DirectMessageController.php 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860
  1. <?php
  2. namespace App\Http\Controllers;
  3. use Auth, Cache;
  4. use Illuminate\Http\Request;
  5. use App\{
  6. DirectMessage,
  7. Media,
  8. Notification,
  9. Profile,
  10. Status,
  11. User,
  12. UserFilter,
  13. UserSetting
  14. };
  15. use App\Services\MediaPathService;
  16. use App\Services\MediaBlocklistService;
  17. use App\Jobs\StatusPipeline\NewStatusPipeline;
  18. use App\Jobs\StatusPipeline\StatusDelete;
  19. use Illuminate\Support\Str;
  20. use App\Util\ActivityPub\Helpers;
  21. use App\Services\AccountService;
  22. use App\Services\StatusService;
  23. use App\Services\WebfingerService;
  24. use App\Models\Conversation;
  25. use App\Jobs\DirectPipeline\DirectDeletePipeline;
  26. use App\Jobs\DirectPipeline\DirectDeliverPipeline;
  27. class DirectMessageController extends Controller
  28. {
  29. public function __construct()
  30. {
  31. $this->middleware('auth');
  32. }
  33. public function browse(Request $request)
  34. {
  35. $this->validate($request, [
  36. 'a' => 'nullable|string|in:inbox,sent,filtered',
  37. 'page' => 'nullable|integer|min:1|max:99'
  38. ]);
  39. $profile = $request->user()->profile_id;
  40. $action = $request->input('a', 'inbox');
  41. $page = $request->input('page');
  42. if(config('database.default') == 'pgsql') {
  43. if($action == 'inbox') {
  44. $dms = DirectMessage::select('id', 'type', 'to_id', 'from_id', 'id', 'status_id', 'is_hidden', 'meta', 'created_at', 'read_at')
  45. ->whereToId($profile)
  46. ->with(['author','status'])
  47. ->whereIsHidden(false)
  48. ->when($page, function($q, $page) {
  49. if($page > 1) {
  50. return $q->offset($page * 8 - 8);
  51. }
  52. })
  53. ->latest()
  54. ->get()
  55. ->unique('from_id')
  56. ->take(8)
  57. ->map(function($r) use($profile) {
  58. return $r->from_id !== $profile ? [
  59. 'id' => (string) $r->from_id,
  60. 'name' => $r->author->name,
  61. 'username' => $r->author->username,
  62. 'avatar' => $r->author->avatarUrl(),
  63. 'url' => $r->author->url(),
  64. 'isLocal' => (bool) !$r->author->domain,
  65. 'domain' => $r->author->domain,
  66. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  67. 'lastMessage' => $r->status->caption,
  68. 'messages' => []
  69. ] : [
  70. 'id' => (string) $r->to_id,
  71. 'name' => $r->recipient->name,
  72. 'username' => $r->recipient->username,
  73. 'avatar' => $r->recipient->avatarUrl(),
  74. 'url' => $r->recipient->url(),
  75. 'isLocal' => (bool) !$r->recipient->domain,
  76. 'domain' => $r->recipient->domain,
  77. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  78. 'lastMessage' => $r->status->caption,
  79. 'messages' => []
  80. ];
  81. })->values();
  82. }
  83. if($action == 'sent') {
  84. $dms = DirectMessage::select('id', 'type', 'to_id', 'from_id', 'id', 'status_id', 'is_hidden', 'meta', 'created_at', 'read_at')
  85. ->whereFromId($profile)
  86. ->with(['author','status'])
  87. ->orderBy('id', 'desc')
  88. ->when($page, function($q, $page) {
  89. if($page > 1) {
  90. return $q->offset($page * 8 - 8);
  91. }
  92. })
  93. ->get()
  94. ->unique('to_id')
  95. ->take(8)
  96. ->map(function($r) use($profile) {
  97. return $r->from_id !== $profile ? [
  98. 'id' => (string) $r->from_id,
  99. 'name' => $r->author->name,
  100. 'username' => $r->author->username,
  101. 'avatar' => $r->author->avatarUrl(),
  102. 'url' => $r->author->url(),
  103. 'isLocal' => (bool) !$r->author->domain,
  104. 'domain' => $r->author->domain,
  105. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  106. 'lastMessage' => $r->status->caption,
  107. 'messages' => []
  108. ] : [
  109. 'id' => (string) $r->to_id,
  110. 'name' => $r->recipient->name,
  111. 'username' => $r->recipient->username,
  112. 'avatar' => $r->recipient->avatarUrl(),
  113. 'url' => $r->recipient->url(),
  114. 'isLocal' => (bool) !$r->recipient->domain,
  115. 'domain' => $r->recipient->domain,
  116. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  117. 'lastMessage' => $r->status->caption,
  118. 'messages' => []
  119. ];
  120. });
  121. }
  122. if($action == 'filtered') {
  123. $dms = DirectMessage::select('id', 'type', 'to_id', 'from_id', 'id', 'status_id', 'is_hidden', 'meta', 'created_at', 'read_at')
  124. ->whereToId($profile)
  125. ->with(['author','status'])
  126. ->whereIsHidden(true)
  127. ->orderBy('id', 'desc')
  128. ->when($page, function($q, $page) {
  129. if($page > 1) {
  130. return $q->offset($page * 8 - 8);
  131. }
  132. })
  133. ->get()
  134. ->unique('from_id')
  135. ->take(8)
  136. ->map(function($r) use($profile) {
  137. return $r->from_id !== $profile ? [
  138. 'id' => (string) $r->from_id,
  139. 'name' => $r->author->name,
  140. 'username' => $r->author->username,
  141. 'avatar' => $r->author->avatarUrl(),
  142. 'url' => $r->author->url(),
  143. 'isLocal' => (bool) !$r->author->domain,
  144. 'domain' => $r->author->domain,
  145. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  146. 'lastMessage' => $r->status->caption,
  147. 'messages' => []
  148. ] : [
  149. 'id' => (string) $r->to_id,
  150. 'name' => $r->recipient->name,
  151. 'username' => $r->recipient->username,
  152. 'avatar' => $r->recipient->avatarUrl(),
  153. 'url' => $r->recipient->url(),
  154. 'isLocal' => (bool) !$r->recipient->domain,
  155. 'domain' => $r->recipient->domain,
  156. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  157. 'lastMessage' => $r->status->caption,
  158. 'messages' => []
  159. ];
  160. });
  161. }
  162. } elseif(config('database.default') == 'mysql') {
  163. if($action == 'inbox') {
  164. $dms = DirectMessage::selectRaw('*, max(created_at) as createdAt')
  165. ->whereToId($profile)
  166. ->with(['author','status'])
  167. ->whereIsHidden(false)
  168. ->groupBy('from_id')
  169. ->latest()
  170. ->when($page, function($q, $page) {
  171. if($page > 1) {
  172. return $q->offset($page * 8 - 8);
  173. }
  174. })
  175. ->limit(8)
  176. ->get()
  177. ->map(function($r) use($profile) {
  178. return $r->from_id !== $profile ? [
  179. 'id' => (string) $r->from_id,
  180. 'name' => $r->author->name,
  181. 'username' => $r->author->username,
  182. 'avatar' => $r->author->avatarUrl(),
  183. 'url' => $r->author->url(),
  184. 'isLocal' => (bool) !$r->author->domain,
  185. 'domain' => $r->author->domain,
  186. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  187. 'lastMessage' => $r->status->caption,
  188. 'messages' => []
  189. ] : [
  190. 'id' => (string) $r->to_id,
  191. 'name' => $r->recipient->name,
  192. 'username' => $r->recipient->username,
  193. 'avatar' => $r->recipient->avatarUrl(),
  194. 'url' => $r->recipient->url(),
  195. 'isLocal' => (bool) !$r->recipient->domain,
  196. 'domain' => $r->recipient->domain,
  197. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  198. 'lastMessage' => $r->status->caption,
  199. 'messages' => []
  200. ];
  201. });
  202. }
  203. if($action == 'sent') {
  204. $dms = DirectMessage::selectRaw('*, max(created_at) as createdAt')
  205. ->whereFromId($profile)
  206. ->with(['author','status'])
  207. ->groupBy('to_id')
  208. ->orderBy('createdAt', 'desc')
  209. ->when($page, function($q, $page) {
  210. if($page > 1) {
  211. return $q->offset($page * 8 - 8);
  212. }
  213. })
  214. ->limit(8)
  215. ->get()
  216. ->map(function($r) use($profile) {
  217. return $r->from_id !== $profile ? [
  218. 'id' => (string) $r->from_id,
  219. 'name' => $r->author->name,
  220. 'username' => $r->author->username,
  221. 'avatar' => $r->author->avatarUrl(),
  222. 'url' => $r->author->url(),
  223. 'isLocal' => (bool) !$r->author->domain,
  224. 'domain' => $r->author->domain,
  225. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  226. 'lastMessage' => $r->status->caption,
  227. 'messages' => []
  228. ] : [
  229. 'id' => (string) $r->to_id,
  230. 'name' => $r->recipient->name,
  231. 'username' => $r->recipient->username,
  232. 'avatar' => $r->recipient->avatarUrl(),
  233. 'url' => $r->recipient->url(),
  234. 'isLocal' => (bool) !$r->recipient->domain,
  235. 'domain' => $r->recipient->domain,
  236. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  237. 'lastMessage' => $r->status->caption,
  238. 'messages' => []
  239. ];
  240. });
  241. }
  242. if($action == 'filtered') {
  243. $dms = DirectMessage::selectRaw('*, max(created_at) as createdAt')
  244. ->whereToId($profile)
  245. ->with(['author','status'])
  246. ->whereIsHidden(true)
  247. ->groupBy('from_id')
  248. ->orderBy('createdAt', 'desc')
  249. ->when($page, function($q, $page) {
  250. if($page > 1) {
  251. return $q->offset($page * 8 - 8);
  252. }
  253. })
  254. ->limit(8)
  255. ->get()
  256. ->map(function($r) use($profile) {
  257. return $r->from_id !== $profile ? [
  258. 'id' => (string) $r->from_id,
  259. 'name' => $r->author->name,
  260. 'username' => $r->author->username,
  261. 'avatar' => $r->author->avatarUrl(),
  262. 'url' => $r->author->url(),
  263. 'isLocal' => (bool) !$r->author->domain,
  264. 'domain' => $r->author->domain,
  265. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  266. 'lastMessage' => $r->status->caption,
  267. 'messages' => []
  268. ] : [
  269. 'id' => (string) $r->to_id,
  270. 'name' => $r->recipient->name,
  271. 'username' => $r->recipient->username,
  272. 'avatar' => $r->recipient->avatarUrl(),
  273. 'url' => $r->recipient->url(),
  274. 'isLocal' => (bool) !$r->recipient->domain,
  275. 'domain' => $r->recipient->domain,
  276. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  277. 'lastMessage' => $r->status->caption,
  278. 'messages' => []
  279. ];
  280. });
  281. }
  282. }
  283. return response()->json($dms->all());
  284. }
  285. public function create(Request $request)
  286. {
  287. $this->validate($request, [
  288. 'to_id' => 'required',
  289. 'message' => 'required|string|min:1|max:500',
  290. 'type' => 'required|in:text,emoji'
  291. ]);
  292. $profile = $request->user()->profile;
  293. $recipient = Profile::where('id', '!=', $profile->id)->findOrFail($request->input('to_id'));
  294. abort_if(in_array($profile->id, $recipient->blockedIds()->toArray()), 403);
  295. $msg = $request->input('message');
  296. if((!$recipient->domain && $recipient->user->settings->public_dm == false) || $recipient->is_private) {
  297. if($recipient->follows($profile) == true) {
  298. $hidden = false;
  299. } else {
  300. $hidden = true;
  301. }
  302. } else {
  303. $hidden = false;
  304. }
  305. $status = new Status;
  306. $status->profile_id = $profile->id;
  307. $status->caption = $msg;
  308. $status->rendered = $msg;
  309. $status->visibility = 'direct';
  310. $status->scope = 'direct';
  311. $status->in_reply_to_profile_id = $recipient->id;
  312. $status->save();
  313. $dm = new DirectMessage;
  314. $dm->to_id = $recipient->id;
  315. $dm->from_id = $profile->id;
  316. $dm->status_id = $status->id;
  317. $dm->is_hidden = $hidden;
  318. $dm->type = $request->input('type');
  319. $dm->save();
  320. Conversation::updateOrInsert(
  321. [
  322. 'to_id' => $recipient->id,
  323. 'from_id' => $profile->id
  324. ],
  325. [
  326. 'type' => $dm->type,
  327. 'status_id' => $status->id,
  328. 'dm_id' => $dm->id,
  329. 'is_hidden' => $hidden
  330. ]
  331. );
  332. if(filter_var($msg, FILTER_VALIDATE_URL)) {
  333. if(Helpers::validateUrl($msg)) {
  334. $dm->type = 'link';
  335. $dm->meta = [
  336. 'domain' => parse_url($msg, PHP_URL_HOST),
  337. 'local' => parse_url($msg, PHP_URL_HOST) ==
  338. parse_url(config('app.url'), PHP_URL_HOST)
  339. ];
  340. $dm->save();
  341. }
  342. }
  343. $nf = UserFilter::whereUserId($recipient->id)
  344. ->whereFilterableId($profile->id)
  345. ->whereFilterableType('App\Profile')
  346. ->whereFilterType('dm.mute')
  347. ->exists();
  348. if($recipient->domain == null && $hidden == false && !$nf) {
  349. $notification = new Notification();
  350. $notification->profile_id = $recipient->id;
  351. $notification->actor_id = $profile->id;
  352. $notification->action = 'dm';
  353. $notification->item_id = $dm->id;
  354. $notification->item_type = "App\DirectMessage";
  355. $notification->save();
  356. }
  357. if($recipient->domain) {
  358. $this->remoteDeliver($dm);
  359. }
  360. $res = [
  361. 'id' => (string) $dm->id,
  362. 'isAuthor' => $profile->id == $dm->from_id,
  363. 'reportId' => (string) $dm->status_id,
  364. 'hidden' => (bool) $dm->is_hidden,
  365. 'type' => $dm->type,
  366. 'text' => $dm->status->caption,
  367. 'media' => null,
  368. 'timeAgo' => $dm->created_at->diffForHumans(null,null,true),
  369. 'seen' => $dm->read_at != null,
  370. 'meta' => $dm->meta
  371. ];
  372. return response()->json($res);
  373. }
  374. public function thread(Request $request)
  375. {
  376. $this->validate($request, [
  377. 'pid' => 'required'
  378. ]);
  379. $uid = $request->user()->profile_id;
  380. $pid = $request->input('pid');
  381. $max_id = $request->input('max_id');
  382. $min_id = $request->input('min_id');
  383. $r = Profile::findOrFail($pid);
  384. if($min_id) {
  385. $res = DirectMessage::select('*')
  386. ->where('id', '>', $min_id)
  387. ->where(function($q) use($pid,$uid) {
  388. return $q->where([['from_id',$pid],['to_id',$uid]
  389. ])->orWhere([['from_id',$uid],['to_id',$pid]]);
  390. })
  391. ->latest()
  392. ->take(8)
  393. ->get();
  394. } else if ($max_id) {
  395. $res = DirectMessage::select('*')
  396. ->where('id', '<', $max_id)
  397. ->where(function($q) use($pid,$uid) {
  398. return $q->where([['from_id',$pid],['to_id',$uid]
  399. ])->orWhere([['from_id',$uid],['to_id',$pid]]);
  400. })
  401. ->latest()
  402. ->take(8)
  403. ->get();
  404. } else {
  405. $res = DirectMessage::where(function($q) use($pid,$uid) {
  406. return $q->where([['from_id',$pid],['to_id',$uid]
  407. ])->orWhere([['from_id',$uid],['to_id',$pid]]);
  408. })
  409. ->latest()
  410. ->take(8)
  411. ->get();
  412. }
  413. $res = $res->filter(function($s) {
  414. return $s && $s->status;
  415. })
  416. ->map(function($s) use ($uid) {
  417. return [
  418. 'id' => (string) $s->id,
  419. 'hidden' => (bool) $s->is_hidden,
  420. 'isAuthor' => $uid == $s->from_id,
  421. 'type' => $s->type,
  422. 'text' => $s->status->caption,
  423. 'media' => $s->status->firstMedia() ? $s->status->firstMedia()->url() : null,
  424. 'timeAgo' => $s->created_at->diffForHumans(null,null,true),
  425. 'seen' => $s->read_at != null,
  426. 'reportId' => (string) $s->status_id,
  427. 'meta' => json_decode($s->meta,true)
  428. ];
  429. })
  430. ->values();
  431. $w = [
  432. 'id' => (string) $r->id,
  433. 'name' => $r->name,
  434. 'username' => $r->username,
  435. 'avatar' => $r->avatarUrl(),
  436. 'url' => $r->url(),
  437. 'muted' => UserFilter::whereUserId($uid)
  438. ->whereFilterableId($r->id)
  439. ->whereFilterableType('App\Profile')
  440. ->whereFilterType('dm.mute')
  441. ->first() ? true : false,
  442. 'isLocal' => (bool) !$r->domain,
  443. 'domain' => $r->domain,
  444. 'timeAgo' => $r->created_at->diffForHumans(null, true, true),
  445. 'lastMessage' => '',
  446. 'messages' => $res
  447. ];
  448. return response()->json($w, 200, [], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES);
  449. }
  450. public function delete(Request $request)
  451. {
  452. $this->validate($request, [
  453. 'id' => 'required'
  454. ]);
  455. $sid = $request->input('id');
  456. $pid = $request->user()->profile_id;
  457. $dm = DirectMessage::whereFromId($pid)
  458. ->whereStatusId($sid)
  459. ->firstOrFail();
  460. $status = Status::whereProfileId($pid)
  461. ->findOrFail($dm->status_id);
  462. $recipient = AccountService::get($dm->to_id);
  463. if(!$recipient) {
  464. return response('', 422);
  465. }
  466. if($recipient['local'] == false) {
  467. $dmc = $dm;
  468. $this->remoteDelete($dmc);
  469. } else {
  470. StatusDelete::dispatch($status)->onQueue('high');
  471. }
  472. if(Conversation::whereStatusId($sid)->count()) {
  473. $latest = DirectMessage::where(['from_id' => $dm->from_id, 'to_id' => $dm->to_id])
  474. ->orWhere(['to_id' => $dm->from_id, 'from_id' => $dm->to_id])
  475. ->latest()
  476. ->first();
  477. if($latest->status_id == $sid) {
  478. Conversation::where(['to_id' => $dm->from_id, 'from_id' => $dm->to_id])
  479. ->update([
  480. 'updated_at' => $latest->updated_at,
  481. 'status_id' => $latest->status_id,
  482. 'type' => $latest->type,
  483. 'is_hidden' => false
  484. ]);
  485. Conversation::where(['to_id' => $dm->to_id, 'from_id' => $dm->from_id])
  486. ->update([
  487. 'updated_at' => $latest->updated_at,
  488. 'status_id' => $latest->status_id,
  489. 'type' => $latest->type,
  490. 'is_hidden' => false
  491. ]);
  492. } else {
  493. Conversation::where([
  494. 'status_id' => $sid,
  495. 'to_id' => $dm->from_id,
  496. 'from_id' => $dm->to_id
  497. ])->delete();
  498. Conversation::where([
  499. 'status_id' => $sid,
  500. 'from_id' => $dm->from_id,
  501. 'to_id' => $dm->to_id
  502. ])->delete();
  503. }
  504. }
  505. StatusService::del($status->id, true);
  506. $status->forceDeleteQuietly();
  507. return [200];
  508. }
  509. public function get(Request $request, $id)
  510. {
  511. $pid = $request->user()->profile_id;
  512. $dm = DirectMessage::whereStatusId($id)->firstOrFail();
  513. abort_if($pid !== $dm->to_id && $pid !== $dm->from_id, 404);
  514. return response()->json($dm, 200, [], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES);
  515. }
  516. public function mediaUpload(Request $request)
  517. {
  518. $this->validate($request, [
  519. 'file' => function() {
  520. return [
  521. 'required',
  522. 'mimetypes:' . config_cache('pixelfed.media_types'),
  523. 'max:' . config_cache('pixelfed.max_photo_size'),
  524. ];
  525. },
  526. 'to_id' => 'required'
  527. ]);
  528. $user = $request->user();
  529. $profile = $user->profile;
  530. $recipient = Profile::where('id', '!=', $profile->id)->findOrFail($request->input('to_id'));
  531. abort_if(in_array($profile->id, $recipient->blockedIds()->toArray()), 403);
  532. if((!$recipient->domain && $recipient->user->settings->public_dm == false) || $recipient->is_private) {
  533. if($recipient->follows($profile) == true) {
  534. $hidden = false;
  535. } else {
  536. $hidden = true;
  537. }
  538. } else {
  539. $hidden = false;
  540. }
  541. if(config_cache('pixelfed.enforce_account_limit') == true) {
  542. $size = Cache::remember($user->storageUsedKey(), now()->addDays(3), function() use($user) {
  543. return Media::whereUserId($user->id)->sum('size') / 1000;
  544. });
  545. $limit = (int) config_cache('pixelfed.max_account_size');
  546. if ($size >= $limit) {
  547. abort(403, 'Account size limit reached.');
  548. }
  549. }
  550. $photo = $request->file('file');
  551. $mimes = explode(',', config_cache('pixelfed.media_types'));
  552. if(in_array($photo->getMimeType(), $mimes) == false) {
  553. abort(403, 'Invalid or unsupported mime type.');
  554. }
  555. $storagePath = MediaPathService::get($user, 2) . Str::random(8);
  556. $path = $photo->storePublicly($storagePath);
  557. $hash = \hash_file('sha256', $photo);
  558. abort_if(MediaBlocklistService::exists($hash) == true, 451);
  559. $status = new Status;
  560. $status->profile_id = $profile->id;
  561. $status->caption = null;
  562. $status->rendered = null;
  563. $status->visibility = 'direct';
  564. $status->scope = 'direct';
  565. $status->in_reply_to_profile_id = $recipient->id;
  566. $status->save();
  567. $media = new Media();
  568. $media->status_id = $status->id;
  569. $media->profile_id = $profile->id;
  570. $media->user_id = $user->id;
  571. $media->media_path = $path;
  572. $media->original_sha256 = $hash;
  573. $media->size = $photo->getSize();
  574. $media->mime = $photo->getMimeType();
  575. $media->caption = null;
  576. $media->filter_class = null;
  577. $media->filter_name = null;
  578. $media->save();
  579. $dm = new DirectMessage;
  580. $dm->to_id = $recipient->id;
  581. $dm->from_id = $profile->id;
  582. $dm->status_id = $status->id;
  583. $dm->type = array_first(explode('/', $media->mime)) == 'video' ? 'video' : 'photo';
  584. $dm->is_hidden = $hidden;
  585. $dm->save();
  586. Conversation::updateOrInsert(
  587. [
  588. 'to_id' => $recipient->id,
  589. 'from_id' => $profile->id
  590. ],
  591. [
  592. 'type' => $dm->type,
  593. 'status_id' => $status->id,
  594. 'dm_id' => $dm->id,
  595. 'is_hidden' => $hidden
  596. ]
  597. );
  598. if($recipient->domain) {
  599. $this->remoteDeliver($dm);
  600. }
  601. return [
  602. 'id' => $dm->id,
  603. 'reportId' => (string) $dm->status_id,
  604. 'type' => $dm->type,
  605. 'url' => $media->url()
  606. ];
  607. }
  608. public function composeLookup(Request $request)
  609. {
  610. $this->validate($request, [
  611. 'q' => 'required|string|min:2|max:50',
  612. 'remote' => 'nullable',
  613. ]);
  614. $q = $request->input('q');
  615. $r = $request->input('remote', false);
  616. if($r && !Str::of($q)->contains('.')) {
  617. return [];
  618. }
  619. if($r && Helpers::validateUrl($q)) {
  620. Helpers::profileFetch($q);
  621. }
  622. if(Str::of($q)->startsWith('@')) {
  623. if(strlen($q) < 3) {
  624. return [];
  625. }
  626. if(substr_count($q, '@') == 2) {
  627. WebfingerService::lookup($q);
  628. }
  629. $q = mb_substr($q, 1);
  630. }
  631. $blocked = UserFilter::whereFilterableType('App\Profile')
  632. ->whereFilterType('block')
  633. ->whereFilterableId($request->user()->profile_id)
  634. ->pluck('user_id');
  635. $blocked->push($request->user()->profile_id);
  636. $results = Profile::select('id','domain','username')
  637. ->whereNotIn('id', $blocked)
  638. ->where('username','like','%'.$q.'%')
  639. ->orderBy('domain')
  640. ->limit(8)
  641. ->get()
  642. ->map(function($r) {
  643. $acct = AccountService::get($r->id);
  644. return [
  645. 'local' => (bool) !$r->domain,
  646. 'id' => (string) $r->id,
  647. 'name' => $r->username,
  648. 'privacy' => true,
  649. 'avatar' => $r->avatarUrl(),
  650. 'account' => $acct
  651. ];
  652. });
  653. return $results;
  654. }
  655. public function read(Request $request)
  656. {
  657. $this->validate($request, [
  658. 'pid' => 'required',
  659. 'sid' => 'required'
  660. ]);
  661. $pid = $request->input('pid');
  662. $sid = $request->input('sid');
  663. $dms = DirectMessage::whereToId($request->user()->profile_id)
  664. ->whereFromId($pid)
  665. ->where('status_id', '>=', $sid)
  666. ->get();
  667. $now = now();
  668. foreach($dms as $dm) {
  669. $dm->read_at = $now;
  670. $dm->save();
  671. }
  672. return response()->json($dms->pluck('id'));
  673. }
  674. public function mute(Request $request)
  675. {
  676. $this->validate($request, [
  677. 'id' => 'required'
  678. ]);
  679. $fid = $request->input('id');
  680. $pid = $request->user()->profile_id;
  681. UserFilter::firstOrCreate(
  682. [
  683. 'user_id' => $pid,
  684. 'filterable_id' => $fid,
  685. 'filterable_type' => 'App\Profile',
  686. 'filter_type' => 'dm.mute'
  687. ]
  688. );
  689. return [200];
  690. }
  691. public function unmute(Request $request)
  692. {
  693. $this->validate($request, [
  694. 'id' => 'required'
  695. ]);
  696. $fid = $request->input('id');
  697. $pid = $request->user()->profile_id;
  698. $f = UserFilter::whereUserId($pid)
  699. ->whereFilterableId($fid)
  700. ->whereFilterableType('App\Profile')
  701. ->whereFilterType('dm.mute')
  702. ->firstOrFail();
  703. $f->delete();
  704. return [200];
  705. }
  706. public function remoteDeliver($dm)
  707. {
  708. $profile = $dm->author;
  709. $url = $dm->recipient->sharedInbox ?? $dm->recipient->inbox_url;
  710. $tags = [
  711. [
  712. 'type' => 'Mention',
  713. 'href' => $dm->recipient->permalink(),
  714. 'name' => $dm->recipient->emailUrl(),
  715. ]
  716. ];
  717. $body = [
  718. '@context' => [
  719. 'https://w3id.org/security/v1',
  720. 'https://www.w3.org/ns/activitystreams',
  721. ],
  722. 'id' => $dm->status->permalink(),
  723. 'type' => 'Create',
  724. 'actor' => $dm->status->profile->permalink(),
  725. 'published' => $dm->status->created_at->toAtomString(),
  726. 'to' => [$dm->recipient->permalink()],
  727. 'cc' => [],
  728. 'object' => [
  729. 'id' => $dm->status->url(),
  730. 'type' => 'Note',
  731. 'summary' => null,
  732. 'content' => $dm->status->rendered ?? $dm->status->caption,
  733. 'inReplyTo' => null,
  734. 'published' => $dm->status->created_at->toAtomString(),
  735. 'url' => $dm->status->url(),
  736. 'attributedTo' => $dm->status->profile->permalink(),
  737. 'to' => [$dm->recipient->permalink()],
  738. 'cc' => [],
  739. 'sensitive' => (bool) $dm->status->is_nsfw,
  740. 'attachment' => $dm->status->media()->orderBy('order')->get()->map(function ($media) {
  741. return [
  742. 'type' => $media->activityVerb(),
  743. 'mediaType' => $media->mime,
  744. 'url' => $media->url(),
  745. 'name' => $media->caption,
  746. ];
  747. })->toArray(),
  748. 'tag' => $tags,
  749. ]
  750. ];
  751. DirectDeliverPipeline::dispatch($profile, $url, $body)->onQueue('high');
  752. }
  753. public function remoteDelete($dm)
  754. {
  755. $profile = $dm->author;
  756. $url = $dm->recipient->sharedInbox ?? $dm->recipient->inbox_url;
  757. $body = [
  758. '@context' => [
  759. 'https://www.w3.org/ns/activitystreams',
  760. ],
  761. 'id' => $dm->status->permalink('#delete'),
  762. 'to' => [
  763. 'https://www.w3.org/ns/activitystreams#Public'
  764. ],
  765. 'type' => 'Delete',
  766. 'actor' => $dm->status->profile->permalink(),
  767. 'object' => [
  768. 'id' => $dm->status->url(),
  769. 'type' => 'Tombstone'
  770. ]
  771. ];
  772. DirectDeletePipeline::dispatch($profile, $url, $body)->onQueue('high');
  773. }
  774. }