Merge branch 'staging' into patch-1

CHANGELOG.md

@@ -6,10 +6,17 @@
 
 ### Fixed
 - Fixed count bug in StatusHashtagService [#1694](https://github.com/pixelfed/pixelfed/pull/1694)
+- Fixed private account bug [#1699](https://github.com/pixelfed/pixelfed/pull/1699)
 
 ### Changed
 - Updated EmailService, added new domains [#1690](https://github.com/pixelfed/pixelfed/pull/1690)
 - Updated quill.js to v1.3.7 [#1692](https://github.com/pixelfed/pixelfed/pull/1692)
+- Cache ProfileController [#1700](https://github.com/pixelfed/pixelfed/pull/1700)
+- Updated ComposeUI v4, made cropping optional [#1702](https://github.com/pixelfed/pixelfed/pull/1702)
+- Updated DiscoverController, limit Loops to local only posts [#1703](https://github.com/pixelfed/pixelfed/pull/1703)
+
+## Deprecated
+- Remove deprecated profile following/followers [#1697](https://github.com/pixelfed/pixelfed/pull/1697)
     
     
 ## [v0.10.3 (2019-09-08)](https://github.com/pixelfed/pixelfed/compare/v0.10.2...v0.10.3)

app/Http/Controllers/Api/ApiV1Controller.php

@@ -0,0 +1,80 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use Illuminate\Support\Str;
+use App\Jobs\StatusPipeline\StatusDelete;
+use Laravel\Passport\Passport;
+use Auth, Cache, DB;
+use App\{
+    Like,
+    Media,
+    Profile,
+    Status
+};
+use League\Fractal;
+use App\Transformer\Api\{
+    AccountTransformer,
+    RelationshipTransformer,
+    StatusTransformer,
+};
+use League\Fractal\Serializer\ArraySerializer;
+use League\Fractal\Pagination\IlluminatePaginatorAdapter;
+
+use App\Services\NotificationService;
+
+class ApiV1Controller extends Controller 
+{
+	protected $fractal;
+
+	public function __construct()
+	{
+		$this->fractal = new Fractal\Manager();
+		$this->fractal->setSerializer(new ArraySerializer());
+	}
+	public function apps(Request $request)
+	{
+		abort_if(!config('pixelfed.oauth_enabled'), 404);
+
+		$this->validate($request, [
+			'client_name' 		=> 'required',
+			'redirect_uris' 	=> 'required',
+			'scopes' 			=> 'nullable',
+			'website' 			=> 'nullable'
+		]);
+
+        $client = Passport::client()->forceFill([
+            'user_id' => null,
+            'name' => e($request->client_name),
+            'secret' => Str::random(40),
+            'redirect' => $request->redirect_uris,
+            'personal_access_client' => false,
+            'password_client' => false,
+            'revoked' => false,
+        ]);
+
+        $client->save();
+
+        $res = [
+        	'id' => $client->id,
+        	'name' => $client->name,
+        	'website' => null,
+        	'redirect_uri' => $client->redirect,
+        	'client_id' => $client->id,
+        	'client_secret' => $client->secret,
+        	'vapid_key' => null
+        ];
+        return $res;
+	}
+
+	public function accountById(Request $request, $id)
+	{
+		$profile = Profile::whereNull('status')->findOrFail($id);
+		$resource = new Fractal\Resource\Item($profile, new AccountTransformer());
+		$res = $this->fractal->createData($resource)->toArray();
+
+		return response()->json($res);
+	}
+}

app/Http/Controllers/DiscoverController.php

@@ -78,8 +78,9 @@ class DiscoverController extends Controller
         abort_if(!config('exp.loops'), 403);
         
         // todo proper pagination, maybe LoopService
-        $res = Cache::remember('discover:loops:recent', now()->addHours(1), function() {
+        $res = Cache::remember('discover:loops:recent', now()->addHours(6), function() {
           $loops = Status::whereType('video')
+                  ->whereNull('uri')
                   ->whereScope('public')
                   ->latest()
                   ->take(18)

app/Http/Controllers/FollowerController.php

@@ -27,7 +27,11 @@ class FollowerController extends Controller
         ]);
         $item = (int) $request->input('item');
         $this->handleFollowRequest($item);
+        if($request->wantsJson()) {
             return response()->json(200);
+        } else {
+            return redirect()->back();
+        }
     }
 
     protected function handleFollowRequest($item)

app/Http/Controllers/ProfileController.php

@@ -20,49 +20,62 @@ class ProfileController extends Controller
 {
     public function show(Request $request, $username)
     {
-        $user = Profile::whereUsername($username)->firstOrFail();
-        if($user->domain) {
-            return redirect($user->remote_url);
+        $user = Profile::whereNull('domain')
+            ->whereNull('status')
+            ->whereUsername($username)
+            ->firstOrFail();
+        if($request->wantsJson() && config('federation.activitypub.enabled')) {
+            return $this->showActivityPub($request, $user);
         }
-        if($user->status != null) {
-            return $this->accountCheck($user);
-        } else {
         return $this->buildProfile($request, $user);
     }
-    }
 
-    // TODO: refactor this mess
     protected function buildProfile(Request $request, $user)
     {
         $username = $user->username;
         $loggedIn = Auth::check();
         $isPrivate = false;
         $isBlocked = false;
+        if(!$loggedIn) {
+            $key = 'profile:settings:' . $user->id;
+            $ttl = now()->addHours(6);
+            $settings = Cache::remember($key, $ttl, function() use($user) {
+                return $user->user->settings;
+            });
 
-        if($user->status != null) {
-            return ProfileController::accountCheck($user);
+            if ($user->is_private == true) {
+                abort(404);
             }
 
-        if ($user->remote_url) {
-            $settings = new \StdClass;
-            $settings->crawlable = false;
-            $settings->show_profile_follower_count = true;
-            $settings->show_profile_following_count = true;
+            $owner = false;
+            $is_following = false;
+
+            $is_admin = $user->user->is_admin;
+            $profile = $user;
+            $settings = [
+                'crawlable' => $settings->crawlable,
+                'following' => [
+                    'count' => $settings->show_profile_following_count,
+                    'list' => $settings->show_profile_following
+                ], 
+                'followers' => [
+                    'count' => $settings->show_profile_follower_count,
+                    'list' => $settings->show_profile_followers
+                ]
+            ];
+            return view('profile.show', compact('profile', 'settings'));
         } else {
-            $settings = $user->user->settings;
-        }
-
-        if ($request->wantsJson() && config('federation.activitypub.enabled')) {
-            return $this->showActivityPub($request, $user);
-        }
+            $key = 'profile:settings:' . $user->id;
+            $ttl = now()->addHours(6);
+            $settings = Cache::remember($key, $ttl, function() use($user) {
+                return $user->user->settings;
+            });
 
             if ($user->is_private == true) {
                 $isPrivate = $this->privateProfileCheck($user, $loggedIn);
             }
 
-        if ($loggedIn == true) {
             $isBlocked = $this->blockedProfileCheck($user);
-        }
 
             $owner = $loggedIn && Auth::id() === $user->user_id;
             $is_following = ($owner == false && Auth::check()) ? $user->followedBy(Auth::user()->profile) : false;
@@ -87,13 +100,13 @@ class ProfileController extends Controller
                     'list' => $settings->show_profile_followers
                 ]
             ];
-        return view('profile.show', compact('user', 'profile', 'settings', 'owner', 'is_following', 'is_admin'));
+            return view('profile.show', compact('profile', 'settings'));
+        }
     }
 
     public function permalinkRedirect(Request $request, $username)
     {
-        $user = Profile::whereUsername($username)->firstOrFail();
-        $settings = User::whereUsername($username)->firstOrFail()->settings;
+        $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
 
         if ($request->wantsJson() && config('federation.activitypub.enabled')) {
             return $this->showActivityPub($request, $user);
@@ -136,34 +149,19 @@ class ProfileController extends Controller
         return false;
     }
 
-    public static function accountCheck(Profile $profile)
-    {
-        switch ($profile->status) {
-            case 'disabled':
-            case 'suspended':
-            case 'delete':
-                return view('profile.disabled');
-                break;
-            
-            default:
-                # code...
-                break;
-        }
-
-        return abort(404);
-    }
-
     public function showActivityPub(Request $request, $user)
     {
         abort_if(!config('federation.activitypub.enabled'), 404);
+        abort_if($user->domain, 404);
+        $key = 'profile:ap:' . $user->id;
+        $ttl = now()->addHours(6);
 
-        if($user->status != null) {
-            return ProfileController::accountCheck($user);
-        }
+        return Cache::remember($key, $ttl, function() use($user) {
             $fractal = new Fractal\Manager();
             $resource = new Fractal\Resource\Item($user, new ProfileTransformer);
             $res = $fractal->createData($resource)->toArray();
             return response(json_encode($res['data']))->header('Content-Type', 'application/activity+json');
+        });
     }
 
     public function showAtomFeed(Request $request, $user)

app/Http/Controllers/Settings/PrivacySettings.php

@@ -29,8 +29,8 @@ trait PrivacySettings
 
     public function privacyStore(Request $request)
     {
-        $settings = Auth::user()->settings;
-        $profile = Auth::user()->profile;
+        $settings = $request->user()->settings;
+        $profile = $request->user()->profile;
         $fields = [
           'is_private',
           'crawlable',
@@ -65,7 +65,7 @@ trait PrivacySettings
             }
             $settings->save();
         }
-
+        Cache::forget('profile:settings:' . $profile->id);
         return redirect(route('settings.privacy'))->with('status', 'Settings successfully updated!');
     }
 

app/Providers/AuthServiceProvider.php

@@ -4,6 +4,7 @@ namespace App\Providers;
 
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 use Laravel\Passport\Passport;
+use Gate;
 
 class AuthServiceProvider extends ServiceProvider
 {
@@ -32,14 +33,22 @@ class AuthServiceProvider extends ServiceProvider
             Passport::enableImplicitGrant();
             
             Passport::setDefaultScope([
-                'user:read',
-                'user:write'
+                'read',
+                'write',
+                'follow',
+                'push'
             ]);
 
             Passport::tokensCan([
-                'user:read' => 'Read a user’s profile info and media',
-                'user:write' => 'This scope lets an app "Change your profile information"',
+                'read' => 'Full read access to your account',
+                'write' => 'Full write access to your account',
+                'follow' => 'Ability to follow other profiles',
+                'push'  => ''
             ]);
         }
+
+        Gate::define('viewWebSocketsDashboard', function ($user = null) {
+            return $user->is_admin;
+        });
     }
 }

resources/assets/js/components/ComposeModal.vue

@@ -1,6 +1,6 @@
 <template>
 <div>
-	<input type="file" id="pf-dz" name="media" class="w-100 h-100 d-none file-input" draggable="true" multiple="true" v-bind:accept="config.uploader.media_types">
+	<input type="file" id="pf-dz" name="media" class="w-100 h-100 d-none file-input" draggable="true" v-bind:accept="config.uploader.media_types">
 	<div class="timeline">
 		<div v-if="uploading">
 			<div class="card status-card card-md-rounded-0 w-100 h-100 bg-light py-5" style="border-bottom: 1px solid #f1f1f1">
@@ -12,7 +12,7 @@
 		</div>
 		<div v-else>
 			<div class="card status-card card-md-rounded-0 w-100 h-100" style="display:flex;">
-				<div class="card-header d-inline-flex align-items-center bg-white">
+				<div class="card-header d-inline-flex align-items-center justify-content-between bg-white">
 					<div>
 						<a v-if="page == 1" href="#" @click.prevent="closeModal()" class="font-weight-bold text-decoration-none text-muted">
 							<i class="fas fa-times fa-lg"></i>
@@ -25,15 +25,20 @@
 							<span class="font-weight-bold mb-0">{{pageTitle}}</span>
 						</span>
 					</div>
-					<div class="text-right" style="flex-grow:1;">
+					<div v-if="page == 2">
+						<a href="#" class="text-center text-dark" @click.prevent="showCropPhotoCard"><i class="fas fa-magic fa-lg"></i></a>
+					</div>
+					<div>
 						<!-- <a v-if="page > 1" class="font-weight-bold text-decoration-none" href="#" @click.prevent="page--">Back</a> -->
 						<span v-if="pageLoading">
 							<div class="spinner-border spinner-border-sm" role="status">
 								<span class="sr-only">Loading...</span>
 							</div>
 						</span>
-						<a v-if="!pageLoading && (page > 1 && page <= 3) || (page == 1 && ids.length != 0)" class="font-weight-bold text-decoration-none" href="#" @click.prevent="nextPage">Next</a>
-						<a v-if="!pageLoading && page == 4" class="font-weight-bold text-decoration-none" href="#" @click.prevent="compose">Post</a>
+						<span v-else>
+							<a v-if="!pageLoading && (page > 1 && page <= 2) || (page == 1 && ids.length != 0) || page == 'cropPhoto'" class="font-weight-bold text-decoration-none" href="#" @click.prevent="nextPage">Next</a>
+							<a v-if="!pageLoading && page == 3" class="font-weight-bold text-decoration-none" href="#" @click.prevent="compose">Post</a>
+						</span>
 					</div>
 				</div>
 				<div class="card-body p-0 border-top">
@@ -43,7 +48,7 @@
 								<a class="btn btn-primary font-weight-bold" href="/i/compose">Compose Post</a>
 							</p>
 							<hr>
-							<p>
+							<p v-if="media.length == 0">
 								<button type="button" class="btn btn-outline-primary font-weight-bold" @click.prevent="addMedia">Compose Post <sup>BETA</sup></button>
 							</p>
 							<p>
@@ -60,7 +65,7 @@
 						</div>
 					</div>
 
-					<div v-if="page == 2" class="w-100 h-100">
+					<div v-if="page == 'cropPhoto'" class="w-100 h-100">
 						<div v-if="ids.length > 0">
 							<vue-cropper
 								ref="cropper"
@@ -75,7 +80,7 @@
 						</div>
 					</div>
 
-					<div v-if="page == 3" class="w-100 h-100">
+					<div v-if="page == 2" class="w-100 h-100">
 						<div slot="img" style="display:flex;min-height: 420px;align-items: center;">
 							<img :class="'d-block img-fluid w-100 ' + [media[carouselCursor].filter_class?media[carouselCursor].filter_class:'']" :src="media[carouselCursor].url" :alt="media[carouselCursor].description" :title="media[carouselCursor].description">
 						</div>
@@ -98,7 +103,7 @@
 						</div>
 					</div>
 
-					<div v-if="page == 4" class="w-100 h-100">
+					<div v-if="page == 3" class="w-100 h-100">
 						<div class="border-bottom mt-2">
 							<div class="media px-3">
 								<img :src="media[0].url" width="42px" height="42px" :class="[media[0].filter_class?'mr-2 ' + media[0].filter_class:'mr-2']">
@@ -177,7 +182,7 @@
 									</div>
 								</div>
 							</div>
-							<a class="list-group-item" @click.prevent="page = 'altText'">
+							<a href="#" class="list-group-item" @click.prevent="page = 'altText'">
 								<div class="text-dark">Write alt text</div>
 								<p class="text-muted small mb-0">Alt text describes your photos for people with visual impairments.</p>
 							</a>
@@ -227,7 +232,7 @@
 				</div>
 
 				<!-- card-footers -->
-				<div v-if="page == 2" class="card-footer bg-white d-flex justify-content-between">
+				<div v-if="page == 'cropPhoto'" class="card-footer bg-white d-flex justify-content-between">
 					<div>
 						<button type="button" class="btn btn-outline-secondary" @click="rotate"><i class="fas fa-undo"></i></button>
 					</div>
@@ -325,6 +330,7 @@ export default {
 
 			taggedUsernames: false,
 			namedPages: [
+				'cropPhoto',
 				'tagPeople',
 				'addLocation',
 				'advancedSettings',
@@ -642,12 +648,13 @@ export default {
 		},
 
 		nextPage() {
+			this.pageTitle = '';
 			switch(this.page) {
 				case 1:
-					this.page = 3;
+					this.page = 2;
 				break;
 
-				case 2:
+				case 'cropPhoto':
 					this.pageLoading = true;
 					let self = this;
 					this.$refs.cropper.getCroppedCanvas({  
@@ -664,14 +671,14 @@ export default {
 						axios.post(url, data).then(res => {
 							self.media[self.carouselCursor].url = res.data.url;
 							self.pageLoading = false;
-							self.page++;
+							self.page = 2;
 						}).catch(err => {
 						});
 					});
 				break;
 
+				case 2:
 				case 3:
-				case 4:
 					this.page++;
 				break;
 			}
@@ -732,16 +739,25 @@ export default {
 		onSubmitLocation(result) {
 			this.place = result;
 			this.pageTitle = '';
-			this.page = 4;
+			this.page = 3;
 			return;
 		},
 
 		goBack() {
 			this.pageTitle = '';
-			if(this.page == 'addToStory') {
+			
+			switch(this.page) {
+				case 'addToStory':
 					this.page = 1;
-			} else {
-				this.namedPages.indexOf(this.page) != -1 ? this.page = 4 : this.page--;
+				break;
+
+				case 'cropPhoto':
+					this.page = 2;
+				break;
+
+				default:
+					this.namedPages.indexOf(this.page) != -1 ? this.page = 3 : this.page--;
+				break;
 			}
 		},
 
@@ -755,6 +771,11 @@ export default {
 			this.page = 'addToStory';
 		},
 
+		showCropPhotoCard() {
+			this.pageTitle = 'Edit Photo';
+			this.page = 'cropPhoto';
+		},
+
 		toggleVisibility(state) {
 			let tags = {
 				public: 'Public',
@@ -764,7 +785,7 @@ export default {
 			this.visibility = state;
 			this.visibilityTag = tags[state];
 			this.pageTitle = '';
-			this.page = 4;
+			this.page = 3;
 		}
 	}
 }

resources/assets/js/components/Profile.vue

@@ -509,7 +509,7 @@
 <script type="text/javascript">
 	import VueMasonry from 'vue-masonry-css'
 
-	Vue.use(VueMasonry);
+
 	export default {
 		props: [
 			'profile-id',
@@ -557,6 +557,7 @@
 			this.fetchProfile();
 			let u = new URLSearchParams(window.location.search);
 			if(u.has('ui') && u.get('ui') == 'moment' && this.layout != 'moment') {
+				Vue.use(VueMasonry);
 				this.layout = 'moment';
 			}
 			if(u.has('ui') && u.get('ui') == 'metro' && this.layout != 'metro') {
@@ -581,6 +582,11 @@
 			if(u.has('md') && u.get('md') == 'following') {
 				this.followingModal();
 			}
+			if(document.querySelectorAll('body')[0].classList.contains('loggedIn') == true) {
+				axios.get('/api/v1/accounts/verify_credentials').then(res => {
+					this.user = res.data;
+				});
+			}
 		},
 
 		updated() {
@@ -591,12 +597,12 @@
 			fetchProfile() {
 				axios.get('/api/v1/accounts/' + this.profileId).then(res => {
 					this.profile = res.data;
+				}).then(res => {
+					this.fetchPosts();
 				});
-				if(document.querySelectorAll('body')[0].classList.contains('loggedIn') == true) {
-					axios.get('/api/v1/accounts/verify_credentials').then(res => {
-						this.user = res.data;
-					});
-				}
+			},
+
+			fetchPosts() {
 				let apiUrl = '/api/v1/accounts/' + this.profileId + '/statuses';
 				axios.get(apiUrl, {
 					params: {
@@ -614,7 +620,7 @@
 					this.timeline = data;
 					this.ownerCheck();
 					this.loading = false;
-					this.loadSponsor();
+					//this.loadSponsor();
 				}).catch(err => {
 					swal('Oops, something went wrong',
 						'Please release the page.',
@@ -825,7 +831,6 @@
 				});
 			},
 
-
 			unmuteProfile(status = null) {
 				if($('body').hasClass('loggedIn') == false) {
 					return;

routes/api.php

@@ -2,15 +2,6 @@
 
 use Illuminate\Http\Request;
 
-/*
-|--------------------------------------------------------------------------
-| API Routes
-|--------------------------------------------------------------------------
-|
-| Here is where you can register API routes for your application. These
-| routes are loaded by the RouteServiceProvider within a group which
-| is assigned the "api" middleware group. Enjoy building your API!
-|
-*/
-
 Route::post('/users/{username}/inbox', 'FederationController@userInbox');
+
+Route::post('/api/v1/apps', 'Api\ApiV1Controller@apps');