UA-Fediland/pixelfed
2
0
Fork 0
mirror of https://github.com/pixelfed/pixelfed.git synced 2025-01-30 16:30:45 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update PublicApiController

Browse source
This commit is contained in:
Daniel Supernault 2018-11-29 01:32:27 -07:00
parent 0a9ffe80b3
commit d1603aba71
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
1 changed files with 47 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
app/Http/Controllers/PublicApiController.php
View file

@ -5,6 +5,7 @@ namespace App\Http\Controllers;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use App\{ use App\{
Hashtag, Hashtag,
Follower,
Like, Like,
Media, Media,
Notification, Notification,
@ -30,7 +31,7 @@ class PublicApiController extends Controller
public function __construct() public function __construct()
{ {
$this->middleware('throttle:200, 15'); $this->middleware('throttle:200, 30');
$this->fractal = new Fractal\Manager(); $this->fractal = new Fractal\Manager();
$this->fractal->setSerializer(new ArraySerializer()); $this->fractal->setSerializer(new ArraySerializer());
} }
@ -50,6 +51,7 @@ class PublicApiController extends Controller
{ {
$profile = Profile::whereUsername($username)->first(); $profile = Profile::whereUsername($username)->first();
$status = Status::whereProfileId($profile->id)->find($postid); $status = Status::whereProfileId($profile->id)->find($postid);
$this->scopeCheck($profile, $status);
$item = new Fractal\Resource\Item($status, new StatusTransformer()); $item = new Fractal\Resource\Item($status, new StatusTransformer());
$res = [ $res = [
'status' => $this->fractal->createData($item)->toArray(), 'status' => $this->fractal->createData($item)->toArray(),
@ -73,6 +75,7 @@ class PublicApiController extends Controller
$limit = $request->limit ?? 10; $limit = $request->limit ?? 10;
$profile = Profile::whereUsername($username)->first(); $profile = Profile::whereUsername($username)->first();
$status = Status::whereProfileId($profile->id)->find($postId); $status = Status::whereProfileId($profile->id)->find($postId);
$this->scopeCheck($profile, $status);
if($request->filled('min_id') || $request->filled('max_id')) { if($request->filled('min_id') || $request->filled('max_id')) {
if($request->filled('min_id')) { if($request->filled('min_id')) {
$replies = $status->comments() $replies = $status->comments()
@ -100,4 +103,47 @@ class PublicApiController extends Controller
$res = $this->fractal->createData($resource)->toArray(); $res = $this->fractal->createData($resource)->toArray();
return response()->json($res, 200, [], JSON_PRETTY_PRINT); return response()->json($res, 200, [], JSON_PRETTY_PRINT);
} }
protected function scopeCheck(Profile $profile, Status $status)
{
if($profile->is_private == true && Auth::check() == false) {
abort(404);
}
switch ($status->scope) {
case 'public':
case 'unlisted':
$user = Auth::check() ? Auth::user() : false;
if($user && $profile->is_private) {
$follows = Follower::whereProfileId($user->profile->id)
->whereFollowingId($profile->id)
->exists();
if($follows == false && $profile->id !== $user->profile->id) {
abort(404);
}
}
break;
case 'private':
$follows = Follower::whereProfileId($user->profile->id)
->whereFollowingId($profile->id)
->exists();
if($follows == false && $profile->id !== $user->profile->id) {
abort(404);
}
break;
case 'direct':
abort(404);
break;
case 'draft':
abort(404);
break;
default:
abort(404);
break;
}
}
} }