UA-Fediland/pixelfed
2
0
Fork 0
mirror of https://github.com/pixelfed/pixelfed.git synced 2024-09-20 00:08:01 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update api controllers, add parental control support

Browse source
This commit is contained in:
Daniel Supernault 2024-01-11 04:50:11 -07:00
parent 9d365d07f9
commit fd9b5ad443
No known key found for this signature in database
GPG key ID: 23740873EE6F76A1
2 changed files with 267 additions and 253 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
app/Http/Controllers/Api/ApiV1Controller.php
View file

@ -758,6 +758,8 @@ class ApiV1Controller extends Controller
abort_if(!$request->user(), 403); abort_if(!$request->user(), 403);
$user = $request->user(); $user = $request->user();
abort_if($user->has_roles && !UserRoleService::can('can-follow', $user->id), 403, 'Invalid permissions for this action');
AccountService::setLastActive($user->id); AccountService::setLastActive($user->id);
$target = Profile::where('id', '!=', $user->profile_id) $target = Profile::where('id', '!=', $user->profile_id)
@ -843,6 +845,7 @@ class ApiV1Controller extends Controller
abort_if(!$request->user(), 403); abort_if(!$request->user(), 403);
$user = $request->user(); $user = $request->user();
AccountService::setLastActive($user->id); AccountService::setLastActive($user->id);
$target = Profile::where('id', '!=', $user->profile_id) $target = Profile::where('id', '!=', $user->profile_id)
@ -947,6 +950,8 @@ class ApiV1Controller extends Controller
]); ]);
$user = $request->user(); $user = $request->user();
abort_if($user->has_roles && !UserRoleService::can('can-view-discover', $user->id), 403, 'Invalid permissions for this action');
AccountService::setLastActive($user->id); AccountService::setLastActive($user->id);
$query = $request->input('q'); $query = $request->input('q');
$limit = $request->input('limit') ?? 20; $limit = $request->input('limit') ?? 20;

9
app/Http/Controllers/Api/ApiV2Controller.php
View file

@ -35,6 +35,7 @@ use App\Transformer\Api\{
RelationshipTransformer, RelationshipTransformer,
}; };
use App\Util\Site\Nodeinfo; use App\Util\Site\Nodeinfo;
use App\Services\UserRoleService;
class ApiV2Controller extends Controller class ApiV2Controller extends Controller
{ {
@ -159,6 +160,14 @@ class ApiV2Controller extends Controller
'following' => 'nullable' 'following' => 'nullable'
]); ]);
if($request->user()->has_roles && !UserRoleService::can('can-view-discover', $request->user()->id)) {
return [
'accounts' => [],
'hashtags' => [],
'statuses' => []
];
}
$mastodonMode = !$request->has('_pe'); $mastodonMode = !$request->has('_pe');
return $this->json(SearchApiV2Service::query($request, $mastodonMode)); return $this->json(SearchApiV2Service::query($request, $mastodonMode));
} }