ProfileController.php 8.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248
  1. <?php
  2. namespace App\Http\Controllers;
  3. use Illuminate\Http\Request;
  4. use Auth;
  5. use Cache;
  6. use View;
  7. use App\Follower;
  8. use App\FollowRequest;
  9. use App\Profile;
  10. use App\Story;
  11. use App\User;
  12. use App\UserFilter;
  13. use League\Fractal;
  14. use App\Util\Lexer\Nickname;
  15. use App\Util\Webfinger\Webfinger;
  16. use App\Transformer\ActivityPub\ProfileOutbox;
  17. use App\Transformer\ActivityPub\ProfileTransformer;
  18. class ProfileController extends Controller
  19. {
  20. public function show(Request $request, $username)
  21. {
  22. $user = Profile::whereNull('domain')
  23. ->whereNull('status')
  24. ->whereUsername($username)
  25. ->firstOrFail();
  26. if($request->wantsJson() && config('federation.activitypub.enabled')) {
  27. return $this->showActivityPub($request, $user);
  28. }
  29. return $this->buildProfile($request, $user);
  30. }
  31. protected function buildProfile(Request $request, $user)
  32. {
  33. $username = $user->username;
  34. $loggedIn = Auth::check();
  35. $isPrivate = false;
  36. $isBlocked = false;
  37. if(!$loggedIn) {
  38. $key = 'profile:settings:' . $user->id;
  39. $ttl = now()->addHours(6);
  40. $settings = Cache::remember($key, $ttl, function() use($user) {
  41. return $user->user->settings;
  42. });
  43. if ($user->is_private == true) {
  44. abort(404);
  45. }
  46. $owner = false;
  47. $is_following = false;
  48. $is_admin = $user->user->is_admin;
  49. $profile = $user;
  50. $settings = [
  51. 'crawlable' => $settings->crawlable,
  52. 'following' => [
  53. 'count' => $settings->show_profile_following_count,
  54. 'list' => $settings->show_profile_following
  55. ],
  56. 'followers' => [
  57. 'count' => $settings->show_profile_follower_count,
  58. 'list' => $settings->show_profile_followers
  59. ]
  60. ];
  61. $ui = $request->has('ui') && $request->input('ui') == 'memory' ? 'profile.memory' : 'profile.show';
  62. return view($ui, compact('profile', 'settings'));
  63. } else {
  64. $key = 'profile:settings:' . $user->id;
  65. $ttl = now()->addHours(6);
  66. $settings = Cache::remember($key, $ttl, function() use($user) {
  67. return $user->user->settings;
  68. });
  69. if ($user->is_private == true) {
  70. $isPrivate = $this->privateProfileCheck($user, $loggedIn);
  71. }
  72. $isBlocked = $this->blockedProfileCheck($user);
  73. $owner = $loggedIn && Auth::id() === $user->user_id;
  74. $is_following = ($owner == false && Auth::check()) ? $user->followedBy(Auth::user()->profile) : false;
  75. if ($isPrivate == true || $isBlocked == true) {
  76. $requested = Auth::check() ? FollowRequest::whereFollowerId(Auth::user()->profile_id)
  77. ->whereFollowingId($user->id)
  78. ->exists() : false;
  79. return view('profile.private', compact('user', 'is_following', 'requested'));
  80. }
  81. $is_admin = is_null($user->domain) ? $user->user->is_admin : false;
  82. $profile = $user;
  83. $settings = [
  84. 'crawlable' => $settings->crawlable,
  85. 'following' => [
  86. 'count' => $settings->show_profile_following_count,
  87. 'list' => $settings->show_profile_following
  88. ],
  89. 'followers' => [
  90. 'count' => $settings->show_profile_follower_count,
  91. 'list' => $settings->show_profile_followers
  92. ]
  93. ];
  94. $ui = $request->has('ui') && $request->input('ui') == 'memory' ? 'profile.memory' : 'profile.show';
  95. return view($ui, compact('profile', 'settings'));
  96. }
  97. }
  98. public function permalinkRedirect(Request $request, $username)
  99. {
  100. $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  101. if ($request->wantsJson() && config('federation.activitypub.enabled')) {
  102. return $this->showActivityPub($request, $user);
  103. }
  104. return redirect($user->url());
  105. }
  106. protected function privateProfileCheck(Profile $profile, $loggedIn)
  107. {
  108. if (!Auth::check()) {
  109. return true;
  110. }
  111. $user = Auth::user()->profile;
  112. if($user->id == $profile->id || !$profile->is_private) {
  113. return false;
  114. }
  115. $follows = Follower::whereProfileId($user->id)->whereFollowingId($profile->id)->exists();
  116. if ($follows == false) {
  117. return true;
  118. }
  119. return false;
  120. }
  121. public static function accountCheck(Profile $profile)
  122. {
  123. switch ($profile->status) {
  124. case 'disabled':
  125. case 'suspended':
  126. case 'delete':
  127. return view('profile.disabled');
  128. break;
  129. default:
  130. break;
  131. }
  132. return abort(404);
  133. }
  134. protected function blockedProfileCheck(Profile $profile)
  135. {
  136. $pid = Auth::user()->profile->id;
  137. $blocks = UserFilter::whereUserId($profile->id)
  138. ->whereFilterType('block')
  139. ->whereFilterableType('App\Profile')
  140. ->pluck('filterable_id')
  141. ->toArray();
  142. if (in_array($pid, $blocks)) {
  143. return true;
  144. }
  145. return false;
  146. }
  147. public function showActivityPub(Request $request, $user)
  148. {
  149. abort_if(!config('federation.activitypub.enabled'), 404);
  150. abort_if($user->domain, 404);
  151. $fractal = new Fractal\Manager();
  152. $resource = new Fractal\Resource\Item($user, new ProfileTransformer);
  153. $res = $fractal->createData($resource)->toArray();
  154. return response(json_encode($res['data']))->header('Content-Type', 'application/activity+json');
  155. }
  156. public function showAtomFeed(Request $request, $user)
  157. {
  158. abort_if(!config('federation.atom.enabled'), 404);
  159. $profile = $user = Profile::whereNull('status')->whereNull('domain')->whereUsername($user)->whereIsPrivate(false)->firstOrFail();
  160. if($profile->status != null) {
  161. return $this->accountCheck($profile);
  162. }
  163. if($profile->is_private || Auth::check()) {
  164. $blocked = $this->blockedProfileCheck($profile);
  165. $check = $this->privateProfileCheck($profile, null);
  166. if($check || $blocked) {
  167. return redirect($profile->url());
  168. }
  169. }
  170. $items = $profile->statuses()->whereHas('media')->whereIn('visibility',['public', 'unlisted'])->orderBy('created_at', 'desc')->take(10)->get();
  171. return response()->view('atom.user', compact('profile', 'items'))
  172. ->header('Content-Type', 'application/atom+xml');
  173. }
  174. public function meRedirect()
  175. {
  176. abort_if(!Auth::check(), 404);
  177. return redirect(Auth::user()->url());
  178. }
  179. public function embed(Request $request, $username)
  180. {
  181. $res = view('profile.embed-removed');
  182. if(strlen($username) > 15 || strlen($username) < 2) {
  183. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  184. }
  185. $profile = Profile::whereUsername($username)
  186. ->whereIsPrivate(false)
  187. ->whereNull('status')
  188. ->whereNull('domain')
  189. ->first();
  190. if(!$profile) {
  191. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  192. }
  193. $content = Cache::remember('profile:embed:'.$profile->id, now()->addHours(12), function() use($profile) {
  194. return View::make('profile.embed')->with(compact('profile'))->render();
  195. });
  196. return response($content)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  197. }
  198. public function stories(Request $request, $username)
  199. {
  200. abort_if(!config('instance.stories.enabled') || !$request->user(), 404);
  201. $profile = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  202. $pid = $profile->id;
  203. $authed = Auth::user()->profile;
  204. abort_if($pid != $authed->id && $profile->followedBy($authed) == false, 404);
  205. $exists = Story::whereProfileId($pid)
  206. ->where('expires_at', '>', now())
  207. ->count();
  208. abort_unless($exists > 0, 404);
  209. return view('profile.story', compact('pid', 'profile'));
  210. }
  211. }