mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-01 18:53:16 +00:00
Update ProfileController, require login to view spam accounts, and disable profile embeds for spam accounts
This commit is contained in:
parent
c167af43a4
commit
dd2f5bb96a
1 changed files with 44 additions and 2 deletions
|
@ -7,6 +7,7 @@ use Auth;
|
||||||
use Cache;
|
use Cache;
|
||||||
use DB;
|
use DB;
|
||||||
use View;
|
use View;
|
||||||
|
use App\AccountInterstitial;
|
||||||
use App\Follower;
|
use App\Follower;
|
||||||
use App\FollowRequest;
|
use App\FollowRequest;
|
||||||
use App\Profile;
|
use App\Profile;
|
||||||
|
@ -42,9 +43,22 @@ class ProfileController extends Controller
|
||||||
->whereUsername($username)
|
->whereUsername($username)
|
||||||
->firstOrFail();
|
->firstOrFail();
|
||||||
|
|
||||||
|
|
||||||
if($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
|
if($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
|
||||||
return $this->showActivityPub($request, $user);
|
return $this->showActivityPub($request, $user);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $user->id, 86400, function() use($user) {
|
||||||
|
$exists = AccountInterstitial::whereUserId($user->user_id)->where('is_spam', 1)->count();
|
||||||
|
if($exists) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
});
|
||||||
|
if($aiCheck) {
|
||||||
|
return redirect('/login');
|
||||||
|
}
|
||||||
return $this->buildProfile($request, $user);
|
return $this->buildProfile($request, $user);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -207,7 +221,22 @@ class ProfileController extends Controller
|
||||||
|
|
||||||
abort_if(!$profile || $profile['locked'] || !$profile['local'], 404);
|
abort_if(!$profile || $profile['locked'] || !$profile['local'], 404);
|
||||||
|
|
||||||
$data = Cache::remember('pf:atom:user-feed:by-id:' . $profile['id'], 43200, function() use($pid, $profile) {
|
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $profile['id'], 86400, function() use($profile) {
|
||||||
|
$uid = User::whereProfileId($profile['id'])->first();
|
||||||
|
if(!$uid) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
$exists = AccountInterstitial::whereUserId($uid->id)->where('is_spam', 1)->count();
|
||||||
|
if($exists) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
});
|
||||||
|
|
||||||
|
abort_if($aiCheck, 404);
|
||||||
|
|
||||||
|
$data = Cache::remember('pf:atom:user-feed:by-id:' . $profile['id'], 900, function() use($pid, $profile) {
|
||||||
$items = DB::table('statuses')
|
$items = DB::table('statuses')
|
||||||
->whereProfileId($pid)
|
->whereProfileId($pid)
|
||||||
->whereVisibility('public')
|
->whereVisibility('public')
|
||||||
|
@ -234,7 +263,7 @@ class ProfileController extends Controller
|
||||||
|
|
||||||
return compact('items', 'permalink', 'headers');
|
return compact('items', 'permalink', 'headers');
|
||||||
});
|
});
|
||||||
abort_if(!$data, 404);
|
abort_if(!$data || !isset($data['items']) || !isset($data['permalink']), 404);
|
||||||
return response()
|
return response()
|
||||||
->view('atom.user',
|
->view('atom.user',
|
||||||
[
|
[
|
||||||
|
@ -274,6 +303,19 @@ class ProfileController extends Controller
|
||||||
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
|
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $profile->id, 86400, function() use($profile) {
|
||||||
|
$exists = AccountInterstitial::whereUserId($profile->user_id)->where('is_spam', 1)->count();
|
||||||
|
if($exists) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
});
|
||||||
|
|
||||||
|
if($aiCheck) {
|
||||||
|
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
|
||||||
|
}
|
||||||
|
|
||||||
if(AccountService::canEmbed($profile->user_id) == false) {
|
if(AccountService::canEmbed($profile->user_id) == false) {
|
||||||
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
|
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue