ProfileController.php 7.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279
  1. <?php
  2. namespace App\Http\Controllers;
  3. use Illuminate\Http\Request;
  4. use Auth;
  5. use Cache;
  6. use DB;
  7. use View;
  8. use App\Follower;
  9. use App\FollowRequest;
  10. use App\Profile;
  11. use App\Story;
  12. use App\User;
  13. use App\UserFilter;
  14. use League\Fractal;
  15. use App\Services\AccountService;
  16. use App\Services\FollowerService;
  17. use App\Services\StatusService;
  18. use App\Util\Lexer\Nickname;
  19. use App\Util\Webfinger\Webfinger;
  20. use App\Transformer\ActivityPub\ProfileOutbox;
  21. use App\Transformer\ActivityPub\ProfileTransformer;
  22. class ProfileController extends Controller
  23. {
  24. public function show(Request $request, $username)
  25. {
  26. // redirect authed users to Metro 2.0
  27. if($request->user()) {
  28. // unless they force static view
  29. if(!$request->has('fs') || $request->input('fs') != '1') {
  30. $pid = AccountService::usernameToId($username);
  31. if($pid) {
  32. return redirect('/i/web/profile/' . $pid);
  33. }
  34. }
  35. }
  36. $user = Profile::whereNull('domain')
  37. ->whereNull('status')
  38. ->whereUsername($username)
  39. ->firstOrFail();
  40. if($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
  41. return $this->showActivityPub($request, $user);
  42. }
  43. return $this->buildProfile($request, $user);
  44. }
  45. protected function buildProfile(Request $request, $user)
  46. {
  47. $username = $user->username;
  48. $loggedIn = Auth::check();
  49. $isPrivate = false;
  50. $isBlocked = false;
  51. if(!$loggedIn) {
  52. $key = 'profile:settings:' . $user->id;
  53. $ttl = now()->addHours(6);
  54. $settings = Cache::remember($key, $ttl, function() use($user) {
  55. return $user->user->settings;
  56. });
  57. if ($user->is_private == true) {
  58. $profile = null;
  59. return view('profile.private', compact('user'));
  60. }
  61. $owner = false;
  62. $is_following = false;
  63. $profile = $user;
  64. $settings = [
  65. 'crawlable' => $settings->crawlable,
  66. 'following' => [
  67. 'count' => $settings->show_profile_following_count,
  68. 'list' => $settings->show_profile_following
  69. ],
  70. 'followers' => [
  71. 'count' => $settings->show_profile_follower_count,
  72. 'list' => $settings->show_profile_followers
  73. ]
  74. ];
  75. return view('profile.show', compact('profile', 'settings'));
  76. } else {
  77. $key = 'profile:settings:' . $user->id;
  78. $ttl = now()->addHours(6);
  79. $settings = Cache::remember($key, $ttl, function() use($user) {
  80. return $user->user->settings;
  81. });
  82. if ($user->is_private == true) {
  83. $isPrivate = $this->privateProfileCheck($user, $loggedIn);
  84. }
  85. $isBlocked = $this->blockedProfileCheck($user);
  86. $owner = $loggedIn && Auth::id() === $user->user_id;
  87. $is_following = ($owner == false && Auth::check()) ? $user->followedBy(Auth::user()->profile) : false;
  88. if ($isPrivate == true || $isBlocked == true) {
  89. $requested = Auth::check() ? FollowRequest::whereFollowerId(Auth::user()->profile_id)
  90. ->whereFollowingId($user->id)
  91. ->exists() : false;
  92. return view('profile.private', compact('user', 'is_following', 'requested'));
  93. }
  94. $is_admin = is_null($user->domain) ? $user->user->is_admin : false;
  95. $profile = $user;
  96. $settings = [
  97. 'crawlable' => $settings->crawlable,
  98. 'following' => [
  99. 'count' => $settings->show_profile_following_count,
  100. 'list' => $settings->show_profile_following
  101. ],
  102. 'followers' => [
  103. 'count' => $settings->show_profile_follower_count,
  104. 'list' => $settings->show_profile_followers
  105. ]
  106. ];
  107. $ui = $request->has('ui') && $request->input('ui') == 'memory' ? 'profile.memory' : 'profile.show';
  108. return view($ui, compact('profile', 'settings'));
  109. }
  110. }
  111. public function permalinkRedirect(Request $request, $username)
  112. {
  113. $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  114. if ($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
  115. return $this->showActivityPub($request, $user);
  116. }
  117. return redirect($user->url());
  118. }
  119. protected function privateProfileCheck(Profile $profile, $loggedIn)
  120. {
  121. if (!Auth::check()) {
  122. return true;
  123. }
  124. $user = Auth::user()->profile;
  125. if($user->id == $profile->id || !$profile->is_private) {
  126. return false;
  127. }
  128. $follows = Follower::whereProfileId($user->id)->whereFollowingId($profile->id)->exists();
  129. if ($follows == false) {
  130. return true;
  131. }
  132. return false;
  133. }
  134. public static function accountCheck(Profile $profile)
  135. {
  136. switch ($profile->status) {
  137. case 'disabled':
  138. case 'suspended':
  139. case 'delete':
  140. return view('profile.disabled');
  141. break;
  142. default:
  143. break;
  144. }
  145. return abort(404);
  146. }
  147. protected function blockedProfileCheck(Profile $profile)
  148. {
  149. $pid = Auth::user()->profile->id;
  150. $blocks = UserFilter::whereUserId($profile->id)
  151. ->whereFilterType('block')
  152. ->whereFilterableType('App\Profile')
  153. ->pluck('filterable_id')
  154. ->toArray();
  155. if (in_array($pid, $blocks)) {
  156. return true;
  157. }
  158. return false;
  159. }
  160. public function showActivityPub(Request $request, $user)
  161. {
  162. abort_if(!config_cache('federation.activitypub.enabled'), 404);
  163. abort_if($user->domain, 404);
  164. $fractal = new Fractal\Manager();
  165. $resource = new Fractal\Resource\Item($user, new ProfileTransformer);
  166. $res = $fractal->createData($resource)->toArray();
  167. return response(json_encode($res['data']))->header('Content-Type', 'application/activity+json');
  168. }
  169. public function showAtomFeed(Request $request, $user)
  170. {
  171. abort_if(!config('federation.atom.enabled'), 404);
  172. $pid = AccountService::usernameToId($user);
  173. abort_if(!$pid, 404);
  174. $profile = AccountService::get($pid);
  175. abort_if(!$profile || $profile['locked'] || !$profile['local'], 404);
  176. $items = DB::table('statuses')
  177. ->whereProfileId($pid)
  178. ->whereVisibility('public')
  179. ->whereType('photo')
  180. ->latest()
  181. ->take(10)
  182. ->get()
  183. ->map(function($status) {
  184. return StatusService::get($status->id);
  185. })
  186. ->filter(function($status) {
  187. return $status &&
  188. isset($status['account']) &&
  189. isset($status['media_attachments']) &&
  190. count($status['media_attachments']);
  191. })
  192. ->values();
  193. $permalink = config('app.url') . "/users/{$profile['username']}.atom";
  194. return response()
  195. ->view('atom.user', compact('profile', 'items', 'permalink'))
  196. ->header('Content-Type', 'application/atom+xml');
  197. }
  198. public function meRedirect()
  199. {
  200. abort_if(!Auth::check(), 404);
  201. return redirect(Auth::user()->url());
  202. }
  203. public function embed(Request $request, $username)
  204. {
  205. $res = view('profile.embed-removed');
  206. if(strlen($username) > 15 || strlen($username) < 2) {
  207. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  208. }
  209. $profile = Profile::whereUsername($username)
  210. ->whereIsPrivate(false)
  211. ->whereNull('status')
  212. ->whereNull('domain')
  213. ->first();
  214. if(!$profile) {
  215. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  216. }
  217. if(AccountService::canEmbed($profile->user_id) == false) {
  218. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  219. }
  220. $profile = AccountService::get($profile->id);
  221. $res = view('profile.embed', compact('profile'));
  222. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  223. }
  224. public function stories(Request $request, $username)
  225. {
  226. abort_if(!config_cache('instance.stories.enabled') || !$request->user(), 404);
  227. $profile = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  228. $pid = $profile->id;
  229. $authed = Auth::user()->profile_id;
  230. abort_if($pid != $authed && !FollowerService::follows($authed, $pid), 404);
  231. $exists = Story::whereProfileId($pid)
  232. ->whereActive(true)
  233. ->exists();
  234. abort_unless($exists, 404);
  235. return view('profile.story', compact('pid', 'profile'));
  236. }
  237. }