PublicApiController.php 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652
  1. <?php
  2. namespace App\Http\Controllers;
  3. use Illuminate\Http\Request;
  4. use App\{
  5. Hashtag,
  6. Follower,
  7. Like,
  8. Media,
  9. Notification,
  10. Profile,
  11. StatusHashtag,
  12. Status,
  13. UserFilter
  14. };
  15. use Auth,Cache;
  16. use Carbon\Carbon;
  17. use League\Fractal;
  18. use App\Transformer\Api\{
  19. AccountTransformer,
  20. RelationshipTransformer,
  21. StatusTransformer,
  22. };
  23. use App\Jobs\StatusPipeline\NewStatusPipeline;
  24. use League\Fractal\Serializer\ArraySerializer;
  25. use League\Fractal\Pagination\IlluminatePaginatorAdapter;
  26. class PublicApiController extends Controller
  27. {
  28. protected $fractal;
  29. public function __construct()
  30. {
  31. $this->fractal = new Fractal\Manager();
  32. $this->fractal->setSerializer(new ArraySerializer());
  33. }
  34. protected function getUserData()
  35. {
  36. if(false == Auth::check()) {
  37. return [];
  38. } else {
  39. $profile = Auth::user()->profile;
  40. if($profile->status) {
  41. return [];
  42. }
  43. $user = new Fractal\Resource\Item($profile, new AccountTransformer());
  44. return $this->fractal->createData($user)->toArray();
  45. }
  46. }
  47. protected function getLikes($status)
  48. {
  49. if(false == Auth::check()) {
  50. return [];
  51. } else {
  52. $profile = Auth::user()->profile;
  53. if($profile->status) {
  54. return [];
  55. }
  56. $likes = $status->likedBy()->orderBy('created_at','desc')->paginate(10);
  57. $collection = new Fractal\Resource\Collection($likes, new AccountTransformer());
  58. return $this->fractal->createData($collection)->toArray();
  59. }
  60. }
  61. protected function getShares($status)
  62. {
  63. if(false == Auth::check()) {
  64. return [];
  65. } else {
  66. $profile = Auth::user()->profile;
  67. if($profile->status) {
  68. return [];
  69. }
  70. $shares = $status->sharedBy()->orderBy('created_at','desc')->paginate(10);
  71. $collection = new Fractal\Resource\Collection($shares, new AccountTransformer());
  72. return $this->fractal->createData($collection)->toArray();
  73. }
  74. }
  75. public function status(Request $request, $username, int $postid)
  76. {
  77. $profile = Profile::whereUsername($username)->whereNull('status')->firstOrFail();
  78. $status = Status::whereProfileId($profile->id)->findOrFail($postid);
  79. $this->scopeCheck($profile, $status);
  80. $item = new Fractal\Resource\Item($status, new StatusTransformer());
  81. $res = [
  82. 'status' => $this->fractal->createData($item)->toArray(),
  83. 'user' => $this->getUserData(),
  84. 'likes' => $this->getLikes($status),
  85. 'shares' => $this->getShares($status),
  86. 'reactions' => [
  87. 'liked' => $status->liked(),
  88. 'shared' => $status->shared(),
  89. 'bookmarked' => $status->bookmarked(),
  90. ],
  91. ];
  92. return response()->json($res, 200, [], JSON_PRETTY_PRINT);
  93. }
  94. public function statusComments(Request $request, $username, int $postId)
  95. {
  96. $this->validate($request, [
  97. 'min_id' => 'nullable|integer|min:1',
  98. 'max_id' => 'nullable|integer|min:1|max:'.PHP_INT_MAX,
  99. 'limit' => 'nullable|integer|min:5|max:50'
  100. ]);
  101. $limit = $request->limit ?? 10;
  102. $profile = Profile::whereUsername($username)->whereNull('status')->firstOrFail();
  103. $status = Status::whereProfileId($profile->id)->whereCommentsDisabled(false)->findOrFail($postId);
  104. $this->scopeCheck($profile, $status);
  105. if(Auth::check()) {
  106. $pid = Auth::user()->profile->id;
  107. $filtered = UserFilter::whereUserId($pid)
  108. ->whereFilterableType('App\Profile')
  109. ->whereIn('filter_type', ['mute', 'block'])
  110. ->pluck('filterable_id')->toArray();
  111. } else {
  112. $filtered = [];
  113. }
  114. if($request->filled('min_id') || $request->filled('max_id')) {
  115. if($request->filled('min_id')) {
  116. $replies = $status->comments()
  117. ->whereNull('reblog_of_id')
  118. ->whereNotIn('profile_id', $filtered)
  119. ->select('id', 'caption', 'is_nsfw', 'rendered', 'profile_id', 'in_reply_to_id', 'type', 'reply_count', 'created_at')
  120. ->where('id', '>=', $request->min_id)
  121. ->orderBy('id', 'desc')
  122. ->paginate($limit);
  123. }
  124. if($request->filled('max_id')) {
  125. $replies = $status->comments()
  126. ->whereNull('reblog_of_id')
  127. ->whereNotIn('profile_id', $filtered)
  128. ->select('id', 'caption', 'is_nsfw', 'rendered', 'profile_id', 'in_reply_to_id', 'type', 'reply_count', 'created_at')
  129. ->where('id', '<=', $request->max_id)
  130. ->orderBy('id', 'desc')
  131. ->paginate($limit);
  132. }
  133. } else {
  134. $replies = $status->comments()
  135. ->whereNull('reblog_of_id')
  136. ->whereNotIn('profile_id', $filtered)
  137. ->select('id', 'caption', 'is_nsfw', 'rendered', 'profile_id', 'in_reply_to_id', 'type', 'reply_count', 'created_at')
  138. ->orderBy('id', 'desc')
  139. ->paginate($limit);
  140. }
  141. $resource = new Fractal\Resource\Collection($replies, new StatusTransformer(), 'data');
  142. $resource->setPaginator(new IlluminatePaginatorAdapter($replies));
  143. $res = $this->fractal->createData($resource)->toArray();
  144. return response()->json($res, 200, [], JSON_PRETTY_PRINT);
  145. }
  146. public function statusLikes(Request $request, $username, $id)
  147. {
  148. $profile = Profile::whereUsername($username)->whereNull('status')->firstOrFail();
  149. $status = Status::whereProfileId($profile->id)->findOrFail($id);
  150. $this->scopeCheck($profile, $status);
  151. $likes = $this->getLikes($status);
  152. return response()->json([
  153. 'data' => $likes
  154. ]);
  155. }
  156. public function statusShares(Request $request, $username, $id)
  157. {
  158. $profile = Profile::whereUsername($username)->whereNull('status')->firstOrFail();
  159. $status = Status::whereProfileId($profile->id)->findOrFail($id);
  160. $this->scopeCheck($profile, $status);
  161. $shares = $this->getShares($status);
  162. return response()->json([
  163. 'data' => $shares
  164. ]);
  165. }
  166. protected function scopeCheck(Profile $profile, Status $status)
  167. {
  168. if($profile->is_private == true && Auth::check() == false) {
  169. abort(404);
  170. }
  171. switch ($status->scope) {
  172. case 'public':
  173. case 'unlisted':
  174. break;
  175. case 'private':
  176. $user = Auth::check() ? Auth::user() : false;
  177. if(!$user) {
  178. abort(403);
  179. } else {
  180. $follows = $profile->followedBy($user->profile);
  181. if($follows == false && $profile->id !== $user->profile->id && $user->is_admin == false) {
  182. abort(404);
  183. }
  184. }
  185. break;
  186. case 'direct':
  187. abort(404);
  188. break;
  189. case 'draft':
  190. abort(404);
  191. break;
  192. default:
  193. abort(404);
  194. break;
  195. }
  196. }
  197. public function publicTimelineApi(Request $request)
  198. {
  199. $this->validate($request,[
  200. 'page' => 'nullable|integer|max:40',
  201. 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  202. 'max_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  203. 'limit' => 'nullable|integer|max:20'
  204. ]);
  205. if(config('instance.timeline.local.is_public') == false && !Auth::check()) {
  206. abort(403, 'Authentication required.');
  207. }
  208. $page = $request->input('page');
  209. $min = $request->input('min_id');
  210. $max = $request->input('max_id');
  211. $limit = $request->input('limit') ?? 3;
  212. $private = Cache::remember('profiles:private', now()->addMinutes(1440), function() {
  213. return Profile::whereIsPrivate(true)
  214. ->orWhere('unlisted', true)
  215. ->orWhere('status', '!=', null)
  216. ->pluck('id');
  217. });
  218. if(Auth::check()) {
  219. $pid = Auth::user()->profile->id;
  220. $filters = UserFilter::whereUserId($pid)
  221. ->whereFilterableType('App\Profile')
  222. ->whereIn('filter_type', ['mute', 'block'])
  223. ->pluck('filterable_id')->toArray();
  224. $filtered = array_merge($private->toArray(), $filters);
  225. } else {
  226. $filtered = $private->toArray();
  227. }
  228. if($min || $max) {
  229. $dir = $min ? '>' : '<';
  230. $id = $min ?? $max;
  231. $timeline = Status::select(
  232. 'id',
  233. 'uri',
  234. 'caption',
  235. 'rendered',
  236. 'profile_id',
  237. 'type',
  238. 'in_reply_to_id',
  239. 'reblog_of_id',
  240. 'is_nsfw',
  241. 'scope',
  242. 'local',
  243. 'reply_count',
  244. 'comments_disabled',
  245. 'created_at',
  246. 'updated_at'
  247. )->where('id', $dir, $id)
  248. ->whereIn('type', ['photo', 'photo:album', 'video', 'video:album'])
  249. ->whereLocal(true)
  250. ->whereNull('uri')
  251. ->whereNotIn('profile_id', $filtered)
  252. ->whereNull('in_reply_to_id')
  253. ->whereNull('reblog_of_id')
  254. ->whereVisibility('public')
  255. ->orderBy('created_at', 'desc')
  256. ->limit($limit)
  257. ->get();
  258. } else {
  259. $timeline = Status::select(
  260. 'id',
  261. 'uri',
  262. 'caption',
  263. 'rendered',
  264. 'profile_id',
  265. 'type',
  266. 'in_reply_to_id',
  267. 'reblog_of_id',
  268. 'is_nsfw',
  269. 'scope',
  270. 'local',
  271. 'reply_count',
  272. 'comments_disabled',
  273. 'created_at',
  274. 'updated_at'
  275. )->whereIn('type', ['photo', 'photo:album', 'video', 'video:album'])
  276. ->whereLocal(true)
  277. ->whereNull('uri')
  278. ->whereNotIn('profile_id', $filtered)
  279. ->whereNull('in_reply_to_id')
  280. ->whereNull('reblog_of_id')
  281. ->whereVisibility('public')
  282. ->orderBy('created_at', 'desc')
  283. ->simplePaginate($limit);
  284. }
  285. $fractal = new Fractal\Resource\Collection($timeline, new StatusTransformer());
  286. $res = $this->fractal->createData($fractal)->toArray();
  287. return response()->json($res);
  288. }
  289. public function homeTimelineApi(Request $request)
  290. {
  291. if(!Auth::check()) {
  292. return abort(403);
  293. }
  294. $this->validate($request,[
  295. 'page' => 'nullable|integer|max:40',
  296. 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  297. 'max_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  298. 'limit' => 'nullable|integer|max:20'
  299. ]);
  300. $page = $request->input('page');
  301. $min = $request->input('min_id');
  302. $max = $request->input('max_id');
  303. $limit = $request->input('limit') ?? 3;
  304. // TODO: Use redis for timelines
  305. // $timeline = Timeline::build()->local();
  306. $pid = Auth::user()->profile->id;
  307. $following = Cache::remember('profile:following:'.$pid, now()->addMinutes(1440), function() use($pid) {
  308. $following = Follower::whereProfileId($pid)->pluck('following_id');
  309. return $following->push($pid)->toArray();
  310. });
  311. $private = Cache::remember('profiles:private', 1440, function() {
  312. return Profile::whereIsPrivate(true)
  313. ->orWhere('unlisted', true)
  314. ->orWhere('status', '!=', null)
  315. ->pluck('id');
  316. });
  317. $private = $private->diff($following)->flatten();
  318. $filters = UserFilter::whereUserId($pid)
  319. ->whereFilterableType('App\Profile')
  320. ->whereIn('filter_type', ['mute', 'block'])
  321. ->pluck('filterable_id')->toArray();
  322. $filtered = array_merge($private->toArray(), $filters);
  323. if($min || $max) {
  324. $dir = $min ? '>' : '<';
  325. $id = $min ?? $max;
  326. $timeline = Status::select(
  327. 'id',
  328. 'uri',
  329. 'caption',
  330. 'rendered',
  331. 'profile_id',
  332. 'type',
  333. 'in_reply_to_id',
  334. 'reblog_of_id',
  335. 'is_nsfw',
  336. 'scope',
  337. 'local',
  338. 'reply_count',
  339. 'comments_disabled',
  340. 'created_at',
  341. 'updated_at'
  342. )->whereIn('type', ['photo', 'photo:album', 'video', 'video:album'])
  343. ->where('id', $dir, $id)
  344. ->whereIn('profile_id', $following)
  345. ->whereNotIn('profile_id', $filtered)
  346. ->whereNull('in_reply_to_id')
  347. ->whereNull('reblog_of_id')
  348. ->whereIn('visibility',['public', 'unlisted', 'private'])
  349. ->orderBy('created_at', 'desc')
  350. ->limit($limit)
  351. ->get();
  352. } else {
  353. $timeline = Status::select(
  354. 'id',
  355. 'uri',
  356. 'caption',
  357. 'rendered',
  358. 'profile_id',
  359. 'type',
  360. 'in_reply_to_id',
  361. 'reblog_of_id',
  362. 'is_nsfw',
  363. 'scope',
  364. 'local',
  365. 'reply_count',
  366. 'comments_disabled',
  367. 'created_at',
  368. 'updated_at'
  369. )->whereIn('type', ['photo', 'photo:album', 'video', 'video:album'])
  370. ->whereIn('profile_id', $following)
  371. ->whereNotIn('profile_id', $filtered)
  372. ->whereNull('in_reply_to_id')
  373. ->whereNull('reblog_of_id')
  374. ->whereIn('visibility',['public', 'unlisted', 'private'])
  375. ->orderBy('created_at', 'desc')
  376. ->simplePaginate($limit);
  377. }
  378. $fractal = new Fractal\Resource\Collection($timeline, new StatusTransformer());
  379. $res = $this->fractal->createData($fractal)->toArray();
  380. return response()->json($res);
  381. }
  382. public function networkTimelineApi(Request $request)
  383. {
  384. if(!Auth::check()) {
  385. return abort(403);
  386. }
  387. $this->validate($request,[
  388. 'page' => 'nullable|integer|max:40',
  389. 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  390. 'max_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  391. 'limit' => 'nullable|integer|max:20'
  392. ]);
  393. $page = $request->input('page');
  394. $min = $request->input('min_id');
  395. $max = $request->input('max_id');
  396. $limit = $request->input('limit') ?? 3;
  397. // TODO: Use redis for timelines
  398. // $timeline = Timeline::build()->local();
  399. $pid = Auth::user()->profile->id;
  400. $private = Cache::remember('profiles:private', now()->addMinutes(1440), function() {
  401. return Profile::whereIsPrivate(true)
  402. ->orWhere('unlisted', true)
  403. ->orWhere('status', '!=', null)
  404. ->pluck('id');
  405. });
  406. $filters = UserFilter::whereUserId($pid)
  407. ->whereFilterableType('App\Profile')
  408. ->whereIn('filter_type', ['mute', 'block'])
  409. ->pluck('filterable_id')->toArray();
  410. $filtered = array_merge($private->toArray(), $filters);
  411. if($min || $max) {
  412. $dir = $min ? '>' : '<';
  413. $id = $min ?? $max;
  414. $timeline = Status::select(
  415. 'id',
  416. 'uri',
  417. 'caption',
  418. 'rendered',
  419. 'profile_id',
  420. 'type',
  421. 'in_reply_to_id',
  422. 'reblog_of_id',
  423. 'is_nsfw',
  424. 'scope',
  425. 'local',
  426. 'reply_count',
  427. 'comments_disabled',
  428. 'created_at',
  429. 'updated_at'
  430. )->where('id', $dir, $id)
  431. ->whereIn('type', ['photo', 'photo:album', 'video', 'video:album'])
  432. ->whereNotIn('profile_id', $filtered)
  433. ->whereNotNull('uri')
  434. ->whereNull('in_reply_to_id')
  435. ->whereNull('reblog_of_id')
  436. ->whereVisibility('public')
  437. ->latest()
  438. ->limit($limit)
  439. ->get();
  440. } else {
  441. $timeline = Status::select(
  442. 'id',
  443. 'uri',
  444. 'caption',
  445. 'rendered',
  446. 'profile_id',
  447. 'type',
  448. 'in_reply_to_id',
  449. 'reblog_of_id',
  450. 'is_nsfw',
  451. 'scope',
  452. 'local',
  453. 'reply_count',
  454. 'comments_disabled',
  455. 'created_at',
  456. 'updated_at'
  457. )->whereIn('type', ['photo', 'photo:album', 'video', 'video:album'])
  458. ->whereNotIn('profile_id', $filtered)
  459. ->whereNull('in_reply_to_id')
  460. ->whereNull('reblog_of_id')
  461. ->whereNotNull('uri')
  462. ->whereVisibility('public')
  463. ->latest()
  464. ->simplePaginate($limit);
  465. }
  466. $fractal = new Fractal\Resource\Collection($timeline, new StatusTransformer());
  467. $res = $this->fractal->createData($fractal)->toArray();
  468. return response()->json($res);
  469. }
  470. public function relationships(Request $request)
  471. {
  472. abort_if(!Auth::check(), 403);
  473. $this->validate($request, [
  474. 'id' => 'required|array|min:1|max:20',
  475. 'id.*' => 'required|integer'
  476. ]);
  477. $ids = collect($request->input('id'));
  478. $filtered = $ids->filter(function($v) {
  479. return $v != Auth::user()->profile->id;
  480. });
  481. $relations = Profile::findOrFail($filtered->all());
  482. $fractal = new Fractal\Resource\Collection($relations, new RelationshipTransformer());
  483. $res = $this->fractal->createData($fractal)->toArray();
  484. return response()->json($res);
  485. }
  486. public function account(Request $request, $id)
  487. {
  488. $profile = Profile::whereNull('status')->findOrFail($id);
  489. $resource = new Fractal\Resource\Item($profile, new AccountTransformer());
  490. $res = $this->fractal->createData($resource)->toArray();
  491. return response()->json($res);
  492. }
  493. public function accountFollowers(Request $request, $id)
  494. {
  495. abort_unless(Auth::check(), 403);
  496. $profile = Profile::with('user')->whereNull('status')->whereNull('domain')->findOrFail($id);
  497. if(Auth::id() != $profile->user_id && $profile->is_private || !$profile->user->settings->show_profile_followers) {
  498. return response()->json([]);
  499. }
  500. $followers = $profile->followers()->orderByDesc('followers.created_at')->paginate(10);
  501. $resource = new Fractal\Resource\Collection($followers, new AccountTransformer());
  502. $res = $this->fractal->createData($resource)->toArray();
  503. return response()->json($res);
  504. }
  505. public function accountFollowing(Request $request, $id)
  506. {
  507. abort_unless(Auth::check(), 403);
  508. $profile = Profile::with('user')->whereNull('status')->whereNull('domain')->findOrFail($id);
  509. if(Auth::id() != $profile->user_id && $profile->is_private || !$profile->user->settings->show_profile_following) {
  510. return response()->json([]);
  511. }
  512. $following = $profile->following()->orderByDesc('followers.created_at')->paginate(10);
  513. $resource = new Fractal\Resource\Collection($following, new AccountTransformer());
  514. $res = $this->fractal->createData($resource)->toArray();
  515. return response()->json($res);
  516. }
  517. public function accountStatuses(Request $request, $id)
  518. {
  519. $this->validate($request, [
  520. 'only_media' => 'nullable',
  521. 'pinned' => 'nullable',
  522. 'exclude_replies' => 'nullable',
  523. 'max_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  524. 'since_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  525. 'min_id' => 'nullable|integer|min:0|max:' . PHP_INT_MAX,
  526. 'limit' => 'nullable|integer|min:1|max:24'
  527. ]);
  528. $profile = Profile::whereNull('status')->findOrFail($id);
  529. $limit = $request->limit ?? 9;
  530. $max_id = $request->max_id;
  531. $min_id = $request->min_id;
  532. $scope = $request->only_media == true ?
  533. ['photo', 'photo:album', 'video', 'video:album'] :
  534. ['photo', 'photo:album', 'video', 'video:album', 'share', 'reply'];
  535. if($profile->is_private) {
  536. if(!Auth::check()) {
  537. return response()->json([]);
  538. }
  539. $pid = Auth::user()->profile->id;
  540. $following = Cache::remember('profile:following:'.$pid, now()->addMinutes(1440), function() use($pid) {
  541. $following = Follower::whereProfileId($pid)->pluck('following_id');
  542. return $following->push($pid)->toArray();
  543. });
  544. $visibility = true == in_array($profile->id, $following) ? ['public', 'unlisted', 'private'] : [];
  545. } else {
  546. if(Auth::check()) {
  547. $pid = Auth::user()->profile->id;
  548. $following = Cache::remember('profile:following:'.$pid, now()->addMinutes(1440), function() use($pid) {
  549. $following = Follower::whereProfileId($pid)->pluck('following_id');
  550. return $following->push($pid)->toArray();
  551. });
  552. $visibility = true == in_array($profile->id, $following) ? ['public', 'unlisted', 'private'] : ['public', 'unlisted'];
  553. } else {
  554. $visibility = ['public', 'unlisted'];
  555. }
  556. }
  557. $dir = $min_id ? '>' : '<';
  558. $id = $min_id ?? $max_id;
  559. $timeline = Status::select(
  560. 'id',
  561. 'uri',
  562. 'caption',
  563. 'rendered',
  564. 'profile_id',
  565. 'type',
  566. 'in_reply_to_id',
  567. 'reblog_of_id',
  568. 'is_nsfw',
  569. 'scope',
  570. 'local',
  571. 'created_at',
  572. 'updated_at'
  573. )->whereProfileId($profile->id)
  574. ->whereIn('type', $scope)
  575. ->whereLocal(true)
  576. ->whereNull('uri')
  577. ->where('id', $dir, $id)
  578. ->whereIn('visibility', $visibility)
  579. ->latest()
  580. ->limit($limit)
  581. ->get();
  582. $resource = new Fractal\Resource\Collection($timeline, new StatusTransformer());
  583. $res = $this->fractal->createData($resource)->toArray();
  584. return response()->json($res);
  585. }
  586. }