1
0

PublicApiController.php 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644
  1. <?php
  2. namespace App\Http\Controllers;
  3. use Illuminate\Http\Request;
  4. use App\{
  5. Hashtag,
  6. Follower,
  7. Like,
  8. Media,
  9. Notification,
  10. Profile,
  11. StatusHashtag,
  12. Status,
  13. UserFilter
  14. };
  15. use Auth,Cache;
  16. use Carbon\Carbon;
  17. use League\Fractal;
  18. use App\Transformer\Api\{
  19. AccountTransformer,
  20. RelationshipTransformer,
  21. StatusTransformer,
  22. StatusStatelessTransformer
  23. };
  24. use App\Services\{
  25. AccountService,
  26. PublicTimelineService,
  27. UserFilterService
  28. };
  29. use App\Jobs\StatusPipeline\NewStatusPipeline;
  30. use League\Fractal\Serializer\ArraySerializer;
  31. use League\Fractal\Pagination\IlluminatePaginatorAdapter;
  32. class PublicApiController extends Controller
  33. {
  34. protected $fractal;
  35. public function __construct()
  36. {
  37. $this->fractal = new Fractal\Manager();
  38. $this->fractal->setSerializer(new ArraySerializer());
  39. }
  40. protected function getUserData($user)
  41. {
  42. if(!$user) {
  43. return [];
  44. } else {
  45. return AccountService::get($user->profile_id);
  46. }
  47. }
  48. protected function getLikes($status)
  49. {
  50. if(false == Auth::check()) {
  51. return [];
  52. } else {
  53. $profile = Auth::user()->profile;
  54. if($profile->status) {
  55. return [];
  56. }
  57. $likes = $status->likedBy()->orderBy('created_at','desc')->paginate(10);
  58. $collection = new Fractal\Resource\Collection($likes, new AccountTransformer());
  59. return $this->fractal->createData($collection)->toArray();
  60. }
  61. }
  62. protected function getShares($status)
  63. {
  64. if(false == Auth::check()) {
  65. return [];
  66. } else {
  67. $profile = Auth::user()->profile;
  68. if($profile->status) {
  69. return [];
  70. }
  71. $shares = $status->sharedBy()->orderBy('created_at','desc')->paginate(10);
  72. $collection = new Fractal\Resource\Collection($shares, new AccountTransformer());
  73. return $this->fractal->createData($collection)->toArray();
  74. }
  75. }
  76. public function status(Request $request, $username, int $postid)
  77. {
  78. $profile = Profile::whereUsername($username)->whereNull('status')->firstOrFail();
  79. $status = Status::whereProfileId($profile->id)->findOrFail($postid);
  80. $this->scopeCheck($profile, $status);
  81. if(!Auth::check()) {
  82. $res = Cache::remember('wapi:v1:status:stateless_byid:' . $status->id, now()->addMinutes(30), function() use($status) {
  83. $item = new Fractal\Resource\Item($status, new StatusStatelessTransformer());
  84. $res = [
  85. 'status' => $this->fractal->createData($item)->toArray(),
  86. 'user' => [],
  87. 'likes' => [],
  88. 'shares' => [],
  89. 'reactions' => [
  90. 'liked' => false,
  91. 'shared' => false,
  92. 'bookmarked' => false,
  93. ],
  94. ];
  95. return response()->json($res, 200, [], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES);
  96. });
  97. return $res;
  98. }
  99. $item = new Fractal\Resource\Item($status, new StatusTransformer());
  100. $res = [
  101. 'status' => $this->fractal->createData($item)->toArray(),
  102. 'user' => $this->getUserData($request->user()),
  103. 'likes' => $this->getLikes($status),
  104. 'shares' => $this->getShares($status),
  105. 'reactions' => [
  106. 'liked' => $status->liked(),
  107. 'shared' => $status->shared(),
  108. 'bookmarked' => $status->bookmarked(),
  109. ],
  110. ];
  111. return response()->json($res, 200, [], JSON_PRETTY_PRINT);
  112. }
  113. public function statusComments(Request $request, $username, int $postId)
  114. {
  115. $this->validate($request, [
  116. 'min_id' => 'nullable|integer|min:1',
  117. 'max_id' => 'nullable|integer|min:1|max:'.PHP_INT_MAX,
  118. 'limit' => 'nullable|integer|min:5|max:50'
  119. ]);
  120. $limit = $request->limit ?? 10;
  121. $profile = Profile::whereNull('status')->findOrFail($username);
  122. $status = Status::whereProfileId($profile->id)->whereCommentsDisabled(false)->findOrFail($postId);
  123. $this->scopeCheck($profile, $status);
  124. if(Auth::check()) {
  125. $p = Auth::user()->profile;
  126. $filtered = UserFilter::whereUserId($p->id)
  127. ->whereFilterableType('App\Profile')
  128. ->whereIn('filter_type', ['mute', 'block'])
  129. ->pluck('filterable_id')->toArray();
  130. $scope = $p->id == $status->profile_id ? ['public', 'private'] : ['public'];
  131. } else {
  132. $filtered = [];
  133. $scope = ['public'];
  134. }
  135. if($request->filled('min_id') || $request->filled('max_id')) {
  136. if($request->filled('min_id')) {
  137. $replies = $status->comments()
  138. ->whereNull('reblog_of_id')
  139. ->whereIn('scope', $scope)
  140. ->whereNotIn('profile_id', $filtered)
  141. ->select('id', 'caption', 'is_nsfw', 'rendered', 'profile_id', 'in_reply_to_id', 'type', 'reply_count', 'created_at')
  142. ->where('id', '>=', $request->min_id)
  143. ->orderBy('id', 'desc')
  144. ->paginate($limit);
  145. }
  146. if($request->filled('max_id')) {
  147. $replies = $status->comments()
  148. ->whereNull('reblog_of_id')
  149. ->whereIn('scope', $scope)
  150. ->whereNotIn('profile_id', $filtered)
  151. ->select('id', 'caption', 'is_nsfw', 'rendered', 'profile_id', 'in_reply_to_id', 'type', 'reply_count', 'created_at')
  152. ->where('id', '<=', $request->max_id)
  153. ->orderBy('id', 'desc')
  154. ->paginate($limit);
  155. }
  156. } else {
  157. $replies = $status->comments()
  158. ->whereNull('reblog_of_id')
  159. ->whereIn('scope', $scope)
  160. ->whereNotIn('profile_id', $filtered)
  161. ->select('id', 'caption', 'is_nsfw', 'rendered', 'profile_id', 'in_reply_to_id', 'type', 'reply_count', 'created_at')
  162. ->orderBy('id', 'desc')
  163. ->paginate($limit);
  164. }
  165. $resource = new Fractal\Resource\Collection($replies, new StatusTransformer(), 'data');
  166. $resource->setPaginator(new IlluminatePaginatorAdapter($replies));
  167. $res = $this->fractal->createData($resource)->toArray();
  168. return response()->json($res, 200, [], JSON_PRETTY_PRINT);
  169. }
  170. public function statusLikes(Request $request, $username, $id)
  171. {
  172. $profile = Profile::whereUsername($username)->whereNull('status')->firstOrFail();
  173. $status = Status::whereProfileId($profile->id)->findOrFail($id);
  174. $this->scopeCheck($profile, $status);
  175. $likes = $this->getLikes($status);
  176. return response()->json([
  177. 'data' => $likes
  178. ]);
  179. }
  180. public function statusShares(Request $request, $username, $id)
  181. {
  182. $profile = Profile::whereUsername($username)->whereNull('status')->firstOrFail();
  183. $status = Status::whereProfileId($profile->id)->findOrFail($id);
  184. $this->scopeCheck($profile, $status);
  185. $shares = $this->getShares($status);
  186. return response()->json([
  187. 'data' => $shares
  188. ]);
  189. }
  190. protected function scopeCheck(Profile $profile, Status $status)
  191. {
  192. if($profile->is_private == true && Auth::check() == false) {
  193. abort(404);
  194. }
  195. switch ($status->scope) {
  196. case 'public':
  197. case 'unlisted':
  198. break;
  199. case 'private':
  200. $user = Auth::check() ? Auth::user() : false;
  201. if(!$user) {
  202. abort(403);
  203. } else {
  204. $follows = $profile->followedBy($user->profile);
  205. if($follows == false && $profile->id !== $user->profile->id && $user->is_admin == false) {
  206. abort(404);
  207. }
  208. }
  209. break;
  210. case 'direct':
  211. abort(404);
  212. break;
  213. case 'draft':
  214. abort(404);
  215. break;
  216. default:
  217. abort(404);
  218. break;
  219. }
  220. }
  221. public function publicTimelineApi(Request $request)
  222. {
  223. $this->validate($request,[
  224. 'page' => 'nullable|integer|max:40',
  225. 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  226. 'max_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  227. 'limit' => 'nullable|integer|max:30'
  228. ]);
  229. if(config('instance.timeline.local.is_public') == false && !Auth::check()) {
  230. abort(403, 'Authentication required.');
  231. }
  232. $page = $request->input('page');
  233. $min = $request->input('min_id');
  234. $max = $request->input('max_id');
  235. $limit = $request->input('limit') ?? 3;
  236. $filtered = UserFilter::whereUserId(Auth::user()->profile_id)
  237. ->whereFilterableType('App\Profile')
  238. ->whereIn('filter_type', ['mute', 'block'])
  239. ->pluck('filterable_id')->toArray();
  240. if($min || $max) {
  241. $dir = $min ? '>' : '<';
  242. $id = $min ?? $max;
  243. $timeline = Status::select(
  244. 'id',
  245. 'uri',
  246. 'caption',
  247. 'rendered',
  248. 'profile_id',
  249. 'type',
  250. 'in_reply_to_id',
  251. 'reblog_of_id',
  252. 'is_nsfw',
  253. 'scope',
  254. 'local',
  255. 'reply_count',
  256. 'comments_disabled',
  257. 'place_id',
  258. 'likes_count',
  259. 'reblogs_count',
  260. 'created_at',
  261. 'updated_at'
  262. )->where('id', $dir, $id)
  263. ->whereIn('type', ['photo', 'photo:album', 'video', 'video:album', 'photo:video:album'])
  264. ->whereNotIn('profile_id', $filtered)
  265. ->whereLocal(true)
  266. ->whereVisibility('public')
  267. ->orderBy('created_at', 'desc')
  268. ->limit($limit)
  269. ->get();
  270. } else {
  271. $timeline = Status::select(
  272. 'id',
  273. 'uri',
  274. 'caption',
  275. 'rendered',
  276. 'profile_id',
  277. 'type',
  278. 'in_reply_to_id',
  279. 'reblog_of_id',
  280. 'is_nsfw',
  281. 'scope',
  282. 'local',
  283. 'reply_count',
  284. 'comments_disabled',
  285. 'created_at',
  286. 'place_id',
  287. 'likes_count',
  288. 'reblogs_count',
  289. 'updated_at'
  290. )->whereIn('type', ['photo', 'photo:album', 'video', 'video:album', 'photo:video:album'])
  291. ->whereNotIn('profile_id', $filtered)
  292. ->with('profile', 'hashtags', 'mentions')
  293. ->whereLocal(true)
  294. ->whereVisibility('public')
  295. ->orderBy('created_at', 'desc')
  296. ->simplePaginate($limit);
  297. }
  298. $fractal = new Fractal\Resource\Collection($timeline, new StatusTransformer());
  299. $res = $this->fractal->createData($fractal)->toArray();
  300. return response()->json($res);
  301. }
  302. public function homeTimelineApi(Request $request)
  303. {
  304. if(!Auth::check()) {
  305. return abort(403);
  306. }
  307. $this->validate($request,[
  308. 'page' => 'nullable|integer|max:40',
  309. 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  310. 'max_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  311. 'limit' => 'nullable|integer|max:40'
  312. ]);
  313. $page = $request->input('page');
  314. $min = $request->input('min_id');
  315. $max = $request->input('max_id');
  316. $limit = $request->input('limit') ?? 3;
  317. // TODO: Use redis for timelines
  318. // $timeline = Timeline::build()->local();
  319. $pid = Auth::user()->profile->id;
  320. $following = Cache::remember('profile:following:'.$pid, now()->addMinutes(1440), function() use($pid) {
  321. $following = Follower::whereProfileId($pid)->pluck('following_id');
  322. return $following->push($pid)->toArray();
  323. });
  324. // $private = Cache::remember('profiles:private', now()->addMinutes(1440), function() {
  325. // return Profile::whereIsPrivate(true)
  326. // ->orWhere('unlisted', true)
  327. // ->orWhere('status', '!=', null)
  328. // ->pluck('id');
  329. // });
  330. // $private = $private->diff($following)->flatten();
  331. // $filters = UserFilter::whereUserId($pid)
  332. // ->whereFilterableType('App\Profile')
  333. // ->whereIn('filter_type', ['mute', 'block'])
  334. // ->pluck('filterable_id')->toArray();
  335. // $filtered = array_merge($private->toArray(), $filters);
  336. $filtered = Auth::check() ? UserFilterService::filters(Auth::user()->profile_id) : [];
  337. if($min || $max) {
  338. $dir = $min ? '>' : '<';
  339. $id = $min ?? $max;
  340. $timeline = Status::select(
  341. 'id',
  342. 'uri',
  343. 'caption',
  344. 'rendered',
  345. 'profile_id',
  346. 'type',
  347. 'in_reply_to_id',
  348. 'reblog_of_id',
  349. 'is_nsfw',
  350. 'scope',
  351. 'local',
  352. 'reply_count',
  353. 'comments_disabled',
  354. 'place_id',
  355. 'likes_count',
  356. 'reblogs_count',
  357. 'created_at',
  358. 'updated_at'
  359. )->whereIn('type', ['photo', 'photo:album', 'video', 'video:album', 'photo:video:album'])
  360. ->with('profile', 'hashtags', 'mentions')
  361. ->where('id', $dir, $id)
  362. ->whereIn('profile_id', $following)
  363. ->whereNotIn('profile_id', $filtered)
  364. ->whereIn('visibility',['public', 'unlisted', 'private'])
  365. ->orderBy('created_at', 'desc')
  366. ->limit($limit)
  367. ->get();
  368. } else {
  369. $timeline = Status::select(
  370. 'id',
  371. 'uri',
  372. 'caption',
  373. 'rendered',
  374. 'profile_id',
  375. 'type',
  376. 'in_reply_to_id',
  377. 'reblog_of_id',
  378. 'is_nsfw',
  379. 'scope',
  380. 'local',
  381. 'reply_count',
  382. 'comments_disabled',
  383. 'place_id',
  384. 'likes_count',
  385. 'reblogs_count',
  386. 'created_at',
  387. 'updated_at'
  388. )->whereIn('type', ['photo', 'photo:album', 'video', 'video:album', 'photo:video:album'])
  389. ->with('profile', 'hashtags', 'mentions')
  390. ->whereIn('profile_id', $following)
  391. ->whereNotIn('profile_id', $filtered)
  392. ->whereIn('visibility',['public', 'unlisted', 'private'])
  393. ->orderBy('created_at', 'desc')
  394. ->simplePaginate($limit);
  395. }
  396. $fractal = new Fractal\Resource\Collection($timeline, new StatusTransformer());
  397. $res = $this->fractal->createData($fractal)->toArray();
  398. return response()->json($res);
  399. }
  400. public function networkTimelineApi(Request $request)
  401. {
  402. return response()->json([]);
  403. }
  404. public function relationships(Request $request)
  405. {
  406. if(!Auth::check()) {
  407. return response()->json([]);
  408. }
  409. $this->validate($request, [
  410. 'id' => 'required|array|min:1|max:20',
  411. 'id.*' => 'required|integer'
  412. ]);
  413. $ids = collect($request->input('id'));
  414. $filtered = $ids->filter(function($v) {
  415. return $v != Auth::user()->profile->id;
  416. });
  417. $relations = Profile::whereNull('status')->findOrFail($filtered->all());
  418. $fractal = new Fractal\Resource\Collection($relations, new RelationshipTransformer());
  419. $res = $this->fractal->createData($fractal)->toArray();
  420. return response()->json($res);
  421. }
  422. public function account(Request $request, $id)
  423. {
  424. $res = AccountService::get($id);
  425. return response()->json($res);
  426. }
  427. public function accountFollowers(Request $request, $id)
  428. {
  429. abort_unless(Auth::check(), 403);
  430. $profile = Profile::with('user')->whereNull('status')->whereNull('domain')->findOrFail($id);
  431. if(Auth::id() != $profile->user_id && $profile->is_private || !$profile->user->settings->show_profile_followers) {
  432. return response()->json([]);
  433. }
  434. $followers = $profile->followers()->orderByDesc('followers.created_at')->paginate(10);
  435. $resource = new Fractal\Resource\Collection($followers, new AccountTransformer());
  436. $res = $this->fractal->createData($resource)->toArray();
  437. return response()->json($res);
  438. }
  439. public function accountFollowing(Request $request, $id)
  440. {
  441. abort_unless(Auth::check(), 403);
  442. $profile = Profile::with('user')
  443. ->whereNull('status')
  444. ->whereNull('domain')
  445. ->findOrFail($id);
  446. // filter by username
  447. $search = $request->input('fbu');
  448. $owner = Auth::id() == $profile->user_id;
  449. $filter = ($owner == true) && ($search != null);
  450. abort_if($owner == false && $profile->is_private == true && !$profile->followedBy(Auth::user()->profile), 404);
  451. abort_if($profile->user->settings->show_profile_following == false && $owner == false, 404);
  452. if($search) {
  453. abort_if(!$owner, 404);
  454. $following = $profile->following()
  455. ->where('profiles.username', 'like', '%'.$search.'%')
  456. ->orderByDesc('followers.created_at')
  457. ->paginate(10);
  458. } else {
  459. $following = $profile->following()
  460. ->orderByDesc('followers.created_at')
  461. ->paginate(10);
  462. }
  463. $resource = new Fractal\Resource\Collection($following, new AccountTransformer());
  464. $res = $this->fractal->createData($resource)->toArray();
  465. return response()->json($res);
  466. }
  467. public function accountStatuses(Request $request, $id)
  468. {
  469. $this->validate($request, [
  470. 'only_media' => 'nullable',
  471. 'pinned' => 'nullable',
  472. 'exclude_replies' => 'nullable',
  473. 'max_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  474. 'since_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  475. 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  476. 'limit' => 'nullable|integer|min:1|max:24'
  477. ]);
  478. $profile = Profile::whereNull('status')->findOrFail($id);
  479. $limit = $request->limit ?? 9;
  480. $max_id = $request->max_id;
  481. $min_id = $request->min_id;
  482. $scope = $request->only_media == true ?
  483. ['photo', 'photo:album', 'video', 'video:album'] :
  484. ['photo', 'photo:album', 'video', 'video:album', 'share', 'reply'];
  485. if($profile->is_private) {
  486. if(!Auth::check()) {
  487. return response()->json([]);
  488. }
  489. $pid = Auth::user()->profile->id;
  490. $following = Cache::remember('profile:following:'.$pid, now()->addMinutes(1440), function() use($pid) {
  491. $following = Follower::whereProfileId($pid)->pluck('following_id');
  492. return $following->push($pid)->toArray();
  493. });
  494. $visibility = true == in_array($profile->id, $following) ? ['public', 'unlisted', 'private'] : [];
  495. } else {
  496. if(Auth::check()) {
  497. $pid = Auth::user()->profile->id;
  498. $following = Cache::remember('profile:following:'.$pid, now()->addMinutes(1440), function() use($pid) {
  499. $following = Follower::whereProfileId($pid)->pluck('following_id');
  500. return $following->push($pid)->toArray();
  501. });
  502. $visibility = true == in_array($profile->id, $following) ? ['public', 'unlisted', 'private'] : ['public', 'unlisted'];
  503. } else {
  504. $visibility = ['public', 'unlisted'];
  505. }
  506. }
  507. $tag = in_array('private', $visibility) ? 'private' : 'public';
  508. if($min_id == 1 && $limit == 9 && $tag == 'public') {
  509. $limit = 9;
  510. $scope = ['photo', 'photo:album', 'video', 'video:album'];
  511. $key = '_api:statuses:recent_9:'.$profile->id;
  512. $res = Cache::remember($key, now()->addHours(24), function() use($profile, $scope, $visibility, $limit) {
  513. $dir = '>';
  514. $id = 1;
  515. $timeline = Status::select(
  516. 'id',
  517. 'uri',
  518. 'caption',
  519. 'rendered',
  520. 'profile_id',
  521. 'type',
  522. 'in_reply_to_id',
  523. 'reblog_of_id',
  524. 'is_nsfw',
  525. 'likes_count',
  526. 'reblogs_count',
  527. 'scope',
  528. 'visibility',
  529. 'local',
  530. 'place_id',
  531. 'comments_disabled',
  532. 'cw_summary',
  533. 'created_at',
  534. 'updated_at'
  535. )->whereProfileId($profile->id)
  536. ->whereIn('type', $scope)
  537. ->where('id', $dir, $id)
  538. ->whereIn('visibility', $visibility)
  539. ->limit($limit)
  540. ->orderByDesc('id')
  541. ->get();
  542. $resource = new Fractal\Resource\Collection($timeline, new StatusStatelessTransformer());
  543. $res = $this->fractal->createData($resource)->toArray();
  544. return response()->json($res, 200, [], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES);
  545. });
  546. return $res;
  547. }
  548. $dir = $min_id ? '>' : '<';
  549. $id = $min_id ?? $max_id;
  550. $timeline = Status::select(
  551. 'id',
  552. 'uri',
  553. 'caption',
  554. 'rendered',
  555. 'profile_id',
  556. 'type',
  557. 'in_reply_to_id',
  558. 'reblog_of_id',
  559. 'is_nsfw',
  560. 'likes_count',
  561. 'reblogs_count',
  562. 'scope',
  563. 'visibility',
  564. 'local',
  565. 'place_id',
  566. 'comments_disabled',
  567. 'cw_summary',
  568. 'created_at',
  569. 'updated_at'
  570. )->whereProfileId($profile->id)
  571. ->whereIn('type', $scope)
  572. ->where('id', $dir, $id)
  573. ->whereIn('visibility', $visibility)
  574. ->limit($limit)
  575. ->orderByDesc('id')
  576. ->get();
  577. $resource = new Fractal\Resource\Collection($timeline, new StatusTransformer());
  578. $res = $this->fractal->createData($resource)->toArray();
  579. return response()->json($res, 200, [], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES);
  580. }
  581. }