Merge pull request #1977 from pixelfed/staging

Update status edit view

app/Http/Controllers/Api/ApiV1Controller.php

@@ -978,6 +978,9 @@ class ApiV1Controller extends Controller
             }
         }
 
+        $filterClass = in_array($request->input('filter_class'), Filter::classes()) ? $request->input('filter_class') : null;
+        $filterName = in_array($request->input('filter_name'), Filter::names()) ? $request->input('filter_name') : null;
+
         $monthHash = hash('sha1', date('Y').date('m'));
         $userHash = hash('sha1', $user->id . (string) $user->created_at);
 
@@ -1001,8 +1004,8 @@ class ApiV1Controller extends Controller
         $media->size = $photo->getSize();
         $media->mime = $photo->getMimeType();
         $media->caption = $request->input('description');
-        $media->filter_class = $request->input('filter_class');
-        $media->filter_name = $request->input('filter_name');
+        $media->filter_class = $filterClass;
+        $media->filter_name = $filterName;
         $media->save();
         
         switch ($media->mime) {

app/Http/Controllers/Api/BaseApiController.php

@@ -24,6 +24,7 @@ use App\Transformer\Api\{
     StatusTransformer
 };
 use League\Fractal;
+use App\Util\Media\Filter;
 use League\Fractal\Serializer\ArraySerializer;
 use League\Fractal\Pagination\IlluminatePaginatorAdapter;
 use App\Jobs\AvatarPipeline\AvatarOptimize;
@@ -231,6 +232,9 @@ class BaseApiController extends Controller
             }
         }
 
+        $filterClass = in_array($request->input('filter_class'), Filter::classes()) ? $request->input('filter_class') : null;
+        $filterName = in_array($request->input('filter_name'), Filter::names()) ? $request->input('filter_name') : null;
+
         $monthHash = hash('sha1', date('Y').date('m'));
         $userHash = hash('sha1', $user->id . (string) $user->created_at);
 
@@ -253,8 +257,8 @@ class BaseApiController extends Controller
         $media->original_sha256 = $hash;
         $media->size = $photo->getSize();
         $media->mime = $photo->getMimeType();
-        $media->filter_class = $request->input('filter_class');
-        $media->filter_name = $request->input('filter_name');
+        $media->filter_class = $filterClass;
+        $media->filter_name = $filterName;
         $media->save();
 
         $url = URL::temporarySignedRoute(

app/Http/Controllers/StatusController.php

@@ -229,8 +229,8 @@ class StatusController extends Controller
         $user = Auth::user()->profile;
         $status = Status::whereProfileId($user->id)
                 ->with(['media'])
+                ->where('created_at', '>', now()->subHours(24))
                 ->findOrFail($id);
-
         return view('status.edit', compact('user', 'status'));
     }
 
@@ -240,6 +240,7 @@ class StatusController extends Controller
         $user = Auth::user()->profile;
         $status = Status::whereProfileId($user->id)
                 ->with(['media'])
+                ->where('created_at', '>', now()->subHours(24))
                 ->findOrFail($id);
 
         $this->validate($request, [
@@ -254,7 +255,7 @@ class StatusController extends Controller
 
         $media = Media::whereProfileId($user->id)
             ->whereStatusId($status->id)
-            ->find($id);
+            ->findOrFail($id);
 
         $changed = false;
 
@@ -263,7 +264,7 @@ class StatusController extends Controller
             $changed = true;
         }
 
-        if ($media->filter_class != $filter) {
+        if ($media->filter_class != $filter && in_array($filter, Filter::classes())) {
             $media->filter_class = $filter;
             $changed = true;
         }

app/Util/RateLimit/User.php

@@ -113,4 +113,14 @@ trait User {
 	{
 		return 35;
 	}
+
+	public function getMaxPostEditsPerHourAttribute()
+	{
+		return 10;
+	}
+
+	public function getMaxPostEditsPerDayAttribute()
+	{
+		return 20;
+	}
 }

resources/views/status/edit.blade.php

@@ -38,7 +38,7 @@
 							@csrf
 							<input type="hidden" name="media_id" value="{{$media->id}}">
 							<div class="filter-wrapper {{$media->filter_class}}" data-filter="{{$media->filter_class}}">
-								<img class="img-fluid" src="{{$media->thumbnailUrl()}}" width="100%">
+								<img class="img-fluid" src="{{$media->url()}}" width="100%">
 							</div>
 							<div class="p-3">
 								<div class="form-group">
@@ -69,12 +69,9 @@
 @endsection
 
 @push('scripts')
-<script type="text/javascript" src="{{ mix('js/compose.js') }}"></script>
 <script type="text/javascript">
 	$(document).ready(function() {
-		new Vue({ 
-			el: '#content'
-		});
+		App.boot();
 		$('.form-filters').each(function(i,d) {
 			let el = $(d);
 			let filter = el.data('filter');

routes/web.php

@@ -405,7 +405,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
     Route::get('p/{username}/{id}/c', 'CommentController@showAll');
     Route::get('p/{username}/{id}/embed', 'StatusController@showEmbed');
     Route::get('p/{username}/{id}/edit', 'StatusController@edit');
-    Route::post('p/{username}/{id}/edit', 'StatusController@editStore');
+    Route::post('p/{username}/{id}/edit', 'StatusController@editStore')->middleware('throttle:maxPostEditsPerHour,60')->middleware('throttle:maxPostEditsPerDay,1440');
     Route::get('p/{username}/{id}.json', 'StatusController@showObject');
     Route::get('p/{username}/{id}', 'StatusController@show');
     Route::get('{username}/embed', 'ProfileController@embed');