Merge pull request #1967 from pixelfed/staging

Bug fixes and Restricted Mode stuff

CHANGELOG.md

@@ -3,6 +3,7 @@
 ## [Unreleased](https://github.com/pixelfed/pixelfed/compare/v0.10.7...dev)
 ### Added
 - Added ```BANNED_USERNAMES``` .env var, an optional comma separated string to ban specific usernames from being used ([6cdd64c6](https://github.com/pixelfed/pixelfed/commit/6cdd64c6))
+- Added RestrictedAccess middleware for Restricted Mode ([17c1a83d](https://github.com/pixelfed/pixelfed/commit/17c1a83d))
 
 ### Fixed
 - Fixed Story Compose bug affecting postgres instances ([#1918](https://github.com/pixelfed/pixelfed/pull/1918))
@@ -19,6 +20,8 @@
 - Updated admin reports, fixed 404 bug ([dbd5c4cf](https://github.com/pixelfed/pixelfed/commit/dbd5c4cf))
 - Updated AdminController, abstracted dashboard stats to AdminStatsService ([41abe9d2](https://github.com/pixelfed/pixelfed/commit/41abe9d2))
 - Updated StoryCompose component, added upload progress page ([2de3c56f](https://github.com/pixelfed/pixelfed/commit/2de3c56f))
+- Updated instance config, cleanup and add restricted mode ([3be32597](https://github.com/pixelfed/pixelfed/commit/3be32597))
+- Update RelationshipSettings Controller, fixes #1605 ([4d2da2f1](https://github.com/pixelfed/pixelfed/commit/4d2da2f1))
 
 ### Changed
 

app/Http/Controllers/Settings/RelationshipSettings.php

@@ -22,7 +22,7 @@ trait RelationshipSettings
 			'mode' => 'nullable|string|in:following,followers,hashtags'
 		]);
 
-		$mode = $request->input('mode');
+		$mode = $request->input('mode') ?? 'followers';
 		$profile = Auth::user()->profile;
 
 		switch ($mode) {
@@ -37,10 +37,6 @@ trait RelationshipSettings
 			case 'hashtags':
 				$data = $profile->hashtagFollowing()->with('hashtag')->simplePaginate(10);
 				break;
-			
-			default:
-				$data = [];
-				break;
 		}
 
 		return view('settings.relationships.home', compact('profile', 'mode', 'data'));

app/Http/Middleware/RestrictedAccess.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Auth;
+
+class RestrictedAccess
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure                 $next
+     * @param string|null              $guard
+     *
+     * @return mixed
+     */
+    public function handle($request, Closure $next, $guard = null)
+    {
+        if(config('instance.restricted.enabled')) {
+            if (!Auth::guard($guard)->check()) {
+                $p = ['login', 'password*', 'loginAs*'];
+                if(!$request->is($p)) {
+                    return redirect('/login');
+                }
+            }
+        }
+
+        return $next($request);
+    }
+}

config/instance.php

@@ -3,10 +3,6 @@
 return [
 
 	'description' => env('INSTANCE_DESCRIPTION', null),
-	'announcement' => [
-		'enabled' => env('INSTANCE_ANNOUNCEMENT_ENABLED', false),
-		'message' => env('INSTANCE_ANNOUNCEMENT_MESSAGE', 'Example announcement message.<br><span class="font-weight-normal">Something else here</span>')
-	],
 
 	'contact' => [
 		'enabled' => env('INSTANCE_CONTACT_FORM', false),
@@ -15,7 +11,7 @@ return [
 
 	'discover' => [
 		'loops' => [
-			'enabled' => false
+			'enabled' => env('EXP_LOOPS', false),
 		],
 		'tags' => [
 			'is_public' => env('INSTANCE_PUBLIC_HASHTAGS', false)
@@ -51,5 +47,10 @@ return [
 
 	'stories' => [
 		'enabled' => env('STORIES_ENABLED', false),
+	],
+
+	'restricted' => [
+		'enabled' => env('RESTRICTED_INSTANCE', false),
+		'level' => 1
 	]
 ];

resources/views/settings/template.blade.php

@@ -21,7 +21,7 @@
 
 <div class="container">
   <div class="col-12">
-    <div class="card mt-5">
+    <div class="card shadow-none border mt-5">
       <div class="card-body p-0">
         <div class="row">
           @include('settings.partial.sidebar')