UA-Fediland/pixelfed
2
0
Fork 0
mirror of https://github.com/pixelfed/pixelfed.git synced 2024-09-19 15:58:02 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update AdminApiController

Browse source
This commit is contained in:
Daniel Supernault 2024-07-17 04:17:47 -06:00
parent 0aafb863e8
commit a9f24f85da
No known key found for this signature in database
GPG key ID: 23740873EE6F76A1
1 changed files with 147 additions and 138 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

285
app/Http/Controllers/Api/AdminApiController.php
View file

@ -2,45 +2,40 @@
namespace App\Http\Controllers\Api; namespace App\Http\Controllers\Api;
use Illuminate\Http\Request; use App\AccountInterstitial;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Resources\AdminInstance;
use App\Http\Resources\AdminUser;
use App\Instance;
use App\Jobs\DeletePipeline\DeleteAccountPipeline;
use App\Jobs\DeletePipeline\DeleteRemoteProfilePipeline;
use App\Jobs\StatusPipeline\StatusDelete; use App\Jobs\StatusPipeline\StatusDelete;
use Auth, Cache, DB;
use Carbon\Carbon;
use App\{
AccountInterstitial,
Instance,
Like,
Notification,
Media,
Profile,
Report,
Status,
User
};
use App\Models\Conversation; use App\Models\Conversation;
use App\Models\RemoteReport; use App\Models\RemoteReport;
use App\Notification;
use App\Profile;
use App\Report;
use App\Services\AccountService; use App\Services\AccountService;
use App\Services\AdminStatsService; use App\Services\AdminStatsService;
use App\Services\ConfigCacheService; use App\Services\ConfigCacheService;
use App\Services\InstanceService; use App\Services\InstanceService;
use App\Services\ModLogService; use App\Services\ModLogService;
use App\Services\SnowflakeService;
use App\Services\StatusService;
use App\Services\PublicTimelineService;
use App\Services\NetworkTimelineService; use App\Services\NetworkTimelineService;
use App\Services\NotificationService; use App\Services\NotificationService;
use App\Http\Resources\AdminInstance; use App\Services\PublicTimelineService;
use App\Http\Resources\AdminUser; use App\Services\SnowflakeService;
use App\Jobs\DeletePipeline\DeleteAccountPipeline; use App\Services\StatusService;
use App\Jobs\DeletePipeline\DeleteRemoteProfilePipeline; use App\Status;
use App\Jobs\DeletePipeline\DeleteRemoteStatusPipeline; use App\User;
use Cache;
use DB;
use Illuminate\Http\Request;
class AdminApiController extends Controller class AdminApiController extends Controller
{ {
public function supported(Request $request) public function supported(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -50,7 +45,7 @@ class AdminApiController extends Controller
public function getStats(Request $request) public function getStats(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -59,12 +54,13 @@ class AdminApiController extends Controller
$res['autospam_count'] = AccountInterstitial::whereType('post.autospam') $res['autospam_count'] = AccountInterstitial::whereType('post.autospam')
->whereNull('appeal_handled_at') ->whereNull('appeal_handled_at')
->count(); ->count();
return $res; return $res;
} }
public function autospam(Request $request) public function autospam(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -73,26 +69,27 @@ class AdminApiController extends Controller
->whereNull('appeal_handled_at') ->whereNull('appeal_handled_at')
->latest() ->latest()
->simplePaginate(6) ->simplePaginate(6)
->map(function($report) { ->map(function ($report) {
$r = [ $r = [
'id' => $report->id, 'id' => $report->id,
'type' => $report->type, 'type' => $report->type,
'item_id' => $report->item_id, 'item_id' => $report->item_id,
'item_type' => $report->item_type, 'item_type' => $report->item_type,
'created_at' => $report->created_at 'created_at' => $report->created_at,
]; ];
if($report->item_type === 'App\\Status') { if ($report->item_type === 'App\\Status') {
$status = StatusService::get($report->item_id, false); $status = StatusService::get($report->item_id, false);
if(!$status) { if (! $status) {
return; return;
} }
$r['status'] = $status; $r['status'] = $status;
if($status['in_reply_to_id']) { if ($status['in_reply_to_id']) {
$r['parent'] = StatusService::get($status['in_reply_to_id'], false); $r['parent'] = StatusService::get($status['in_reply_to_id'], false);
} }
} }
return $r; return $r;
}); });
@ -101,14 +98,14 @@ class AdminApiController extends Controller
public function autospamHandle(Request $request) public function autospamHandle(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:write'), 404); abort_unless($request->user()->tokenCan('admin:write'), 404);
$this->validate($request, [ $this->validate($request, [
'action' => 'required|in:dismiss,approve,dismiss-all,approve-all,delete-post,delete-account', 'action' => 'required|in:dismiss,approve,dismiss-all,approve-all,delete-post,delete-account',
'id' => 'required' 'id' => 'required',
]); ]);
$action = $request->input('action'); $action = $request->input('action');
@ -122,18 +119,19 @@ class AdminApiController extends Controller
$user = $appeal->user; $user = $appeal->user;
$profile = $user->profile; $profile = $user->profile;
if($action == 'dismiss') { if ($action == 'dismiss') {
$appeal->is_spam = true; $appeal->is_spam = true;
$appeal->appeal_handled_at = $now; $appeal->appeal_handled_at = $now;
$appeal->save(); $appeal->save();
Cache::forget('pf:bouncer_v0:exemption_by_pid:' . $profile->id); Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$profile->id);
Cache::forget('pf:bouncer_v0:recent_by_pid:' . $profile->id); Cache::forget('pf:bouncer_v0:recent_by_pid:'.$profile->id);
Cache::forget('admin-dash:reports:spam-count'); Cache::forget('admin-dash:reports:spam-count');
return $res; return $res;
} }
if($action == 'delete-post') { if ($action == 'delete-post') {
$appeal->appeal_handled_at = now(); $appeal->appeal_handled_at = now();
$appeal->is_spam = true; $appeal->is_spam = true;
$appeal->save(); $appeal->save();
@ -148,10 +146,11 @@ class AdminApiController extends Controller
PublicTimelineService::deleteByProfileId($profile->id); PublicTimelineService::deleteByProfileId($profile->id);
StatusDelete::dispatch($appeal->status)->onQueue('high'); StatusDelete::dispatch($appeal->status)->onQueue('high');
Cache::forget('admin-dash:reports:spam-count'); Cache::forget('admin-dash:reports:spam-count');
return $res; return $res;
} }
if($action == 'delete-account') { if ($action == 'delete-account') {
abort_if($user->is_admin, 400, 'Cannot delete an admin account.'); abort_if($user->is_admin, 400, 'Cannot delete an admin account.');
$appeal->appeal_handled_at = now(); $appeal->appeal_handled_at = now();
$appeal->is_spam = true; $appeal->is_spam = true;
@ -167,22 +166,24 @@ class AdminApiController extends Controller
PublicTimelineService::deleteByProfileId($profile->id); PublicTimelineService::deleteByProfileId($profile->id);
DeleteAccountPipeline::dispatch($appeal->user)->onQueue('high'); DeleteAccountPipeline::dispatch($appeal->user)->onQueue('high');
Cache::forget('admin-dash:reports:spam-count'); Cache::forget('admin-dash:reports:spam-count');
return $res; return $res;
} }
if($action == 'dismiss-all') { if ($action == 'dismiss-all') {
AccountInterstitial::whereType('post.autospam') AccountInterstitial::whereType('post.autospam')
->whereItemType('App\Status') ->whereItemType('App\Status')
->whereNull('appeal_handled_at') ->whereNull('appeal_handled_at')
->whereUserId($appeal->user_id) ->whereUserId($appeal->user_id)
->update(['appeal_handled_at' => $now, 'is_spam' => true]); ->update(['appeal_handled_at' => $now, 'is_spam' => true]);
Cache::forget('pf:bouncer_v0:exemption_by_pid:' . $appeal->user->profile_id); Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
Cache::forget('pf:bouncer_v0:recent_by_pid:' . $appeal->user->profile_id); Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
Cache::forget('admin-dash:reports:spam-count'); Cache::forget('admin-dash:reports:spam-count');
return $res; return $res;
} }
if($action == 'approve') { if ($action == 'approve') {
$status = $appeal->status; $status = $appeal->status;
$status->is_nsfw = $meta->is_nsfw; $status->is_nsfw = $meta->is_nsfw;
$status->scope = 'public'; $status->scope = 'public';
@ -198,29 +199,30 @@ class AdminApiController extends Controller
Notification::whereAction('autospam.warning') Notification::whereAction('autospam.warning')
->whereProfileId($appeal->user->profile_id) ->whereProfileId($appeal->user->profile_id)
->get() ->get()
->each(function($n) use($appeal) { ->each(function ($n) use ($appeal) {
NotificationService::del($appeal->user->profile_id, $n->id); NotificationService::del($appeal->user->profile_id, $n->id);
$n->forceDelete(); $n->forceDelete();
}); });
Cache::forget('pf:bouncer_v0:exemption_by_pid:' . $appeal->user->profile_id); Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
Cache::forget('pf:bouncer_v0:recent_by_pid:' . $appeal->user->profile_id); Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
Cache::forget('admin-dash:reports:spam-count'); Cache::forget('admin-dash:reports:spam-count');
return $res; return $res;
} }
if($action == 'approve-all') { if ($action == 'approve-all') {
AccountInterstitial::whereType('post.autospam') AccountInterstitial::whereType('post.autospam')
->whereItemType('App\Status') ->whereItemType('App\Status')
->whereNull('appeal_handled_at') ->whereNull('appeal_handled_at')
->whereUserId($appeal->user_id) ->whereUserId($appeal->user_id)
->get() ->get()
->each(function($report) use($meta) { ->each(function ($report) use ($meta) {
$report->is_spam = false; $report->is_spam = false;
$report->appeal_handled_at = now(); $report->appeal_handled_at = now();
$report->save(); $report->save();
$status = Status::find($report->item_id); $status = Status::find($report->item_id);
if($status) { if ($status) {
$status->is_nsfw = $meta->is_nsfw; $status->is_nsfw = $meta->is_nsfw;
$status->scope = 'public'; $status->scope = 'public';
$status->visibility = 'public'; $status->visibility = 'public';
@ -231,14 +233,15 @@ class AdminApiController extends Controller
Notification::whereAction('autospam.warning') Notification::whereAction('autospam.warning')
->whereProfileId($report->user->profile_id) ->whereProfileId($report->user->profile_id)
->get() ->get()
->each(function($n) use($report) { ->each(function ($n) use ($report) {
NotificationService::del($report->user->profile_id, $n->id); NotificationService::del($report->user->profile_id, $n->id);
$n->forceDelete(); $n->forceDelete();
}); });
}); });
Cache::forget('pf:bouncer_v0:exemption_by_pid:' . $appeal->user->profile_id); Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
Cache::forget('pf:bouncer_v0:recent_by_pid:' . $appeal->user->profile_id); Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
Cache::forget('admin-dash:reports:spam-count'); Cache::forget('admin-dash:reports:spam-count');
return $res; return $res;
} }
@ -247,47 +250,48 @@ class AdminApiController extends Controller
public function modReports(Request $request) public function modReports(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
$reports = Report::whereNull('admin_seen') $reports = Report::whereNull('admin_seen')
->orderBy('created_at','desc') ->orderBy('created_at', 'desc')
->paginate(6) ->paginate(6)
->map(function($report) { ->map(function ($report) {
$r = [ $r = [
'id' => $report->id, 'id' => $report->id,
'type' => $report->type, 'type' => $report->type,
'message' => $report->message, 'message' => $report->message,
'object_id' => $report->object_id, 'object_id' => $report->object_id,
'object_type' => $report->object_type, 'object_type' => $report->object_type,
'created_at' => $report->created_at 'created_at' => $report->created_at,
]; ];
if($report->profile_id) { if ($report->profile_id) {
$r['reported_by_account'] = AccountService::get($report->profile_id, true); $r['reported_by_account'] = AccountService::get($report->profile_id, true);
} }
if($report->object_type === 'App\\Status') { if ($report->object_type === 'App\\Status') {
$status = StatusService::get($report->object_id, false); $status = StatusService::get($report->object_id, false);
if(!$status) { if (! $status) {
return; return;
} }
$r['status'] = $status; $r['status'] = $status;
if(isset($status['in_reply_to_id'])) { if (isset($status['in_reply_to_id'])) {
$r['parent'] = StatusService::get($status['in_reply_to_id'], false); $r['parent'] = StatusService::get($status['in_reply_to_id'], false);
} }
} }
if($report->object_type === 'App\\Profile') { if ($report->object_type === 'App\\Profile') {
$acct = AccountService::get($report->object_id, false); $acct = AccountService::get($report->object_id, true);
if($acct) { if ($acct) {
$r['account'] = $acct; $r['account'] = $acct;
} }
} }
return $r; return $r;
}) })
->filter() ->filter()
@ -298,14 +302,14 @@ class AdminApiController extends Controller
public function modReportHandle(Request $request) public function modReportHandle(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:write'), 404); abort_unless($request->user()->tokenCan('admin:write'), 404);
$this->validate($request, [ $this->validate($request, [
'action' => 'required|string', 'action' => 'required|string',
'id' => 'required' 'id' => 'required',
]); ]);
$action = $request->input('action'); $action = $request->input('action');
@ -314,10 +318,10 @@ class AdminApiController extends Controller
$actions = [ $actions = [
'ignore', 'ignore',
'cw', 'cw',
'unlist' 'unlist',
]; ];
if (!in_array($action, $actions)) { if (! in_array($action, $actions)) {
return abort(403); return abort(403);
} }
@ -358,7 +362,7 @@ class AdminApiController extends Controller
public function getConfiguration(Request $request) public function getConfiguration(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -369,42 +373,43 @@ class AdminApiController extends Controller
[ [
'name' => 'ActivityPub Federation', 'name' => 'ActivityPub Federation',
'description' => 'Enable activitypub federation support, compatible with Pixelfed, Mastodon and other platforms.', 'description' => 'Enable activitypub federation support, compatible with Pixelfed, Mastodon and other platforms.',
'key' => 'federation.activitypub.enabled' 'key' => 'federation.activitypub.enabled',
], ],
[ [
'name' => 'Open Registration', 'name' => 'Open Registration',
'description' => 'Allow new account registrations.', 'description' => 'Allow new account registrations.',
'key' => 'pixelfed.open_registration' 'key' => 'pixelfed.open_registration',
], ],
[ [
'name' => 'Stories', 'name' => 'Stories',
'description' => 'Enable the ephemeral Stories feature.', 'description' => 'Enable the ephemeral Stories feature.',
'key' => 'instance.stories.enabled' 'key' => 'instance.stories.enabled',
], ],
[ [
'name' => 'Require Email Verification', 'name' => 'Require Email Verification',
'description' => 'Require new accounts to verify their email address.', 'description' => 'Require new accounts to verify their email address.',
'key' => 'pixelfed.enforce_email_verification' 'key' => 'pixelfed.enforce_email_verification',
], ],
[ [
'name' => 'AutoSpam Detection', 'name' => 'AutoSpam Detection',
'description' => 'Detect and remove spam from public timelines.', 'description' => 'Detect and remove spam from public timelines.',
'key' => 'pixelfed.bouncer.enabled' 'key' => 'pixelfed.bouncer.enabled',
], ],
]) ])
->map(function($s) { ->map(function ($s) {
$s['state'] = (bool) config_cache($s['key']); $s['state'] = (bool) config_cache($s['key']);
return $s;
}); return $s;
});
} }
public function updateConfiguration(Request $request) public function updateConfiguration(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:write'), 404); abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -413,7 +418,7 @@ class AdminApiController extends Controller
$this->validate($request, [ $this->validate($request, [
'key' => 'required', 'key' => 'required',
'value' => 'required' 'value' => 'required',
]); ]);
$allowedKeys = [ $allowedKeys = [
@ -426,50 +431,51 @@ class AdminApiController extends Controller
$key = $request->input('key'); $key = $request->input('key');
$value = (bool) filter_var($request->input('value'), FILTER_VALIDATE_BOOLEAN); $value = (bool) filter_var($request->input('value'), FILTER_VALIDATE_BOOLEAN);
abort_if(!in_array($key, $allowedKeys), 400, 'Invalid cache key.'); abort_if(! in_array($key, $allowedKeys), 400, 'Invalid cache key.');
ConfigCacheService::put($key, $value); ConfigCacheService::put($key, $value);
return collect([ return collect([
[ [
'name' => 'ActivityPub Federation', 'name' => 'ActivityPub Federation',
'description' => 'Enable activitypub federation support, compatible with Pixelfed, Mastodon and other platforms.', 'description' => 'Enable activitypub federation support, compatible with Pixelfed, Mastodon and other platforms.',
'key' => 'federation.activitypub.enabled' 'key' => 'federation.activitypub.enabled',
], ],
[ [
'name' => 'Open Registration', 'name' => 'Open Registration',
'description' => 'Allow new account registrations.', 'description' => 'Allow new account registrations.',
'key' => 'pixelfed.open_registration' 'key' => 'pixelfed.open_registration',
], ],
[ [
'name' => 'Stories', 'name' => 'Stories',
'description' => 'Enable the ephemeral Stories feature.', 'description' => 'Enable the ephemeral Stories feature.',
'key' => 'instance.stories.enabled' 'key' => 'instance.stories.enabled',
], ],
[ [
'name' => 'Require Email Verification', 'name' => 'Require Email Verification',
'description' => 'Require new accounts to verify their email address.', 'description' => 'Require new accounts to verify their email address.',
'key' => 'pixelfed.enforce_email_verification' 'key' => 'pixelfed.enforce_email_verification',
], ],
[ [
'name' => 'AutoSpam Detection', 'name' => 'AutoSpam Detection',
'description' => 'Detect and remove spam from public timelines.', 'description' => 'Detect and remove spam from public timelines.',
'key' => 'pixelfed.bouncer.enabled' 'key' => 'pixelfed.bouncer.enabled',
], ],
]) ])
->map(function($s) { ->map(function ($s) {
$s['state'] = (bool) config_cache($s['key']); $s['state'] = (bool) config_cache($s['key']);
return $s;
}); return $s;
});
} }
public function getUsers(Request $request) public function getUsers(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -480,27 +486,29 @@ class AdminApiController extends Controller
$q = $request->input('q'); $q = $request->input('q');
$sort = $request->input('sort', 'desc') === 'asc' ? 'asc' : 'desc'; $sort = $request->input('sort', 'desc') === 'asc' ? 'asc' : 'desc';
$res = User::whereNull('status') $res = User::whereNull('status')
->when($q, function($query, $q) { ->when($q, function ($query, $q) {
return $query->where('username', 'like', '%' . $q . '%'); return $query->where('username', 'like', '%'.$q.'%');
}) })
->orderBy('id', $sort) ->orderBy('id', $sort)
->cursorPaginate(10); ->cursorPaginate(10);
return AdminUser::collection($res); return AdminUser::collection($res);
} }
public function getUser(Request $request) public function getUser(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
$id = $request->input('user_id'); $id = $request->input('user_id');
$key = 'pf-admin-api:getUser:byId:' . $id; $key = 'pf-admin-api:getUser:byId:'.$id;
if($request->has('refresh')) { if ($request->has('refresh')) {
Cache::forget($key); Cache::forget($key);
} }
return Cache::remember($key, 86400, function() use($id) {
return Cache::remember($key, 86400, function () use ($id) {
$user = User::findOrFail($id); $user = User::findOrFail($id);
$profile = $user->profile; $profile = $user->profile;
$account = AccountService::get($user->profile_id, true); $account = AccountService::get($user->profile_id, true);
@ -513,8 +521,8 @@ class AdminApiController extends Controller
'moderation' => [ 'moderation' => [
'unlisted' => (bool) $profile->unlisted, 'unlisted' => (bool) $profile->unlisted,
'cw' => (bool) $profile->cw, 'cw' => (bool) $profile->cw,
'no_autolink' => (bool) $profile->no_autolink 'no_autolink' => (bool) $profile->no_autolink,
] ],
]]); ]]);
return $res; return $res;
@ -523,7 +531,7 @@ class AdminApiController extends Controller
public function userAdminAction(Request $request) public function userAdminAction(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:write'), 404); abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -531,7 +539,7 @@ class AdminApiController extends Controller
$this->validate($request, [ $this->validate($request, [
'id' => 'required', 'id' => 'required',
'action' => 'required|in:unlisted,cw,no_autolink,refresh_stats,verify_email,delete', 'action' => 'required|in:unlisted,cw,no_autolink,refresh_stats,verify_email,delete',
'value' => 'sometimes' 'value' => 'sometimes',
]); ]);
$id = $request->input('id'); $id = $request->input('id');
@ -541,8 +549,8 @@ class AdminApiController extends Controller
abort_if($user->is_admin == true && $action !== 'refresh_stats', 400, 'Cannot moderate admin accounts'); abort_if($user->is_admin == true && $action !== 'refresh_stats', 400, 'Cannot moderate admin accounts');
if($action === 'delete') { if ($action === 'delete') {
if(config('pixelfed.account_deletion') == false) { if (config('pixelfed.account_deletion') == false) {
abort(404); abort(404);
} }
@ -570,7 +578,7 @@ class AdminApiController extends Controller
PublicTimelineService::deleteByProfileId($profile->id); PublicTimelineService::deleteByProfileId($profile->id);
NetworkTimelineService::deleteByProfileId($profile->id); NetworkTimelineService::deleteByProfileId($profile->id);
if($profile->user_id) { if ($profile->user_id) {
DB::table('oauth_access_tokens')->whereUserId($user->id)->delete(); DB::table('oauth_access_tokens')->whereUserId($user->id)->delete();
DB::table('oauth_auth_codes')->whereUserId($user->id)->delete(); DB::table('oauth_auth_codes')->whereUserId($user->id)->delete();
$user->email = $user->id; $user->email = $user->id;
@ -589,11 +597,12 @@ class AdminApiController extends Controller
AccountService::del($profile->id); AccountService::del($profile->id);
DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('high'); DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('high');
} }
return [ return [
'status' => 200, 'status' => 200,
'msg' => 'deleted', 'msg' => 'deleted',
]; ];
} else if($action === 'refresh_stats') { } elseif ($action === 'refresh_stats') {
$profile->following_count = DB::table('followers')->whereProfileId($user->profile_id)->count(); $profile->following_count = DB::table('followers')->whereProfileId($user->profile_id)->count();
$profile->followers_count = DB::table('followers')->whereFollowingId($user->profile_id)->count(); $profile->followers_count = DB::table('followers')->whereFollowingId($user->profile_id)->count();
$statusCount = Status::whereProfileId($user->profile_id) $statusCount = Status::whereProfileId($user->profile_id)
@ -603,7 +612,7 @@ class AdminApiController extends Controller
->count(); ->count();
$profile->status_count = $statusCount; $profile->status_count = $statusCount;
$profile->save(); $profile->save();
} else if($action === 'verify_email') { } elseif ($action === 'verify_email') {
$user->email_verified_at = now(); $user->email_verified_at = now();
$user->save(); $user->save();
@ -615,11 +624,11 @@ class AdminApiController extends Controller
->action('admin.user.moderate') ->action('admin.user.moderate')
->metadata([ ->metadata([
'action' => 'Manually verified email address', 'action' => 'Manually verified email address',
'message' => 'Success!' 'message' => 'Success!',
]) ])
->accessLevel('admin') ->accessLevel('admin')
->save(); ->save();
} else if($action === 'unlisted') { } elseif ($action === 'unlisted') {
ModLogService::boot() ModLogService::boot()
->objectUid($profile->id) ->objectUid($profile->id)
->objectId($profile->id) ->objectId($profile->id)
@ -628,13 +637,13 @@ class AdminApiController extends Controller
->action('admin.user.moderate') ->action('admin.user.moderate')
->metadata([ ->metadata([
'action' => $action, 'action' => $action,
'message' => 'Success!' 'message' => 'Success!',
]) ])
->accessLevel('admin') ->accessLevel('admin')
->save(); ->save();
$profile->unlisted = !$profile->unlisted; $profile->unlisted = ! $profile->unlisted;
$profile->save(); $profile->save();
} else if($action === 'cw') { } elseif ($action === 'cw') {
ModLogService::boot() ModLogService::boot()
->objectUid($profile->id) ->objectUid($profile->id)
->objectId($profile->id) ->objectId($profile->id)
@ -643,13 +652,13 @@ class AdminApiController extends Controller
->action('admin.user.moderate') ->action('admin.user.moderate')
->metadata([ ->metadata([
'action' => $action, 'action' => $action,
'message' => 'Success!' 'message' => 'Success!',
]) ])
->accessLevel('admin') ->accessLevel('admin')
->save(); ->save();
$profile->cw = !$profile->cw; $profile->cw = ! $profile->cw;
$profile->save(); $profile->save();
} else if($action === 'no_autolink') { } elseif ($action === 'no_autolink') {
ModLogService::boot() ModLogService::boot()
->objectUid($profile->id) ->objectUid($profile->id)
->objectId($profile->id) ->objectId($profile->id)
@ -658,11 +667,11 @@ class AdminApiController extends Controller
->action('admin.user.moderate') ->action('admin.user.moderate')
->metadata([ ->metadata([
'action' => $action, 'action' => $action,
'message' => 'Success!' 'message' => 'Success!',
]) ])
->accessLevel('admin') ->accessLevel('admin')
->save(); ->save();
$profile->no_autolink = !$profile->no_autolink; $profile->no_autolink = ! $profile->no_autolink;
$profile->save(); $profile->save();
} else { } else {
$profile->{$action} = filter_var($request->input('value'), FILTER_VALIDATE_BOOLEAN); $profile->{$action} = filter_var($request->input('value'), FILTER_VALIDATE_BOOLEAN);
@ -676,7 +685,7 @@ class AdminApiController extends Controller
->action('admin.user.moderate') ->action('admin.user.moderate')
->metadata([ ->metadata([
'action' => $action, 'action' => $action,
'message' => 'Success!' 'message' => 'Success!',
]) ])
->accessLevel('admin') ->accessLevel('admin')
->save(); ->save();
@ -690,14 +699,14 @@ class AdminApiController extends Controller
'moderation' => [ 'moderation' => [
'unlisted' => (bool) $profile->unlisted, 'unlisted' => (bool) $profile->unlisted,
'cw' => (bool) $profile->cw, 'cw' => (bool) $profile->cw,
'no_autolink' => (bool) $profile->no_autolink 'no_autolink' => (bool) $profile->no_autolink,
] ],
]]); ]]);
} }
public function instances(Request $request) public function instances(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:write'), 404); abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -714,19 +723,19 @@ class AdminApiController extends Controller
$sortBy = $request->input('sort_by', 'id'); $sortBy = $request->input('sort_by', 'id');
$filter = $request->input('filter'); $filter = $request->input('filter');
$res = Instance::when($q, function($query, $q) { $res = Instance::when($q, function ($query, $q) {
return $query->where('domain', 'like', '%' . $q . '%'); return $query->where('domain', 'like', '%'.$q.'%');
}) })
->when($filter, function($query, $filter) { ->when($filter, function ($query, $filter) {
if($filter === 'all') { if ($filter === 'all') {
return $query; return $query;
} else { } else {
return $query->where($filter, true); return $query->where($filter, true);
} }
}) })
->when($sortBy, function($query, $sortBy) use($sort) { ->when($sortBy, function ($query, $sortBy) use ($sort) {
return $query->orderBy($sortBy, $sort); return $query->orderBy($sortBy, $sort);
}, function($query) { }, function ($query) {
return $query->orderBy('id', 'desc'); return $query->orderBy('id', 'desc');
}) })
->cursorPaginate(10) ->cursorPaginate(10)
@ -737,7 +746,7 @@ class AdminApiController extends Controller
public function getInstance(Request $request) public function getInstance(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
@ -750,7 +759,7 @@ class AdminApiController extends Controller
public function moderateInstance(Request $request) public function moderateInstance(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:write'), 404); abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -758,7 +767,7 @@ class AdminApiController extends Controller
$this->validate($request, [ $this->validate($request, [
'id' => 'required', 'id' => 'required',
'key' => 'required|in:unlisted,auto_cw,banned', 'key' => 'required|in:unlisted,auto_cw,banned',
'value' => 'required' 'value' => 'required',
]); ]);
$id = $request->input('id'); $id = $request->input('id');
@ -776,7 +785,7 @@ class AdminApiController extends Controller
public function refreshInstanceStats(Request $request) public function refreshInstanceStats(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin == 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless($request->user()->tokenCan('admin:write'), 404); abort_unless($request->user()->tokenCan('admin:write'), 404);
@ -796,51 +805,51 @@ class AdminApiController extends Controller
public function getAllStats(Request $request) public function getAllStats(Request $request)
{ {
abort_if(!$request->user() || !$request->user()->token(), 404); abort_if(! $request->user() || ! $request->user()->token(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin === 1, 404);
abort_unless($request->user()->tokenCan('admin:read'), 404); abort_unless($request->user()->tokenCan('admin:read'), 404);
if($request->has('refresh')) { if ($request->has('refresh')) {
Cache::forget('admin-api:instance-all-stats-v1'); Cache::forget('admin-api:instance-all-stats-v1');
} }
return Cache::remember('admin-api:instance-all-stats-v1', 1209600, function() { return Cache::remember('admin-api:instance-all-stats-v1', 1209600, function () {
$days = range(1, 7); $days = range(1, 7);
$res = [ $res = [
'cached_at' => now()->format('c'), 'cached_at' => now()->format('c'),
]; ];
$minStatusId = SnowflakeService::byDate(now()->subDays(7)); $minStatusId = SnowflakeService::byDate(now()->subDays(7));
foreach($days as $day) { foreach ($days as $day) {
$label = now()->subDays($day)->format('D'); $label = now()->subDays($day)->format('D');
$labelShort = substr($label, 0, 1); $labelShort = substr($label, 0, 1);
$res['users']['days'][] = [ $res['users']['days'][] = [
'date' => now()->subDays($day)->format('M j Y'), 'date' => now()->subDays($day)->format('M j Y'),
'label_full' => $label, 'label_full' => $label,
'label' => $labelShort, 'label' => $labelShort,
'count' => User::whereDate('created_at', now()->subDays($day))->count() 'count' => User::whereDate('created_at', now()->subDays($day))->count(),
]; ];
$res['posts']['days'][] = [ $res['posts']['days'][] = [
'date' => now()->subDays($day)->format('M j Y'), 'date' => now()->subDays($day)->format('M j Y'),
'label_full' => $label, 'label_full' => $label,
'label' => $labelShort, 'label' => $labelShort,
'count' => Status::whereNull('uri')->where('id', '>', $minStatusId)->whereDate('created_at', now()->subDays($day))->count() 'count' => Status::whereNull('uri')->where('id', '>', $minStatusId)->whereDate('created_at', now()->subDays($day))->count(),
]; ];
$res['instances']['days'][] = [ $res['instances']['days'][] = [
'date' => now()->subDays($day)->format('M j Y'), 'date' => now()->subDays($day)->format('M j Y'),
'label_full' => $label, 'label_full' => $label,
'label' => $labelShort, 'label' => $labelShort,
'count' => Instance::whereDate('created_at', now()->subDays($day))->count() 'count' => Instance::whereDate('created_at', now()->subDays($day))->count(),
]; ];
} }
$res['users']['total'] = DB::table('users')->count(); $res['users']['total'] = DB::table('users')->count();
$res['users']['min'] = collect($res['users']['days'])->min('count'); $res['users']['min'] = collect($res['users']['days'])->min('count');
$res['users']['max'] = collect($res['users']['days'])->max('count'); $res['users']['max'] = collect($res['users']['days'])->max('count');
$res['users']['change'] = collect($res['users']['days'])->sum('count');; $res['users']['change'] = collect($res['users']['days'])->sum('count');
$res['posts']['total'] = DB::table('statuses')->whereNull('uri')->count(); $res['posts']['total'] = DB::table('statuses')->whereNull('uri')->count();
$res['posts']['min'] = collect($res['posts']['days'])->min('count'); $res['posts']['min'] = collect($res['posts']['days'])->min('count');
$res['posts']['max'] = collect($res['posts']['days'])->max('count'); $res['posts']['max'] = collect($res['posts']['days'])->max('count');