|
@@ -458,7 +458,7 @@ class ApiV1Controller extends Controller
|
|
|
abort_if(!$account, 404);
|
|
abort_if(!$account, 404);
|
|
|
$pid = $request->user()->profile_id;
|
|
$pid = $request->user()->profile_id;
|
|
|
|
|
|
|
|
- if($pid != $account['id']) {
|
|
|
|
|
|
|
+ if(intval($pid) !== intval($account['id'])) {
|
|
|
if($account['locked']) {
|
|
if($account['locked']) {
|
|
|
if(!FollowerService::follows($pid, $account['id'])) {
|
|
if(!FollowerService::follows($pid, $account['id'])) {
|
|
|
return [];
|
|
return [];
|
|
@@ -505,7 +505,7 @@ class ApiV1Controller extends Controller
|
|
|
abort_if(!$account, 404);
|
|
abort_if(!$account, 404);
|
|
|
$pid = $request->user()->profile_id;
|
|
$pid = $request->user()->profile_id;
|
|
|
|
|
|
|
|
- if($pid != $account['id']) {
|
|
|
|
|
|
|
+ if(intval($pid) !== intval($account['id'])) {
|
|
|
if($account['locked']) {
|
|
if($account['locked']) {
|
|
|
if(!FollowerService::follows($pid, $account['id'])) {
|
|
if(!FollowerService::follows($pid, $account['id'])) {
|
|
|
return [];
|
|
return [];
|
|
@@ -564,7 +564,7 @@ class ApiV1Controller extends Controller
|
|
|
$profile = $napi ? AccountService::get($id, true) : AccountService::getMastodon($id, true);
|
|
$profile = $napi ? AccountService::get($id, true) : AccountService::getMastodon($id, true);
|
|
|
|
|
|
|
|
if(!$profile || !isset($profile['id']) || !$user) {
|
|
if(!$profile || !isset($profile['id']) || !$user) {
|
|
|
- return response('', 404);
|
|
|
|
|
|
|
+ return $this->json(['error' => 'Account not found'], 404);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
$limit = $request->limit ?? 20;
|
|
$limit = $request->limit ?? 20;
|
|
@@ -587,7 +587,7 @@ class ApiV1Controller extends Controller
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- if($pid == $profile['id']) {
|
|
|
|
|
|
|
+ if(intval($pid) === intval($profile['id'])) {
|
|
|
$visibility = ['public', 'unlisted', 'private'];
|
|
$visibility = ['public', 'unlisted', 'private'];
|
|
|
} else if($profile['locked']) {
|
|
} else if($profile['locked']) {
|
|
|
$following = FollowerService::follows($pid, $profile['id']);
|
|
$following = FollowerService::follows($pid, $profile['id']);
|
|
@@ -817,7 +817,7 @@ class ApiV1Controller extends Controller
|
|
|
$pid = $request->user()->profile_id ?? $request->user()->profile->id;
|
|
$pid = $request->user()->profile_id ?? $request->user()->profile->id;
|
|
|
$res = collect($request->input('id'))
|
|
$res = collect($request->input('id'))
|
|
|
->filter(function($id) use($pid) {
|
|
->filter(function($id) use($pid) {
|
|
|
- return $id != $pid;
|
|
|
|
|
|
|
+ return intval($id) !== intval($pid);
|
|
|
})
|
|
})
|
|
|
->map(function($id) use($pid) {
|
|
->map(function($id) use($pid) {
|
|
|
return RelationshipService::get($pid, $id);
|
|
return RelationshipService::get($pid, $id);
|
|
@@ -848,15 +848,21 @@ class ApiV1Controller extends Controller
|
|
|
$resolve = (bool) $request->input('resolve', false);
|
|
$resolve = (bool) $request->input('resolve', false);
|
|
|
$q = '%' . $query . '%';
|
|
$q = '%' . $query . '%';
|
|
|
|
|
|
|
|
- $profiles = Profile::whereNull('status')
|
|
|
|
|
- ->where('username', 'like', $q)
|
|
|
|
|
- ->orWhere('name', 'like', $q)
|
|
|
|
|
- ->limit($limit)
|
|
|
|
|
- ->get();
|
|
|
|
|
|
|
+ $profiles = Cache::remember('api:v1:accounts:search:' . sha1($query) . ':limit:' . $limit, 86400, function() use($q, $limit) {
|
|
|
|
|
+ return Profile::whereNull('status')
|
|
|
|
|
+ ->where('username', 'like', $q)
|
|
|
|
|
+ ->orWhere('name', 'like', $q)
|
|
|
|
|
+ ->limit($limit)
|
|
|
|
|
+ ->pluck('id')
|
|
|
|
|
+ ->map(function($id) {
|
|
|
|
|
+ return AccountService::getMastodon($id);
|
|
|
|
|
+ })
|
|
|
|
|
+ ->filter(function($account) {
|
|
|
|
|
+ return $account && isset($account['id']);
|
|
|
|
|
+ });
|
|
|
|
|
+ });
|
|
|
|
|
|
|
|
- $resource = new Fractal\Resource\Collection($profiles, new AccountTransformer());
|
|
|
|
|
- $res = $this->fractal->createData($resource)->toArray();
|
|
|
|
|
- return $this->json($res);
|
|
|
|
|
|
|
+ return $this->json($profiles);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
/**
|
|
@@ -908,7 +914,7 @@ class ApiV1Controller extends Controller
|
|
|
$user = $request->user();
|
|
$user = $request->user();
|
|
|
$pid = $user->profile_id ?? $user->profile->id;
|
|
$pid = $user->profile_id ?? $user->profile->id;
|
|
|
|
|
|
|
|
- if($id == $pid) {
|
|
|
|
|
|
|
+ if(intval($id) === intval($pid)) {
|
|
|
abort(400, 'You cannot block yourself');
|
|
abort(400, 'You cannot block yourself');
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -953,7 +959,7 @@ class ApiV1Controller extends Controller
|
|
|
$user = $request->user();
|
|
$user = $request->user();
|
|
|
$pid = $user->profile_id ?? $user->profile->id;
|
|
$pid = $user->profile_id ?? $user->profile->id;
|
|
|
|
|
|
|
|
- if($id == $pid) {
|
|
|
|
|
|
|
+ if(intval($id) === intval($pid)) {
|
|
|
abort(400, 'You cannot unblock yourself');
|
|
abort(400, 'You cannot unblock yourself');
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -1088,7 +1094,7 @@ class ApiV1Controller extends Controller
|
|
|
|
|
|
|
|
$spid = $status['account']['id'];
|
|
$spid = $status['account']['id'];
|
|
|
|
|
|
|
|
- if($spid !== $user->profile_id) {
|
|
|
|
|
|
|
+ if(intval($spid) !== intval($user->profile_id)) {
|
|
|
if($status['visibility'] == 'private') {
|
|
if($status['visibility'] == 'private') {
|
|
|
abort_if(!FollowerService::follows($user->profile_id, $spid), 403);
|
|
abort_if(!FollowerService::follows($user->profile_id, $spid), 403);
|
|
|
} else {
|
|
} else {
|
|
@@ -1143,7 +1149,7 @@ class ApiV1Controller extends Controller
|
|
|
|
|
|
|
|
$status = Status::findOrFail($id);
|
|
$status = Status::findOrFail($id);
|
|
|
|
|
|
|
|
- if($status->profile_id !== $user->profile_id) {
|
|
|
|
|
|
|
+ if(intval($status->profile_id) !== intval($user->profile_id)) {
|
|
|
if($status->scope == 'private') {
|
|
if($status->scope == 'private') {
|
|
|
abort_if(!$status->profile->followedBy($user->profile), 403);
|
|
abort_if(!$status->profile->followedBy($user->profile), 403);
|
|
|
} else {
|
|
} else {
|
|
@@ -1770,6 +1776,10 @@ class ApiV1Controller extends Controller
|
|
|
$user = $request->user();
|
|
$user = $request->user();
|
|
|
$pid = $user->profile_id;
|
|
$pid = $user->profile_id;
|
|
|
|
|
|
|
|
|
|
+ if(intval($pid) === intval($id)) {
|
|
|
|
|
+ return $this->json(['error' => 'You cannot mute yourself'], 500);
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
$account = Profile::findOrFail($id);
|
|
$account = Profile::findOrFail($id);
|
|
|
|
|
|
|
|
$filter = UserFilter::firstOrCreate([
|
|
$filter = UserFilter::firstOrCreate([
|
|
@@ -1803,6 +1813,10 @@ class ApiV1Controller extends Controller
|
|
|
$user = $request->user();
|
|
$user = $request->user();
|
|
|
$pid = $user->profile_id;
|
|
$pid = $user->profile_id;
|
|
|
|
|
|
|
|
|
|
+ if(intval($pid) === intval($id)) {
|
|
|
|
|
+ return $this->json(['error' => 'You cannot unmute yourself'], 500);
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
$account = Profile::findOrFail($id);
|
|
$account = Profile::findOrFail($id);
|
|
|
|
|
|
|
|
$filter = UserFilter::whereUserId($pid)
|
|
$filter = UserFilter::whereUserId($pid)
|
|
@@ -2228,7 +2242,7 @@ class ApiV1Controller extends Controller
|
|
|
$scope = $res['visibility'];
|
|
$scope = $res['visibility'];
|
|
|
if(!in_array($scope, ['public', 'unlisted'])) {
|
|
if(!in_array($scope, ['public', 'unlisted'])) {
|
|
|
if($scope === 'private') {
|
|
if($scope === 'private') {
|
|
|
- if($res['account']['id'] != $user->profile_id) {
|
|
|
|
|
|
|
+ if(intval($res['account']['id']) !== intval($user->profile_id)) {
|
|
|
abort_unless(FollowerService::follows($user->profile_id, $res['account']['id']), 403);
|
|
abort_unless(FollowerService::follows($user->profile_id, $res['account']['id']), 403);
|
|
|
}
|
|
}
|
|
|
} else {
|
|
} else {
|
|
@@ -2261,7 +2275,7 @@ class ApiV1Controller extends Controller
|
|
|
return response('', 404);
|
|
return response('', 404);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- if($status['account']['id'] != $user->profile_id) {
|
|
|
|
|
|
|
+ if(intval($status['account']['id']) !== intval($user->profile_id)) {
|
|
|
if($status['visibility'] == 'private') {
|
|
if($status['visibility'] == 'private') {
|
|
|
if(!FollowerService::follows($user->profile_id, $status['account']['id'])) {
|
|
if(!FollowerService::follows($user->profile_id, $status['account']['id'])) {
|
|
|
return response('', 404);
|
|
return response('', 404);
|
|
@@ -2341,7 +2355,7 @@ class ApiV1Controller extends Controller
|
|
|
$user = $request->user();
|
|
$user = $request->user();
|
|
|
$status = Status::findOrFail($id);
|
|
$status = Status::findOrFail($id);
|
|
|
|
|
|
|
|
- if($status->profile_id !== $user->profile_id) {
|
|
|
|
|
|
|
+ if(intval($status->profile_id) !== intval($user->profile_id)) {
|
|
|
if($status->scope == 'private') {
|
|
if($status->scope == 'private') {
|
|
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
|
|
} else {
|
|
} else {
|
|
@@ -2407,7 +2421,7 @@ class ApiV1Controller extends Controller
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- if($status->profile_id !== $user->profile_id) {
|
|
|
|
|
|
|
+ if(intval($status->profile_id) !== intval($user->profile_id)) {
|
|
|
if($status->scope == 'private') {
|
|
if($status->scope == 'private') {
|
|
|
abort_if(!$status->profile->followedBy($user->profile), 403);
|
|
abort_if(!$status->profile->followedBy($user->profile), 403);
|
|
|
} else {
|
|
} else {
|
|
@@ -2644,7 +2658,7 @@ class ApiV1Controller extends Controller
|
|
|
$user = $request->user();
|
|
$user = $request->user();
|
|
|
$status = Status::whereScope('public')->findOrFail($id);
|
|
$status = Status::whereScope('public')->findOrFail($id);
|
|
|
|
|
|
|
|
- if($status->profile_id !== $user->profile_id) {
|
|
|
|
|
|
|
+ if(intval($status->profile_id) !== intval($user->profile_id)) {
|
|
|
if($status->scope == 'private') {
|
|
if($status->scope == 'private') {
|
|
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
|
|
} else {
|
|
} else {
|
|
@@ -2692,7 +2706,7 @@ class ApiV1Controller extends Controller
|
|
|
$user = $request->user();
|
|
$user = $request->user();
|
|
|
$status = Status::whereScope('public')->findOrFail($id);
|
|
$status = Status::whereScope('public')->findOrFail($id);
|
|
|
|
|
|
|
|
- if($status->profile_id !== $user->profile_id) {
|
|
|
|
|
|
|
+ if(intval($status->profile_id) !== intval($user->profile_id)) {
|
|
|
if($status->scope == 'private') {
|
|
if($status->scope == 'private') {
|
|
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
|
|
} else {
|
|
} else {
|
Daniel Supernault