mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-24 07:21:27 +00:00
1753 lines
62 KiB
PHP
1753 lines
62 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Admin;
|
|
|
|
use App\AccountInterstitial;
|
|
use App\Http\Resources\Admin\AdminModeratedProfileResource;
|
|
use App\Http\Resources\AdminRemoteReport;
|
|
use App\Http\Resources\AdminReport;
|
|
use App\Http\Resources\AdminSpamReport;
|
|
use App\Jobs\DeletePipeline\DeleteAccountPipeline;
|
|
use App\Jobs\DeletePipeline\DeleteRemoteProfilePipeline;
|
|
use App\Jobs\StatusPipeline\RemoteStatusDelete;
|
|
use App\Jobs\StatusPipeline\StatusDelete;
|
|
use App\Jobs\StoryPipeline\StoryDelete;
|
|
use App\Models\ModeratedProfile;
|
|
use App\Models\RemoteReport;
|
|
use App\Notification;
|
|
use App\Profile;
|
|
use App\Report;
|
|
use App\Services\AccountService;
|
|
use App\Services\ModLogService;
|
|
use App\Services\NetworkTimelineService;
|
|
use App\Services\NotificationService;
|
|
use App\Services\PublicTimelineService;
|
|
use App\Services\StatusService;
|
|
use App\Status;
|
|
use App\Story;
|
|
use App\User;
|
|
use App\Util\ActivityPub\Helpers;
|
|
use Cache;
|
|
use Carbon\Carbon;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Support\Facades\Redis;
|
|
use Storage;
|
|
|
|
trait AdminReportController
|
|
{
|
|
public function reports(Request $request)
|
|
{
|
|
$filter = $request->input('filter') == 'closed' ? 'closed' : 'open';
|
|
$page = $request->input('page') ?? 1;
|
|
|
|
$ai = Cache::remember('admin-dash:reports:ai-count', 3600, function () {
|
|
return AccountInterstitial::whereNotNull('appeal_requested_at')->whereNull('appeal_handled_at')->count();
|
|
});
|
|
|
|
$spam = Cache::remember('admin-dash:reports:spam-count', 3600, function () {
|
|
return AccountInterstitial::whereType('post.autospam')->whereNull('appeal_handled_at')->count();
|
|
});
|
|
|
|
$mailVerifications = Redis::scard('email:manual');
|
|
|
|
if ($filter == 'open' && $page == 1) {
|
|
$reports = Cache::remember('admin-dash:reports:list-cache', 300, function () use ($filter) {
|
|
return Report::whereHas('status')
|
|
->whereHas('reportedUser')
|
|
->whereHas('reporter')
|
|
->orderBy('created_at', 'desc')
|
|
->when($filter, function ($q, $filter) {
|
|
return $filter == 'open' ?
|
|
$q->whereNull('admin_seen') :
|
|
$q->whereNotNull('admin_seen');
|
|
})
|
|
->paginate(6);
|
|
});
|
|
} else {
|
|
$reports = Report::whereHas('status')
|
|
->whereHas('reportedUser')
|
|
->whereHas('reporter')
|
|
->orderBy('created_at', 'desc')
|
|
->when($filter, function ($q, $filter) {
|
|
return $filter == 'open' ?
|
|
$q->whereNull('admin_seen') :
|
|
$q->whereNotNull('admin_seen');
|
|
})
|
|
->paginate(6);
|
|
}
|
|
|
|
return view('admin.reports.home', compact('reports', 'ai', 'spam', 'mailVerifications'));
|
|
}
|
|
|
|
public function showReport(Request $request, $id)
|
|
{
|
|
$report = Report::with('status')->findOrFail($id);
|
|
if ($request->has('ref') && $request->input('ref') == 'email') {
|
|
return redirect('/i/admin/reports?tab=report&id='.$report->id);
|
|
}
|
|
|
|
return view('admin.reports.show', compact('report'));
|
|
}
|
|
|
|
public function appeals(Request $request)
|
|
{
|
|
$appeals = AccountInterstitial::whereNotNull('appeal_requested_at')
|
|
->whereNull('appeal_handled_at')
|
|
->latest()
|
|
->paginate(6);
|
|
|
|
return view('admin.reports.appeals', compact('appeals'));
|
|
}
|
|
|
|
public function showAppeal(Request $request, $id)
|
|
{
|
|
$appeal = AccountInterstitial::whereNotNull('appeal_requested_at')
|
|
->whereNull('appeal_handled_at')
|
|
->findOrFail($id);
|
|
$meta = json_decode($appeal->meta);
|
|
|
|
return view('admin.reports.show_appeal', compact('appeal', 'meta'));
|
|
}
|
|
|
|
public function spam(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'tab' => 'sometimes|in:home,not-spam,spam,settings,custom,exemptions',
|
|
]);
|
|
|
|
$tab = $request->input('tab', 'home');
|
|
|
|
$openCount = Cache::remember('admin-dash:reports:spam-count', 3600, function () {
|
|
return AccountInterstitial::whereType('post.autospam')
|
|
->whereNull('appeal_handled_at')
|
|
->count();
|
|
});
|
|
|
|
$monthlyCount = Cache::remember('admin-dash:reports:spam-count:30d', 43200, function () {
|
|
return AccountInterstitial::whereType('post.autospam')
|
|
->where('created_at', '>', now()->subMonth())
|
|
->count();
|
|
});
|
|
|
|
$totalCount = Cache::remember('admin-dash:reports:spam-count:total', 43200, function () {
|
|
return AccountInterstitial::whereType('post.autospam')->count();
|
|
});
|
|
|
|
$uncategorized = Cache::remember('admin-dash:reports:spam-sync', 3600, function () {
|
|
return AccountInterstitial::whereType('post.autospam')
|
|
->whereIsSpam(null)
|
|
->whereNotNull('appeal_handled_at')
|
|
->exists();
|
|
});
|
|
|
|
$avg = Cache::remember('admin-dash:reports:spam-count:avg', 43200, function () {
|
|
if (config('database.default') != 'mysql') {
|
|
return 0;
|
|
}
|
|
|
|
return AccountInterstitial::selectRaw('*, count(id) as counter')
|
|
->whereType('post.autospam')
|
|
->groupBy('user_id')
|
|
->get()
|
|
->avg('counter');
|
|
});
|
|
|
|
$avgOpen = Cache::remember('admin-dash:reports:spam-count:avgopen', 43200, function () {
|
|
if (config('database.default') != 'mysql') {
|
|
return '0';
|
|
}
|
|
$seconds = AccountInterstitial::selectRaw('DATE(created_at) AS start_date, AVG(TIME_TO_SEC(TIMEDIFF(appeal_handled_at, created_at))) AS timediff')->whereType('post.autospam')->whereNotNull('appeal_handled_at')->where('created_at', '>', now()->subMonth())->get();
|
|
if (! $seconds) {
|
|
return '0';
|
|
}
|
|
$mins = floor($seconds->avg('timediff') / 60);
|
|
|
|
if ($mins < 60) {
|
|
return $mins.' min(s)';
|
|
}
|
|
|
|
if ($mins < 2880) {
|
|
return floor($mins / 60).' hour(s)';
|
|
}
|
|
|
|
return floor($mins / 60 / 24).' day(s)';
|
|
});
|
|
$avgCount = $totalCount && $avg ? floor($totalCount / $avg) : '0';
|
|
|
|
if (in_array($tab, ['home', 'spam', 'not-spam'])) {
|
|
$appeals = AccountInterstitial::whereType('post.autospam')
|
|
->when($tab, function ($q, $tab) {
|
|
switch ($tab) {
|
|
case 'home':
|
|
return $q->whereNull('appeal_handled_at');
|
|
break;
|
|
case 'spam':
|
|
return $q->whereIsSpam(true);
|
|
break;
|
|
case 'not-spam':
|
|
return $q->whereIsSpam(false);
|
|
break;
|
|
}
|
|
})
|
|
->latest()
|
|
->paginate(6);
|
|
|
|
if ($tab !== 'home') {
|
|
$appeals = $appeals->appends(['tab' => $tab]);
|
|
}
|
|
} else {
|
|
$appeals = new class
|
|
{
|
|
public function count()
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
public function render() {}
|
|
};
|
|
}
|
|
|
|
return view('admin.reports.spam', compact('tab', 'appeals', 'openCount', 'monthlyCount', 'totalCount', 'avgCount', 'avgOpen', 'uncategorized'));
|
|
}
|
|
|
|
public function showSpam(Request $request, $id)
|
|
{
|
|
$appeal = AccountInterstitial::whereType('post.autospam')
|
|
->findOrFail($id);
|
|
if ($request->has('ref') && $request->input('ref') == 'email') {
|
|
return redirect('/i/admin/reports?tab=autospam&id='.$appeal->id);
|
|
}
|
|
$meta = json_decode($appeal->meta);
|
|
|
|
return view('admin.reports.show_spam', compact('appeal', 'meta'));
|
|
}
|
|
|
|
public function fixUncategorizedSpam(Request $request)
|
|
{
|
|
if (Cache::get('admin-dash:reports:spam-sync-active')) {
|
|
return redirect('/i/admin/reports/autospam');
|
|
}
|
|
|
|
Cache::put('admin-dash:reports:spam-sync-active', 1, 900);
|
|
|
|
AccountInterstitial::chunk(500, function ($reports) {
|
|
foreach ($reports as $report) {
|
|
if ($report->item_type != 'App\Status') {
|
|
continue;
|
|
}
|
|
|
|
if ($report->type != 'post.autospam') {
|
|
continue;
|
|
}
|
|
|
|
if ($report->is_spam != null) {
|
|
continue;
|
|
}
|
|
|
|
$status = StatusService::get($report->item_id, false);
|
|
if (! $status) {
|
|
return;
|
|
}
|
|
$scope = $status['visibility'];
|
|
$report->is_spam = $scope == 'unlisted';
|
|
$report->in_violation = $report->is_spam;
|
|
$report->severity_index = 1;
|
|
$report->save();
|
|
}
|
|
});
|
|
|
|
Cache::forget('admin-dash:reports:spam-sync');
|
|
|
|
return redirect('/i/admin/reports/autospam');
|
|
}
|
|
|
|
public function updateSpam(Request $request, $id)
|
|
{
|
|
$this->validate($request, [
|
|
'action' => 'required|in:dismiss,approve,dismiss-all,approve-all,delete-account,mark-spammer',
|
|
]);
|
|
|
|
$action = $request->input('action');
|
|
$appeal = AccountInterstitial::whereType('post.autospam')
|
|
->whereNull('appeal_handled_at')
|
|
->findOrFail($id);
|
|
|
|
$meta = json_decode($appeal->meta);
|
|
$res = ['status' => 'success'];
|
|
$now = now();
|
|
Cache::forget('admin-dash:reports:spam-count:total');
|
|
Cache::forget('admin-dash:reports:spam-count:30d');
|
|
|
|
if ($action == 'delete-account') {
|
|
if (config('pixelfed.account_deletion') == false) {
|
|
abort(404);
|
|
}
|
|
|
|
$user = User::findOrFail($appeal->user_id);
|
|
$profile = $user->profile;
|
|
|
|
if ($user->is_admin == true) {
|
|
$mid = $request->user()->id;
|
|
abort_if($user->id < $mid, 403);
|
|
}
|
|
|
|
$ts = now()->addMonth();
|
|
$user->status = 'delete';
|
|
$profile->status = 'delete';
|
|
$user->delete_after = $ts;
|
|
$profile->delete_after = $ts;
|
|
$user->save();
|
|
$profile->save();
|
|
|
|
ModLogService::boot()
|
|
->objectUid($user->id)
|
|
->objectId($user->id)
|
|
->objectType('App\User::class')
|
|
->user($request->user())
|
|
->action('admin.user.delete')
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Cache::forget('profiles:private');
|
|
DeleteAccountPipeline::dispatch($user);
|
|
|
|
return;
|
|
}
|
|
|
|
if ($action == 'dismiss') {
|
|
$appeal->is_spam = true;
|
|
$appeal->appeal_handled_at = $now;
|
|
$appeal->save();
|
|
|
|
Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('admin-dash:reports:spam-count');
|
|
|
|
return $res;
|
|
}
|
|
|
|
if ($action == 'dismiss-all') {
|
|
AccountInterstitial::whereType('post.autospam')
|
|
->whereItemType('App\Status')
|
|
->whereNull('appeal_handled_at')
|
|
->whereUserId($appeal->user_id)
|
|
->update(['appeal_handled_at' => $now, 'is_spam' => true]);
|
|
Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('admin-dash:reports:spam-count');
|
|
|
|
return $res;
|
|
}
|
|
|
|
if ($action == 'approve-all') {
|
|
AccountInterstitial::whereType('post.autospam')
|
|
->whereItemType('App\Status')
|
|
->whereNull('appeal_handled_at')
|
|
->whereUserId($appeal->user_id)
|
|
->get()
|
|
->each(function ($report) use ($meta) {
|
|
$report->is_spam = false;
|
|
$report->appeal_handled_at = now();
|
|
$report->save();
|
|
$status = Status::find($report->item_id);
|
|
if ($status) {
|
|
$status->is_nsfw = $meta->is_nsfw;
|
|
$status->scope = 'public';
|
|
$status->visibility = 'public';
|
|
$status->save();
|
|
StatusService::del($status->id, true);
|
|
}
|
|
});
|
|
Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('admin-dash:reports:spam-count');
|
|
|
|
return $res;
|
|
}
|
|
|
|
if ($action == 'mark-spammer') {
|
|
AccountInterstitial::whereType('post.autospam')
|
|
->whereItemType('App\Status')
|
|
->whereNull('appeal_handled_at')
|
|
->whereUserId($appeal->user_id)
|
|
->update(['appeal_handled_at' => $now, 'is_spam' => true]);
|
|
|
|
$pro = Profile::whereUserId($appeal->user_id)->firstOrFail();
|
|
|
|
$pro->update([
|
|
'unlisted' => true,
|
|
'cw' => true,
|
|
'no_autolink' => true,
|
|
]);
|
|
|
|
Status::whereProfileId($pro->id)
|
|
->get()
|
|
->each(function ($report) {
|
|
$status->is_nsfw = $meta->is_nsfw;
|
|
$status->scope = 'public';
|
|
$status->visibility = 'public';
|
|
$status->save();
|
|
StatusService::del($status->id, true);
|
|
});
|
|
|
|
Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('admin-dash:reports:spam-count');
|
|
|
|
return $res;
|
|
}
|
|
|
|
$status = $appeal->status;
|
|
$status->is_nsfw = $meta->is_nsfw;
|
|
$status->scope = 'public';
|
|
$status->visibility = 'public';
|
|
$status->save();
|
|
|
|
$appeal->is_spam = false;
|
|
$appeal->appeal_handled_at = now();
|
|
$appeal->save();
|
|
|
|
StatusService::del($status->id);
|
|
|
|
Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('pf:bouncer_v0:recent_by_pid:'.$appeal->user->profile_id);
|
|
Cache::forget('admin-dash:reports:spam-count');
|
|
|
|
return $res;
|
|
}
|
|
|
|
public function updateAppeal(Request $request, $id)
|
|
{
|
|
$this->validate($request, [
|
|
'action' => 'required|in:dismiss,approve',
|
|
]);
|
|
|
|
$action = $request->input('action');
|
|
$appeal = AccountInterstitial::whereNotNull('appeal_requested_at')
|
|
->whereNull('appeal_handled_at')
|
|
->findOrFail($id);
|
|
|
|
if ($action == 'dismiss') {
|
|
$appeal->appeal_handled_at = now();
|
|
$appeal->save();
|
|
Cache::forget('admin-dash:reports:ai-count');
|
|
|
|
return redirect('/i/admin/reports/appeals');
|
|
}
|
|
|
|
switch ($appeal->type) {
|
|
case 'post.cw':
|
|
$status = $appeal->status;
|
|
$status->is_nsfw = false;
|
|
$status->save();
|
|
break;
|
|
|
|
case 'post.unlist':
|
|
$status = $appeal->status;
|
|
$status->scope = 'public';
|
|
$status->visibility = 'public';
|
|
$status->save();
|
|
break;
|
|
|
|
default:
|
|
// code...
|
|
break;
|
|
}
|
|
|
|
$appeal->appeal_handled_at = now();
|
|
$appeal->save();
|
|
StatusService::del($status->id, true);
|
|
Cache::forget('admin-dash:reports:ai-count');
|
|
|
|
return redirect('/i/admin/reports/appeals');
|
|
}
|
|
|
|
public function updateReport(Request $request, $id)
|
|
{
|
|
$this->validate($request, [
|
|
'action' => 'required|string',
|
|
]);
|
|
|
|
$action = $request->input('action');
|
|
|
|
$actions = [
|
|
'ignore',
|
|
'cw',
|
|
'unlist',
|
|
'delete',
|
|
'shadowban',
|
|
'ban',
|
|
];
|
|
|
|
if (! in_array($action, $actions)) {
|
|
return abort(403);
|
|
}
|
|
|
|
$report = Report::findOrFail($id);
|
|
|
|
$this->handleReportAction($report, $action);
|
|
Cache::forget('admin-dash:reports:list-cache');
|
|
|
|
return response()->json(['msg' => 'Success']);
|
|
}
|
|
|
|
public function handleReportAction(Report $report, $action)
|
|
{
|
|
$item = $report->reported();
|
|
$report->admin_seen = Carbon::now();
|
|
|
|
switch ($action) {
|
|
case 'ignore':
|
|
$report->not_interested = true;
|
|
break;
|
|
|
|
case 'cw':
|
|
Cache::forget('status:thumb:'.$item->id);
|
|
$item->is_nsfw = true;
|
|
$item->save();
|
|
$report->nsfw = true;
|
|
StatusService::del($item->id, true);
|
|
break;
|
|
|
|
case 'unlist':
|
|
$item->visibility = 'unlisted';
|
|
$item->save();
|
|
Cache::forget('profiles:private');
|
|
StatusService::del($item->id, true);
|
|
break;
|
|
|
|
case 'delete':
|
|
// Todo: fire delete job
|
|
$report->admin_seen = null;
|
|
StatusService::del($item->id, true);
|
|
break;
|
|
|
|
case 'shadowban':
|
|
// Todo: fire delete job
|
|
$report->admin_seen = null;
|
|
break;
|
|
|
|
case 'ban':
|
|
// Todo: fire delete job
|
|
$report->admin_seen = null;
|
|
break;
|
|
|
|
default:
|
|
$report->admin_seen = null;
|
|
break;
|
|
}
|
|
|
|
$report->save();
|
|
|
|
return $this;
|
|
}
|
|
|
|
protected function actionMap()
|
|
{
|
|
return [
|
|
'1' => 'ignore',
|
|
'2' => 'cw',
|
|
'3' => 'unlist',
|
|
'4' => 'delete',
|
|
'5' => 'shadowban',
|
|
'6' => 'ban',
|
|
];
|
|
}
|
|
|
|
public function bulkUpdateReport(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'action' => 'required|integer|min:1|max:10',
|
|
'ids' => 'required|array',
|
|
]);
|
|
$action = $this->actionMap()[$request->input('action')];
|
|
$ids = $request->input('ids');
|
|
$reports = Report::whereIn('id', $ids)->whereNull('admin_seen')->get();
|
|
foreach ($reports as $report) {
|
|
$this->handleReportAction($report, $action);
|
|
}
|
|
$res = [
|
|
'message' => 'Success',
|
|
'code' => 200,
|
|
];
|
|
|
|
return response()->json($res);
|
|
}
|
|
|
|
public function reportMailVerifications(Request $request)
|
|
{
|
|
$ids = Redis::smembers('email:manual');
|
|
$ignored = Redis::smembers('email:manual-ignored');
|
|
$reports = [];
|
|
if ($ids) {
|
|
$reports = collect($ids)
|
|
->filter(function ($id) use ($ignored) {
|
|
return ! in_array($id, $ignored);
|
|
})
|
|
->map(function ($id) {
|
|
$user = User::whereProfileId($id)->first();
|
|
if (! $user || $user->email_verified_at) {
|
|
return [];
|
|
}
|
|
$account = AccountService::get($id, true);
|
|
if (! $account) {
|
|
return [];
|
|
}
|
|
$account['email'] = $user->email;
|
|
|
|
return $account;
|
|
})
|
|
->filter(function ($res) {
|
|
return $res && isset($res['id']);
|
|
})
|
|
->values();
|
|
}
|
|
|
|
return view('admin.reports.mail_verification', compact('reports', 'ignored'));
|
|
}
|
|
|
|
public function reportMailVerifyIgnore(Request $request)
|
|
{
|
|
$id = $request->input('id');
|
|
Redis::sadd('email:manual-ignored', $id);
|
|
|
|
return redirect('/i/admin/reports');
|
|
}
|
|
|
|
public function reportMailVerifyApprove(Request $request)
|
|
{
|
|
$id = $request->input('id');
|
|
$user = User::whereProfileId($id)->firstOrFail();
|
|
Redis::srem('email:manual', $id);
|
|
Redis::srem('email:manual-ignored', $id);
|
|
$user->email_verified_at = now();
|
|
$user->save();
|
|
|
|
return redirect('/i/admin/reports');
|
|
}
|
|
|
|
public function reportMailVerifyClearIgnored(Request $request)
|
|
{
|
|
Redis::del('email:manual-ignored');
|
|
|
|
return [200];
|
|
}
|
|
|
|
public function reportsStats(Request $request)
|
|
{
|
|
$stats = [
|
|
'total' => Report::count(),
|
|
'open' => Report::whereNull('admin_seen')->count(),
|
|
'closed' => Report::whereNotNull('admin_seen')->count(),
|
|
'autospam' => AccountInterstitial::whereType('post.autospam')->count(),
|
|
'autospam_open' => AccountInterstitial::whereType('post.autospam')->whereNull(['appeal_handled_at'])->count(),
|
|
'appeals' => AccountInterstitial::whereNotNull('appeal_requested_at')->whereNull('appeal_handled_at')->count(),
|
|
'remote_open' => RemoteReport::whereNull('action_taken_at')->count(),
|
|
'email_verification_requests' => Redis::scard('email:manual'),
|
|
];
|
|
|
|
return $stats;
|
|
}
|
|
|
|
public function reportsApiAll(Request $request)
|
|
{
|
|
$filter = $request->input('filter') == 'closed' ? 'closed' : 'open';
|
|
|
|
$reports = AdminReport::collection(
|
|
Report::orderBy('id', 'desc')
|
|
->when($filter, function ($q, $filter) {
|
|
return $filter == 'open' ?
|
|
$q->whereNull('admin_seen') :
|
|
$q->whereNotNull('admin_seen');
|
|
})
|
|
->groupBy(['id', 'object_id', 'object_type', 'profile_id'])
|
|
->cursorPaginate(6)
|
|
->withQueryString()
|
|
);
|
|
|
|
return $reports;
|
|
}
|
|
|
|
public function reportsApiRemote(Request $request)
|
|
{
|
|
$filter = $request->input('filter') == 'closed' ? 'closed' : 'open';
|
|
|
|
$reports = AdminRemoteReport::collection(
|
|
RemoteReport::orderBy('id', 'desc')
|
|
->when($filter, function ($q, $filter) {
|
|
return $filter == 'open' ?
|
|
$q->whereNull('action_taken_at') :
|
|
$q->whereNotNull('action_taken_at');
|
|
})
|
|
->cursorPaginate(6)
|
|
->withQueryString()
|
|
);
|
|
|
|
return $reports;
|
|
}
|
|
|
|
public function reportsApiGet(Request $request, $id)
|
|
{
|
|
$report = Report::findOrFail($id);
|
|
|
|
return new AdminReport($report);
|
|
}
|
|
|
|
public function reportsApiHandle(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'object_id' => 'required',
|
|
'object_type' => 'required',
|
|
'id' => 'required',
|
|
'action' => 'required|in:ignore,nsfw,unlist,private,delete,delete-all',
|
|
'action_type' => 'required|in:post,profile,story',
|
|
]);
|
|
|
|
$report = Report::whereObjectId($request->input('object_id'))->findOrFail($request->input('id'));
|
|
|
|
if ($request->input('action_type') === 'profile') {
|
|
return $this->reportsHandleProfileAction($report, $request->input('action'));
|
|
} elseif ($request->input('action_type') === 'post') {
|
|
return $this->reportsHandleStatusAction($report, $request->input('action'));
|
|
} elseif ($request->input('action_type') === 'story') {
|
|
return $this->reportsHandleStoryAction($report, $request->input('action'));
|
|
}
|
|
|
|
return $report;
|
|
}
|
|
|
|
protected function reportsHandleStoryAction($report, $action)
|
|
{
|
|
switch ($action) {
|
|
case 'ignore':
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'delete':
|
|
$profile = Profile::find($report->reported_profile_id);
|
|
$story = Story::whereProfileId($profile->id)->find($report->object_id);
|
|
|
|
abort_if(! $story, 400, 'Invalid or missing story');
|
|
|
|
$story->active = false;
|
|
$story->save();
|
|
|
|
ModLogService::boot()
|
|
->objectUid($profile->id)
|
|
->objectId($report->object_id)
|
|
->objectType('App\Story::class')
|
|
->user(request()->user())
|
|
->action('admin.user.moderate')
|
|
->metadata([
|
|
'action' => 'delete',
|
|
'message' => 'Success!',
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
StoryDelete::dispatch($story)->onQueue('story');
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'delete-all':
|
|
$profile = Profile::find($report->reported_profile_id);
|
|
$stories = Story::whereProfileId($profile->id)->whereActive(true)->get();
|
|
|
|
abort_if(! $stories || ! $stories->count(), 400, 'Invalid or missing stories');
|
|
|
|
ModLogService::boot()
|
|
->objectUid($profile->id)
|
|
->objectId($report->object_id)
|
|
->objectType('App\Story::class')
|
|
->user(request()->user())
|
|
->action('admin.user.moderate')
|
|
->metadata([
|
|
'action' => 'delete-all',
|
|
'message' => 'Success!',
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::where('reported_profile_id', $profile->id)
|
|
->whereObjectType('App\Story')
|
|
->whereNull('admin_seen')
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
$stories->each(function ($story) {
|
|
StoryDelete::dispatch($story)->onQueue('story');
|
|
});
|
|
|
|
return [200];
|
|
break;
|
|
}
|
|
}
|
|
|
|
protected function reportsHandleProfileAction($report, $action)
|
|
{
|
|
switch ($action) {
|
|
case 'ignore':
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'nsfw':
|
|
if ($report->object_type === 'App\Profile') {
|
|
$profile = Profile::find($report->object_id);
|
|
} elseif ($report->object_type === 'App\Status') {
|
|
$status = Status::find($report->object_id);
|
|
if (! $status) {
|
|
return [200];
|
|
}
|
|
$profile = Profile::find($status->profile_id);
|
|
}
|
|
|
|
if (! $profile) {
|
|
return;
|
|
}
|
|
|
|
abort_if($profile->user && $profile->user->is_admin, 400, 'Cannot moderate an admin account.');
|
|
|
|
$profile->cw = true;
|
|
$profile->save();
|
|
|
|
if ($profile->remote_url) {
|
|
ModeratedProfile::updateOrCreate([
|
|
'profile_url' => $profile->remote_url,
|
|
'profile_id' => $profile->id,
|
|
], [
|
|
'is_nsfw' => true,
|
|
'domain' => $profile->domain,
|
|
]);
|
|
}
|
|
|
|
foreach (Status::whereProfileId($profile->id)->cursor() as $status) {
|
|
$status->is_nsfw = true;
|
|
$status->save();
|
|
StatusService::del($status->id);
|
|
PublicTimelineService::rem($status->id);
|
|
}
|
|
|
|
ModLogService::boot()
|
|
->objectUid($profile->id)
|
|
->objectId($profile->id)
|
|
->objectType('App\Profile::class')
|
|
->user(request()->user())
|
|
->action('admin.user.moderate')
|
|
->metadata([
|
|
'action' => 'cw',
|
|
'message' => 'Success!',
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'nsfw' => true,
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'unlist':
|
|
if ($report->object_type === 'App\Profile') {
|
|
$profile = Profile::find($report->object_id);
|
|
} elseif ($report->object_type === 'App\Status') {
|
|
$status = Status::find($report->object_id);
|
|
if (! $status) {
|
|
return [200];
|
|
}
|
|
$profile = Profile::find($status->profile_id);
|
|
}
|
|
|
|
if (! $profile) {
|
|
return;
|
|
}
|
|
|
|
abort_if($profile->user && $profile->user->is_admin, 400, 'Cannot moderate an admin account.');
|
|
|
|
$profile->unlisted = true;
|
|
$profile->save();
|
|
|
|
if ($profile->remote_url) {
|
|
ModeratedProfile::updateOrCreate([
|
|
'profile_url' => $profile->remote_url,
|
|
'profile_id' => $profile->id,
|
|
], [
|
|
'is_unlisted' => true,
|
|
'domain' => $profile->domain,
|
|
]);
|
|
}
|
|
|
|
foreach (Status::whereProfileId($profile->id)->whereScope('public')->cursor() as $status) {
|
|
$status->scope = 'unlisted';
|
|
$status->visibility = 'unlisted';
|
|
$status->save();
|
|
StatusService::del($status->id);
|
|
PublicTimelineService::rem($status->id);
|
|
}
|
|
|
|
ModLogService::boot()
|
|
->objectUid($profile->id)
|
|
->objectId($profile->id)
|
|
->objectType('App\Profile::class')
|
|
->user(request()->user())
|
|
->action('admin.user.moderate')
|
|
->metadata([
|
|
'action' => 'unlisted',
|
|
'message' => 'Success!',
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'private':
|
|
if ($report->object_type === 'App\Profile') {
|
|
$profile = Profile::find($report->object_id);
|
|
} elseif ($report->object_type === 'App\Status') {
|
|
$status = Status::find($report->object_id);
|
|
if (! $status) {
|
|
return [200];
|
|
}
|
|
$profile = Profile::find($status->profile_id);
|
|
}
|
|
|
|
if (! $profile) {
|
|
return;
|
|
}
|
|
|
|
abort_if($profile->user && $profile->user->is_admin, 400, 'Cannot moderate an admin account.');
|
|
|
|
$profile->unlisted = true;
|
|
$profile->save();
|
|
|
|
if ($profile->remote_url) {
|
|
ModeratedProfile::updateOrCreate([
|
|
'profile_url' => $profile->remote_url,
|
|
'profile_id' => $profile->id,
|
|
], [
|
|
'is_unlisted' => true,
|
|
'domain' => $profile->domain,
|
|
]);
|
|
}
|
|
|
|
foreach (Status::whereProfileId($profile->id)->cursor() as $status) {
|
|
$status->scope = 'private';
|
|
$status->visibility = 'private';
|
|
$status->save();
|
|
StatusService::del($status->id);
|
|
PublicTimelineService::rem($status->id);
|
|
}
|
|
|
|
ModLogService::boot()
|
|
->objectUid($profile->id)
|
|
->objectId($profile->id)
|
|
->objectType('App\Profile::class')
|
|
->user(request()->user())
|
|
->action('admin.user.moderate')
|
|
->metadata([
|
|
'action' => 'private',
|
|
'message' => 'Success!',
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'delete':
|
|
if (config('pixelfed.account_deletion') == false) {
|
|
abort(404);
|
|
}
|
|
|
|
if ($report->object_type === 'App\Profile') {
|
|
$profile = Profile::find($report->object_id);
|
|
} elseif ($report->object_type === 'App\Status') {
|
|
$status = Status::find($report->object_id);
|
|
if (! $status) {
|
|
return [200];
|
|
}
|
|
$profile = Profile::find($status->profile_id);
|
|
}
|
|
|
|
if (! $profile) {
|
|
return;
|
|
}
|
|
|
|
abort_if($profile->user && $profile->user->is_admin, 400, 'Cannot delete an admin account.');
|
|
|
|
$ts = now()->addMonth();
|
|
|
|
if ($profile->remote_url) {
|
|
ModeratedProfile::updateOrCreate([
|
|
'profile_url' => $profile->remote_url,
|
|
'profile_id' => $profile->id,
|
|
], [
|
|
'is_banned' => true,
|
|
'domain' => $profile->domain,
|
|
]);
|
|
}
|
|
|
|
if ($profile->user_id) {
|
|
$user = $profile->user;
|
|
abort_if($user->is_admin, 403, 'You cannot delete admin accounts.');
|
|
$user->status = 'delete';
|
|
$user->delete_after = $ts;
|
|
$user->save();
|
|
}
|
|
|
|
$profile->status = 'delete';
|
|
$profile->delete_after = $ts;
|
|
$profile->save();
|
|
|
|
ModLogService::boot()
|
|
->objectUid($profile->id)
|
|
->objectId($profile->id)
|
|
->objectType('App\Profile::class')
|
|
->user(request()->user())
|
|
->action('admin.user.delete')
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
if ($profile->user_id) {
|
|
DB::table('oauth_access_tokens')->whereUserId($user->id)->delete();
|
|
DB::table('oauth_auth_codes')->whereUserId($user->id)->delete();
|
|
$user->email = $user->id;
|
|
$user->password = '';
|
|
$user->status = 'delete';
|
|
$user->save();
|
|
$profile->status = 'delete';
|
|
$profile->delete_after = now()->addMonth();
|
|
$profile->save();
|
|
AccountService::del($profile->id);
|
|
DeleteAccountPipeline::dispatch($user)->onQueue('high');
|
|
} else {
|
|
$profile->status = 'delete';
|
|
$profile->delete_after = now()->addMonth();
|
|
$profile->save();
|
|
AccountService::del($profile->id);
|
|
DeleteRemoteProfilePipeline::dispatch($profile)->onQueue('high');
|
|
}
|
|
|
|
return [200];
|
|
break;
|
|
}
|
|
}
|
|
|
|
protected function reportsHandleStatusAction($report, $action)
|
|
{
|
|
switch ($action) {
|
|
case 'ignore':
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'nsfw':
|
|
$status = Status::find($report->object_id);
|
|
|
|
if (! $status) {
|
|
return [200];
|
|
}
|
|
|
|
abort_if($status->profile->user && $status->profile->user->is_admin, 400, 'Cannot moderate an admin account post.');
|
|
$status->is_nsfw = true;
|
|
$status->save();
|
|
StatusService::del($status->id);
|
|
|
|
ModLogService::boot()
|
|
->objectUid($status->profile_id)
|
|
->objectId($status->profile_id)
|
|
->objectType('App\Status::class')
|
|
->user(request()->user())
|
|
->action('admin.status.moderate')
|
|
->metadata([
|
|
'action' => 'cw',
|
|
'message' => 'Success!',
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'nsfw' => true,
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'private':
|
|
$status = Status::find($report->object_id);
|
|
|
|
if (! $status) {
|
|
return [200];
|
|
}
|
|
|
|
abort_if($status->profile->user && $status->profile->user->is_admin, 400, 'Cannot moderate an admin account post.');
|
|
|
|
$status->scope = 'private';
|
|
$status->visibility = 'private';
|
|
$status->save();
|
|
StatusService::del($status->id);
|
|
PublicTimelineService::rem($status->id);
|
|
|
|
ModLogService::boot()
|
|
->objectUid($status->profile_id)
|
|
->objectId($status->profile_id)
|
|
->objectType('App\Status::class')
|
|
->user(request()->user())
|
|
->action('admin.status.moderate')
|
|
->metadata([
|
|
'action' => 'private',
|
|
'message' => 'Success!',
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'unlist':
|
|
$status = Status::find($report->object_id);
|
|
|
|
if (! $status) {
|
|
return [200];
|
|
}
|
|
|
|
abort_if($status->profile->user && $status->profile->user->is_admin, 400, 'Cannot moderate an admin account post.');
|
|
|
|
if ($status->scope === 'public') {
|
|
$status->scope = 'unlisted';
|
|
$status->visibility = 'unlisted';
|
|
$status->save();
|
|
StatusService::del($status->id);
|
|
PublicTimelineService::rem($status->id);
|
|
}
|
|
|
|
ModLogService::boot()
|
|
->objectUid($status->profile_id)
|
|
->objectId($status->profile_id)
|
|
->objectType('App\Status::class')
|
|
->user(request()->user())
|
|
->action('admin.status.moderate')
|
|
->metadata([
|
|
'action' => 'unlist',
|
|
'message' => 'Success!',
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
|
|
case 'delete':
|
|
$status = Status::find($report->object_id);
|
|
|
|
if (! $status) {
|
|
return [200];
|
|
}
|
|
|
|
$profile = $status->profile;
|
|
|
|
abort_if($profile->user && $profile->user->is_admin, 400, 'Cannot delete an admin account post.');
|
|
|
|
StatusService::del($status->id);
|
|
|
|
if ($profile->user_id != null && $profile->domain == null) {
|
|
PublicTimelineService::del($status->id);
|
|
StatusDelete::dispatch($status)->onQueue('high');
|
|
} else {
|
|
NetworkTimelineService::del($status->id);
|
|
RemoteStatusDelete::dispatch($status)->onQueue('high');
|
|
}
|
|
|
|
Report::whereObjectId($report->object_id)
|
|
->whereObjectType($report->object_type)
|
|
->update([
|
|
'admin_seen' => now(),
|
|
]);
|
|
|
|
return [200];
|
|
break;
|
|
}
|
|
}
|
|
|
|
public function reportsApiSpamAll(Request $request)
|
|
{
|
|
$tab = $request->input('tab', 'home');
|
|
|
|
$appeals = AdminSpamReport::collection(
|
|
AccountInterstitial::orderBy('id', 'desc')
|
|
->whereType('post.autospam')
|
|
->whereNull('appeal_handled_at')
|
|
->cursorPaginate(6)
|
|
->withQueryString()
|
|
);
|
|
|
|
return $appeals;
|
|
}
|
|
|
|
public function reportsApiSpamHandle(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'id' => 'required',
|
|
'action' => 'required|in:mark-read,mark-not-spam,mark-all-read,mark-all-not-spam,delete-profile',
|
|
]);
|
|
|
|
$action = $request->input('action');
|
|
|
|
abort_if(
|
|
$action === 'delete-profile' &&
|
|
! config('pixelfed.account_deletion'),
|
|
404,
|
|
"Cannot delete profile, account_deletion is disabled.\n\n Set `ACCOUNT_DELETION=true` in .env and re-cache config."
|
|
);
|
|
|
|
$report = AccountInterstitial::with('user')
|
|
->whereType('post.autospam')
|
|
->whereNull('appeal_handled_at')
|
|
->findOrFail($request->input('id'));
|
|
|
|
$this->reportsHandleSpamAction($report, $action);
|
|
Cache::forget('admin-dash:reports:spam-count');
|
|
Cache::forget('pf:bouncer_v0:exemption_by_pid:'.$report->user->profile_id);
|
|
Cache::forget('pf:bouncer_v0:recent_by_pid:'.$report->user->profile_id);
|
|
|
|
return [$action, $report];
|
|
}
|
|
|
|
public function reportsHandleSpamAction($appeal, $action)
|
|
{
|
|
$meta = json_decode($appeal->meta);
|
|
|
|
if ($action == 'mark-read') {
|
|
$appeal->is_spam = true;
|
|
$appeal->appeal_handled_at = now();
|
|
$appeal->save();
|
|
PublicTimelineService::del($appeal->item_id);
|
|
}
|
|
|
|
if ($action == 'mark-not-spam') {
|
|
$status = $appeal->status;
|
|
$status->is_nsfw = $meta->is_nsfw;
|
|
$status->scope = 'public';
|
|
$status->visibility = 'public';
|
|
$status->save();
|
|
|
|
$appeal->is_spam = false;
|
|
$appeal->appeal_handled_at = now();
|
|
$appeal->save();
|
|
|
|
Notification::whereAction('autospam.warning')
|
|
->whereProfileId($appeal->user->profile_id)
|
|
->get()
|
|
->each(function ($n) use ($appeal) {
|
|
NotificationService::del($appeal->user->profile_id, $n->id);
|
|
$n->forceDelete();
|
|
});
|
|
|
|
StatusService::del($status->id);
|
|
StatusService::get($status->id);
|
|
if ($status->in_reply_to_id == null && $status->reblog_of_id == null) {
|
|
PublicTimelineService::add($status->id);
|
|
}
|
|
}
|
|
|
|
if ($action == 'mark-all-read') {
|
|
AccountInterstitial::whereType('post.autospam')
|
|
->whereItemType('App\Status')
|
|
->whereNull('appeal_handled_at')
|
|
->whereUserId($appeal->user_id)
|
|
->update([
|
|
'appeal_handled_at' => now(),
|
|
'is_spam' => true,
|
|
]);
|
|
}
|
|
|
|
if ($action == 'mark-all-not-spam') {
|
|
AccountInterstitial::whereType('post.autospam')
|
|
->whereItemType('App\Status')
|
|
->whereUserId($appeal->user_id)
|
|
->get()
|
|
->each(function ($report) use ($meta) {
|
|
$report->is_spam = false;
|
|
$report->appeal_handled_at = now();
|
|
$report->save();
|
|
$status = Status::find($report->item_id);
|
|
if ($status) {
|
|
$status->is_nsfw = $meta->is_nsfw;
|
|
$status->scope = 'public';
|
|
$status->visibility = 'public';
|
|
$status->save();
|
|
StatusService::del($status->id);
|
|
}
|
|
Notification::whereAction('autospam.warning')
|
|
->whereProfileId($report->user->profile_id)
|
|
->get()
|
|
->each(function ($n) use ($report) {
|
|
NotificationService::del($report->user->profile_id, $n->id);
|
|
$n->forceDelete();
|
|
});
|
|
});
|
|
}
|
|
|
|
if ($action == 'delete-profile') {
|
|
$user = User::findOrFail($appeal->user_id);
|
|
$profile = $user->profile;
|
|
|
|
if ($user->is_admin == true) {
|
|
$mid = request()->user()->id;
|
|
abort_if($user->id < $mid, 403, 'You cannot delete an admin account.');
|
|
}
|
|
|
|
$ts = now()->addMonth();
|
|
$user->status = 'delete';
|
|
$profile->status = 'delete';
|
|
$user->delete_after = $ts;
|
|
$profile->delete_after = $ts;
|
|
$user->save();
|
|
$profile->save();
|
|
|
|
$appeal->appeal_handled_at = now();
|
|
$appeal->save();
|
|
|
|
ModLogService::boot()
|
|
->objectUid($user->id)
|
|
->objectId($user->id)
|
|
->objectType('App\User::class')
|
|
->user(request()->user())
|
|
->action('admin.user.delete')
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
Cache::forget('profiles:private');
|
|
DeleteAccountPipeline::dispatch($user);
|
|
}
|
|
}
|
|
|
|
public function reportsApiSpamGet(Request $request, $id)
|
|
{
|
|
$report = AccountInterstitial::findOrFail($id);
|
|
|
|
return new AdminSpamReport($report);
|
|
}
|
|
|
|
public function reportsApiRemoteHandle(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'id' => 'required|exists:remote_reports,id',
|
|
'action' => 'required|in:mark-read,cw-posts,unlist-posts,delete-posts,private-posts,mark-all-read-by-domain,mark-all-read-by-username,cw-all-posts,private-all-posts,unlist-all-posts',
|
|
]);
|
|
|
|
$report = RemoteReport::findOrFail($request->input('id'));
|
|
$user = User::whereProfileId($report->account_id)->first();
|
|
$ogPublicStatuses = [];
|
|
$ogUnlistedStatuses = [];
|
|
$ogNonCwStatuses = [];
|
|
|
|
switch ($request->input('action')) {
|
|
case 'mark-read':
|
|
$report->action_taken_at = now();
|
|
$report->save();
|
|
break;
|
|
case 'mark-all-read-by-domain':
|
|
RemoteReport::whereInstanceId($report->instance_id)->update(['action_taken_at' => now()]);
|
|
break;
|
|
case 'cw-posts':
|
|
$statuses = Status::find($report->status_ids);
|
|
foreach ($statuses as $status) {
|
|
if ($report->account_id != $status->profile_id) {
|
|
continue;
|
|
}
|
|
if (! $status->is_nsfw) {
|
|
$ogNonCwStatuses[] = $status->id;
|
|
}
|
|
$status->is_nsfw = true;
|
|
$status->saveQuietly();
|
|
StatusService::del($status->id);
|
|
}
|
|
$report->action_taken_at = now();
|
|
$report->save();
|
|
break;
|
|
case 'cw-all-posts':
|
|
foreach (Status::whereProfileId($report->account_id)->lazyById(50, 'id') as $status) {
|
|
if ($status->is_nsfw || $status->reblog_of_id) {
|
|
continue;
|
|
}
|
|
if (! $status->is_nsfw) {
|
|
$ogNonCwStatuses[] = $status->id;
|
|
}
|
|
$status->is_nsfw = true;
|
|
$status->saveQuietly();
|
|
StatusService::del($status->id);
|
|
}
|
|
break;
|
|
case 'unlist-posts':
|
|
$statuses = Status::find($report->status_ids);
|
|
foreach ($statuses as $status) {
|
|
if ($report->account_id != $status->profile_id) {
|
|
continue;
|
|
}
|
|
if ($status->scope === 'public') {
|
|
$ogPublicStatuses[] = $status->id;
|
|
$status->scope = 'unlisted';
|
|
$status->visibility = 'unlisted';
|
|
$status->saveQuietly();
|
|
StatusService::del($status->id);
|
|
}
|
|
}
|
|
$report->action_taken_at = now();
|
|
$report->save();
|
|
break;
|
|
case 'unlist-all-posts':
|
|
foreach (Status::whereProfileId($report->account_id)->lazyById(50, 'id') as $status) {
|
|
if ($status->visibility !== 'public' || $status->reblog_of_id) {
|
|
continue;
|
|
}
|
|
$ogPublicStatuses[] = $status->id;
|
|
$status->visibility = 'unlisted';
|
|
$status->scope = 'unlisted';
|
|
$status->saveQuietly();
|
|
StatusService::del($status->id);
|
|
}
|
|
break;
|
|
case 'private-posts':
|
|
$statuses = Status::find($report->status_ids);
|
|
foreach ($statuses as $status) {
|
|
if ($report->account_id != $status->profile_id) {
|
|
continue;
|
|
}
|
|
if (in_array($status->scope, ['public', 'unlisted', 'private'])) {
|
|
if ($status->scope === 'public') {
|
|
$ogPublicStatuses[] = $status->id;
|
|
}
|
|
$status->scope = 'private';
|
|
$status->visibility = 'private';
|
|
$status->saveQuietly();
|
|
StatusService::del($status->id);
|
|
}
|
|
}
|
|
$report->action_taken_at = now();
|
|
$report->save();
|
|
break;
|
|
case 'private-all-posts':
|
|
foreach (Status::whereProfileId($report->account_id)->lazyById(50, 'id') as $status) {
|
|
if (! in_array($status->visibility, ['public', 'unlisted']) || $status->reblog_of_id) {
|
|
continue;
|
|
}
|
|
if ($status->visibility === 'public') {
|
|
$ogPublicStatuses[] = $status->id;
|
|
} elseif ($status->visibility === 'unlisted') {
|
|
$ogUnlistedStatuses[] = $status->id;
|
|
}
|
|
$status->visibility = 'private';
|
|
$status->scope = 'private';
|
|
$status->saveQuietly();
|
|
StatusService::del($status->id);
|
|
}
|
|
break;
|
|
case 'delete-posts':
|
|
$statuses = Status::find($report->status_ids);
|
|
foreach ($statuses as $status) {
|
|
if ($report->account_id != $status->profile_id) {
|
|
continue;
|
|
}
|
|
StatusDelete::dispatch($status);
|
|
}
|
|
$report->action_taken_at = now();
|
|
$report->save();
|
|
break;
|
|
case 'mark-all-read-by-username':
|
|
RemoteReport::whereNull('action_taken_at')->whereAccountId($report->account_id)->update(['action_taken_at' => now()]);
|
|
break;
|
|
|
|
default:
|
|
abort(404);
|
|
break;
|
|
}
|
|
|
|
if ($ogPublicStatuses && count($ogPublicStatuses)) {
|
|
Storage::disk('local')->put('mod-log-cache/'.$report->account_id.'/'.now()->format('Y-m-d').'-og-public-statuses.json', json_encode($ogPublicStatuses, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
|
|
}
|
|
|
|
if ($ogNonCwStatuses && count($ogNonCwStatuses)) {
|
|
Storage::disk('local')->put('mod-log-cache/'.$report->account_id.'/'.now()->format('Y-m-d').'-og-noncw-statuses.json', json_encode($ogNonCwStatuses, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
|
|
}
|
|
|
|
if ($ogUnlistedStatuses && count($ogUnlistedStatuses)) {
|
|
Storage::disk('local')->put('mod-log-cache/'.$report->account_id.'/'.now()->format('Y-m-d').'-og-unlisted-statuses.json', json_encode($ogUnlistedStatuses, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
|
|
}
|
|
|
|
ModLogService::boot()
|
|
->user(request()->user())
|
|
->objectUid($user ? $user->id : null)
|
|
->objectId($report->id)
|
|
->objectType('App\Report::class')
|
|
->action('admin.report.moderate')
|
|
->metadata([
|
|
'action' => $request->input('action'),
|
|
'duration_active' => now()->parse($report->created_at)->diffForHumans(),
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
if ($report->status_ids) {
|
|
foreach ($report->status_ids as $sid) {
|
|
RemoteReport::whereNull('action_taken_at')
|
|
->whereJsonContains('status_ids', [$sid])
|
|
->update(['action_taken_at' => now()]);
|
|
}
|
|
}
|
|
|
|
return [200];
|
|
}
|
|
|
|
public function getModeratedProfiles(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'search' => 'sometimes|string|min:3|max:120',
|
|
]);
|
|
|
|
if ($request->filled('search')) {
|
|
$query = '%'.$request->input('search').'%';
|
|
$profiles = DB::table('moderated_profiles')
|
|
->join('profiles', 'moderated_profiles.profile_id', '=', 'profiles.id')
|
|
->where('profiles.username', 'LIKE', $query)
|
|
->select('moderated_profiles.*', 'profiles.username')
|
|
->orderByDesc('moderated_profiles.id')
|
|
->cursorPaginate(10);
|
|
|
|
return AdminModeratedProfileResource::collection($profiles);
|
|
}
|
|
$profiles = ModeratedProfile::orderByDesc('id')->cursorPaginate(10);
|
|
|
|
return AdminModeratedProfileResource::collection($profiles);
|
|
}
|
|
|
|
public function getModeratedProfile(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'id' => 'required',
|
|
]);
|
|
|
|
$profile = ModeratedProfile::findOrFail($request->input('id'));
|
|
|
|
return new AdminModeratedProfileResource($profile);
|
|
}
|
|
|
|
public function exportModeratedProfiles(Request $request)
|
|
{
|
|
return response()->streamDownload(function () {
|
|
$profiles = ModeratedProfile::get();
|
|
$res = AdminModeratedProfileResource::collection($profiles);
|
|
echo json_encode([
|
|
'_pixelfed_export' => true,
|
|
'meta' => [
|
|
'ns' => 'https://pixelfed.org',
|
|
'origin' => config('pixelfed.domain.app'),
|
|
'date' => now()->format('c'),
|
|
'type' => 'moderated-profiles',
|
|
'version' => "1.0"
|
|
],
|
|
'data' => $res
|
|
], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES);
|
|
}, 'data-export.json');
|
|
}
|
|
|
|
public function deleteModeratedProfile(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'id' => 'required',
|
|
]);
|
|
|
|
$profile = ModeratedProfile::findOrFail($request->input('id'));
|
|
|
|
ModLogService::boot()
|
|
->objectUid($profile->profile_id)
|
|
->objectId($profile->id)
|
|
->objectType('App\Models\ModeratedProfile::class')
|
|
->user(request()->user())
|
|
->action('admin.moderated-profiles.delete')
|
|
->metadata([
|
|
'profile_url' => $profile->profile_url,
|
|
'profile_id' => $profile->profile_id,
|
|
'domain' => $profile->domain,
|
|
'note' => $profile->note,
|
|
'is_banned' => $profile->is_banned,
|
|
'is_nsfw' => $profile->is_nsfw,
|
|
'is_unlisted' => $profile->is_unlisted,
|
|
'is_noautolink' => $profile->is_noautolink,
|
|
'is_nodms' => $profile->is_nodms,
|
|
'is_notrending' => $profile->is_notrending,
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
$profile->delete();
|
|
|
|
return ['status' => 200, 'message' => 'Successfully deleted moderated profile!'];
|
|
}
|
|
|
|
public function updateModeratedProfile(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'id' => 'required|exists:moderated_profiles',
|
|
'note' => 'sometimes|nullable|string|max:500',
|
|
'is_banned' => 'required|boolean',
|
|
'is_noautolink' => 'required|boolean',
|
|
'is_nodms' => 'required|boolean',
|
|
'is_notrending' => 'required|boolean',
|
|
'is_nsfw' => 'required|boolean',
|
|
'is_unlisted' => 'required|boolean',
|
|
]);
|
|
|
|
$fields = [
|
|
'note',
|
|
'is_banned',
|
|
'is_noautolink',
|
|
'is_nodms',
|
|
'is_notrending',
|
|
'is_nsfw',
|
|
'is_unlisted',
|
|
];
|
|
|
|
$profile = ModeratedProfile::findOrFail($request->input('id'));
|
|
$profile->update($request->only($fields));
|
|
|
|
ModLogService::boot()
|
|
->objectUid($profile->profile_id)
|
|
->objectId($profile->id)
|
|
->objectType('App\Models\ModeratedProfile::class')
|
|
->user(request()->user())
|
|
->action('admin.moderated-profiles.update')
|
|
->metadata($request->only($fields))
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
return [200];
|
|
}
|
|
|
|
public function createModeratedProfile(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'url' => 'required|url|starts_with:https://',
|
|
]);
|
|
|
|
$url = $request->input('url');
|
|
$host = parse_url($url, PHP_URL_HOST);
|
|
|
|
abort_if($host === config('pixelfed.domain.app'), 400, 'You cannot add local users!');
|
|
|
|
$exists = ModeratedProfile::whereProfileUrl($url)->exists();
|
|
abort_if($exists, 400, 'Moderated profile already exists!');
|
|
|
|
$profile = Profile::whereRemoteUrl($url)->first();
|
|
|
|
if ($profile) {
|
|
$rec = ModeratedProfile::updateOrCreate([
|
|
'profile_id' => $profile->id,
|
|
], [
|
|
'profile_url' => $profile->remote_url,
|
|
'domain' => $profile->domain,
|
|
]);
|
|
|
|
ModLogService::boot()
|
|
->objectUid($rec->profile_id)
|
|
->objectId($rec->id)
|
|
->objectType('App\Models\ModeratedProfile::class')
|
|
->user(request()->user())
|
|
->action('admin.moderated-profiles.create')
|
|
->metadata([
|
|
'profile_existed' => true,
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
return $rec;
|
|
}
|
|
|
|
$remoteSearch = Helpers::profileFetch($url);
|
|
|
|
if ($remoteSearch) {
|
|
$rec = ModeratedProfile::updateOrCreate([
|
|
'profile_id' => $remoteSearch->id,
|
|
], [
|
|
'profile_url' => $remoteSearch->remote_url,
|
|
'domain' => $remoteSearch->domain,
|
|
]);
|
|
|
|
ModLogService::boot()
|
|
->objectUid($rec->profile_id)
|
|
->objectId($rec->id)
|
|
->objectType('App\Models\ModeratedProfile::class')
|
|
->user(request()->user())
|
|
->action('admin.moderated-profiles.create')
|
|
->metadata([
|
|
'profile_existed' => false,
|
|
])
|
|
->accessLevel('admin')
|
|
->save();
|
|
|
|
return $rec;
|
|
}
|
|
abort(400, 'Invalid account');
|
|
}
|
|
}
|