => 'redis',
-                'queue'         => ['high', 'default', 'follow', 'shared', 'inbox', 'feed', 'low', 'story', 'delete', 'mmo', 'intbg', 'groups'],
+                'queue'         => ['high', 'default', 'follow', 'shared', 'inbox', 'feed', 'low', 'story', 'delete', 'mmo', 'intbg', 'groups', 'adelete'],
                'balance'       => env('HORIZON_BALANCE_STRATEGY', 'auto'),
                'minProcesses'  => env('HORIZON_MIN_PROCESSES', 1),
                'maxProcesses'  => env('HORIZON_MAX_PROCESSES', 20),
@ -188,7 +189,7 @@ return [
        'local' => [
            'supervisor-1' => [
                'connection'    => 'redis',
-                'queue'         => ['high', 'default', 'follow', 'shared', 'inbox', 'feed', 'low', 'story', 'delete', 'mmo', 'intbg', 'groups'],
+                'queue'         => ['high', 'default', 'follow', 'shared', 'inbox', 'feed', 'low', 'story', 'delete', 'mmo', 'intbg', 'groups', 'adelete'],
                'balance'       => 'auto',
                'minProcesses' => 1,
                'maxProcesses'  => 20,
--- a/config/instance.php
+++ b/config/instance.php
@ -36,7 +36,7 @@ return [
        'network' => [
            'cached' => env('PF_NETWORK_TIMELINE') ? env('INSTANCE_NETWORK_TIMELINE_CACHED', false) : false,
            'cache_dropoff' => env('INSTANCE_NETWORK_TIMELINE_CACHE_DROPOFF', 100),
-            'max_hours_old' => env('INSTANCE_NETWORK_TIMELINE_CACHE_MAX_HOUR_INGEST', 6),
+            'max_hours_old' => env('INSTANCE_NETWORK_TIMELINE_CACHE_MAX_HOUR_INGEST', 2160),
        ],
    ],

--- a/config/services.php
+++ b/config/services.php
@ -35,4 +35,7 @@ return [
        'secret' => env('STRIPE_SECRET'),
    ],

+    'expo' => [
+        'access_token' => env('EXPO_ACCESS_TOKEN'),
+    ],
 ];
--- a/database/migrations/2024_07_22_065800_add_expo_token_to_users_table.php
+++ b/database/migrations/2024_07_22_065800_add_expo_token_to_users_table.php
@ -0,0 +1,36 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->string('expo_token')->nullable();
+            $table->boolean('notify_like')->default(true);
+            $table->boolean('notify_follow')->default(true);
+            $table->boolean('notify_mention')->default(true);
+            $table->boolean('notify_comment')->default(true);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->dropColumn('expo_token');
+            $table->dropColumn('notify_like');
+            $table->dropColumn('notify_follow');
+            $table->dropColumn('notify_mention');
+            $table->dropColumn('notify_comment');
+        });
+    }
+};