Merge pull request #4395 from pixelfed/staging

Staging
This commit is contained in:
daniel 2023-05-19 03:43:05 -06:00 committed by GitHub
commit eaf94cab0c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 71 additions and 3 deletions

View file

@ -40,6 +40,9 @@
- Update StatusEntityLexer, stop saving entities ([a91a5e48](https://github.com/pixelfed/pixelfed/commit/a91a5e48))
- Update UserCreate command, fix is_admin flag ([ad25ed67](https://github.com/pixelfed/pixelfed/commit/ad25ed67))
- Update Bouncer, adjust advanced Autospam logic ([18cddd43](https://github.com/pixelfed/pixelfed/commit/18cddd43))
- Update atom view, fix atom feed bug ([63b72c42](https://github.com/pixelfed/pixelfed/commit/63b72c42))
- Update StatusController, disable post embeds from spam accounts ([c167af43](https://github.com/pixelfed/pixelfed/commit/c167af43))
- Update ProfileController, require login to view spam accounts, and disable profile embeds and atom feeds for spam accounts ([dd2f5bb9](https://github.com/pixelfed/pixelfed/commit/dd2f5bb9))
- ([](https://github.com/pixelfed/pixelfed/commit/))
## [v0.11.6 (2023-05-03)](https://github.com/pixelfed/pixelfed/compare/v0.11.5...v0.11.6)

View file

@ -7,6 +7,7 @@ use Auth;
use Cache;
use DB;
use View;
use App\AccountInterstitial;
use App\Follower;
use App\FollowRequest;
use App\Profile;
@ -42,9 +43,22 @@ class ProfileController extends Controller
->whereUsername($username)
->firstOrFail();
if($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
return $this->showActivityPub($request, $user);
}
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $user->id, 86400, function() use($user) {
$exists = AccountInterstitial::whereUserId($user->user_id)->where('is_spam', 1)->count();
if($exists) {
return true;
}
return false;
});
if($aiCheck) {
return redirect('/login');
}
return $this->buildProfile($request, $user);
}
@ -207,7 +221,22 @@ class ProfileController extends Controller
abort_if(!$profile || $profile['locked'] || !$profile['local'], 404);
$data = Cache::remember('pf:atom:user-feed:by-id:' . $profile['id'], 43200, function() use($pid, $profile) {
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $profile['id'], 86400, function() use($profile) {
$uid = User::whereProfileId($profile['id'])->first();
if(!$uid) {
return true;
}
$exists = AccountInterstitial::whereUserId($uid->id)->where('is_spam', 1)->count();
if($exists) {
return true;
}
return false;
});
abort_if($aiCheck, 404);
$data = Cache::remember('pf:atom:user-feed:by-id:' . $profile['id'], 900, function() use($pid, $profile) {
$items = DB::table('statuses')
->whereProfileId($pid)
->whereVisibility('public')
@ -234,7 +263,7 @@ class ProfileController extends Controller
return compact('items', 'permalink', 'headers');
});
abort_if(!$data, 404);
abort_if(!$data || !isset($data['items']) || !isset($data['permalink']), 404);
return response()
->view('atom.user',
[
@ -274,6 +303,19 @@ class ProfileController extends Controller
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $profile->id, 86400, function() use($profile) {
$exists = AccountInterstitial::whereUserId($profile->user_id)->where('is_spam', 1)->count();
if($exists) {
return true;
}
return false;
});
if($aiCheck) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
if(AccountService::canEmbed($profile->user_id) == false) {
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}

View file

@ -115,10 +115,25 @@ class StatusController extends Controller
->whereIsPrivate(false)
->whereUsername($username)
->first();
if(!$profile) {
$content = view('status.embed-removed');
return response($content)->header('X-Frame-Options', 'ALLOWALL');
}
$aiCheck = Cache::remember('profile:ai-check:spam-login:' . $profile->id, 86400, function() use($profile) {
$exists = AccountInterstitial::whereUserId($profile->user_id)->where('is_spam', 1)->count();
if($exists) {
return true;
}
return false;
});
if($aiCheck) {
$res = view('status.embed-removed');
return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
}
$status = Status::whereProfileId($profile->id)
->whereNull('uri')
->whereScope('public')

View file

@ -6,13 +6,18 @@
<id>{{$permalink}}</id>
<title>{{$profile['username']}} on Pixelfed</title>
<subtitle type="html">{{$profile['note']}}</subtitle>
<updated>{{$items[0]['created_at']}}</updated>
@if($items && count($items))
<updated>{{$items[0]['created_at']}}</updated>
@endif
<author>
<name>{{$profile['username']}}</name>
<uri>{{$profile['url']}}</uri>
</author>
<link rel="alternate" type="text/html" href="{{$profile['url']}}" />
<link rel="self" type="application/atom+xml" href="{{$permalink}}" />
@if($items && count($items))
@foreach($items as $item)
<entry>
<id>{{ $item['url'] }}</id>
@ -35,4 +40,7 @@
<media:content url="{{ $item['media_attachments'][0]['url'] }}" type="{{ $item['media_attachments'][0]['mime'] }}" medium="image" />
</entry>
@endforeach
@endif
</feed>