StatusController.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442
  1. <?php
  2. namespace App\Http\Controllers;
  3. use App\Jobs\ImageOptimizePipeline\ImageOptimize;
  4. use App\Jobs\StatusPipeline\NewStatusPipeline;
  5. use App\Jobs\StatusPipeline\StatusDelete;
  6. use App\Jobs\SharePipeline\SharePipeline;
  7. use App\AccountInterstitial;
  8. use App\Media;
  9. use App\Profile;
  10. use App\Status;
  11. use App\StatusView;
  12. use App\Transformer\ActivityPub\StatusTransformer;
  13. use App\Transformer\ActivityPub\Verb\Note;
  14. use App\User;
  15. use Auth, Cache;
  16. use Illuminate\Http\Request;
  17. use League\Fractal;
  18. use App\Util\Media\Filter;
  19. use Illuminate\Support\Str;
  20. use App\Services\HashidService;
  21. use App\Services\StatusService;
  22. class StatusController extends Controller
  23. {
  24. public function show(Request $request, $username, int $id)
  25. {
  26. $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  27. if($user->status != null) {
  28. return ProfileController::accountCheck($user);
  29. }
  30. $status = Status::whereProfileId($user->id)
  31. ->whereNull('reblog_of_id')
  32. ->whereIn('scope', ['public','unlisted', 'private'])
  33. ->findOrFail($id);
  34. if($status->uri || $status->url) {
  35. $url = $status->uri ?? $status->url;
  36. if(ends_with($url, '/activity')) {
  37. $url = str_replace('/activity', '', $url);
  38. }
  39. return redirect($url);
  40. }
  41. if($status->visibility == 'private' || $user->is_private) {
  42. if(!Auth::check()) {
  43. abort(404);
  44. }
  45. $pid = Auth::user()->profile;
  46. if($user->followedBy($pid) == false && $user->id !== $pid->id && Auth::user()->is_admin == false) {
  47. abort(404);
  48. }
  49. }
  50. if($status->type == 'archived') {
  51. if(Auth::user()->profile_id !== $status->profile_id) {
  52. abort(404);
  53. }
  54. }
  55. if($request->user() && $request->user()->profile_id != $status->profile_id) {
  56. StatusView::firstOrCreate([
  57. 'status_id' => $status->id,
  58. 'status_profile_id' => $status->profile_id,
  59. 'profile_id' => $request->user()->profile_id
  60. ]);
  61. }
  62. if ($request->wantsJson() && config('federation.activitypub.enabled')) {
  63. return $this->showActivityPub($request, $status);
  64. }
  65. $template = $status->in_reply_to_id ? 'status.reply' : 'status.show';
  66. // $template = $status->type === 'video' &&
  67. // $request->has('video_beta') &&
  68. // $request->video_beta == 1 &&
  69. // $request->user() ?
  70. // 'status.show_video' : 'status.show';
  71. return view($template, compact('user', 'status'));
  72. }
  73. public function shortcodeRedirect(Request $request, $id)
  74. {
  75. abort_if(strlen($id) < 5, 404);
  76. if(!Auth::check()) {
  77. return redirect('/login?next='.urlencode('/' . $request->path()));
  78. }
  79. $id = HashidService::decode($id);
  80. $status = Status::find($id);
  81. if(!$status) {
  82. return redirect('/404');
  83. }
  84. return redirect($status->url());
  85. }
  86. public function showId(int $id)
  87. {
  88. abort(404);
  89. $status = Status::whereNull('reblog_of_id')
  90. ->whereIn('scope', ['public', 'unlisted'])
  91. ->findOrFail($id);
  92. return redirect($status->url());
  93. }
  94. public function showEmbed(Request $request, $username, int $id)
  95. {
  96. $profile = Profile::whereNull(['domain','status'])
  97. ->whereIsPrivate(false)
  98. ->whereUsername($username)
  99. ->first();
  100. if(!$profile) {
  101. $content = view('status.embed-removed');
  102. return response($content)->header('X-Frame-Options', 'ALLOWALL');
  103. }
  104. $status = Status::whereProfileId($profile->id)
  105. ->whereNull('uri')
  106. ->whereScope('public')
  107. ->whereIsNsfw(false)
  108. ->whereIn('type', ['photo', 'video','photo:album'])
  109. ->find($id);
  110. if(!$status) {
  111. $content = view('status.embed-removed');
  112. return response($content)->header('X-Frame-Options', 'ALLOWALL');
  113. }
  114. $showLikes = $request->filled('likes') && $request->likes == true;
  115. $showCaption = $request->filled('caption') && $request->caption !== false;
  116. $layout = $request->filled('layout') && $request->layout == 'compact' ? 'compact' : 'full';
  117. $content = view('status.embed', compact('status', 'showLikes', 'showCaption', 'layout'));
  118. return response($content)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  119. }
  120. public function showObject(Request $request, $username, int $id)
  121. {
  122. $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  123. if($user->status != null) {
  124. return ProfileController::accountCheck($user);
  125. }
  126. $status = Status::whereProfileId($user->id)
  127. ->whereNotIn('visibility',['draft','direct'])
  128. ->findOrFail($id);
  129. abort_if($status->uri, 404);
  130. if($status->visibility == 'private' || $user->is_private) {
  131. if(!Auth::check()) {
  132. abort(403);
  133. }
  134. $pid = Auth::user()->profile;
  135. if($user->followedBy($pid) == false && $user->id !== $pid->id) {
  136. abort(403);
  137. }
  138. }
  139. return $this->showActivityPub($request, $status);
  140. }
  141. public function compose()
  142. {
  143. $this->authCheck();
  144. return view('status.compose');
  145. }
  146. public function store(Request $request)
  147. {
  148. return;
  149. }
  150. public function delete(Request $request)
  151. {
  152. $this->authCheck();
  153. $this->validate($request, [
  154. 'item' => 'required|integer|min:1',
  155. ]);
  156. $status = Status::findOrFail($request->input('item'));
  157. $user = Auth::user();
  158. if($status->profile_id != $user->profile->id &&
  159. $user->is_admin == true &&
  160. $status->uri == null
  161. ) {
  162. $media = $status->media;
  163. $ai = new AccountInterstitial;
  164. $ai->user_id = $status->profile->user_id;
  165. $ai->type = 'post.removed';
  166. $ai->view = 'account.moderation.post.removed';
  167. $ai->item_type = 'App\Status';
  168. $ai->item_id = $status->id;
  169. $ai->has_media = (bool) $media->count();
  170. $ai->blurhash = $media->count() ? $media->first()->blurhash : null;
  171. $ai->meta = json_encode([
  172. 'caption' => $status->caption,
  173. 'created_at' => $status->created_at,
  174. 'type' => $status->type,
  175. 'url' => $status->url(),
  176. 'is_nsfw' => $status->is_nsfw,
  177. 'scope' => $status->scope,
  178. 'reblog' => $status->reblog_of_id,
  179. 'likes_count' => $status->likes_count,
  180. 'reblogs_count' => $status->reblogs_count,
  181. ]);
  182. $ai->save();
  183. $u = $status->profile->user;
  184. $u->has_interstitial = true;
  185. $u->save();
  186. }
  187. Cache::forget('_api:statuses:recent_9:' . $status->profile_id);
  188. Cache::forget('profile:status_count:' . $status->profile_id);
  189. Cache::forget('profile:embed:' . $status->profile_id);
  190. StatusService::del($status->id);
  191. if ($status->profile_id == $user->profile->id || $user->is_admin == true) {
  192. Cache::forget('profile:status_count:'.$status->profile_id);
  193. StatusDelete::dispatch($status);
  194. }
  195. if($request->wantsJson()) {
  196. return response()->json(['Status successfully deleted.']);
  197. } else {
  198. return redirect($user->url());
  199. }
  200. }
  201. public function storeShare(Request $request)
  202. {
  203. $this->authCheck();
  204. $this->validate($request, [
  205. 'item' => 'required|integer|min:1',
  206. ]);
  207. $user = Auth::user();
  208. $profile = $user->profile;
  209. $status = Status::withCount('shares')
  210. ->whereIn('scope', ['public', 'unlisted'])
  211. ->findOrFail($request->input('item'));
  212. $count = $status->shares()->count();
  213. $exists = Status::whereProfileId(Auth::user()->profile->id)
  214. ->whereReblogOfId($status->id)
  215. ->count();
  216. if ($exists !== 0) {
  217. $shares = Status::whereProfileId(Auth::user()->profile->id)
  218. ->whereReblogOfId($status->id)
  219. ->get();
  220. foreach ($shares as $share) {
  221. $share->delete();
  222. $count--;
  223. }
  224. } else {
  225. $share = new Status();
  226. $share->profile_id = $profile->id;
  227. $share->reblog_of_id = $status->id;
  228. $share->in_reply_to_profile_id = $status->profile_id;
  229. $share->save();
  230. $count++;
  231. SharePipeline::dispatch($share);
  232. }
  233. if($count >= 0) {
  234. $status->reblogs_count = $count;
  235. $status->save();
  236. }
  237. Cache::forget('status:'.$status->id.':sharedby:userid:'.$user->id);
  238. StatusService::del($status->id);
  239. if ($request->ajax()) {
  240. $response = ['code' => 200, 'msg' => 'Share saved', 'count' => $count];
  241. } else {
  242. $response = redirect($status->url());
  243. }
  244. return $response;
  245. }
  246. public function showActivityPub(Request $request, $status)
  247. {
  248. $fractal = new Fractal\Manager();
  249. $resource = new Fractal\Resource\Item($status, new Note());
  250. $res = $fractal->createData($resource)->toArray();
  251. return response()->json($res['data'], 200, ['Content-Type' => 'application/activity+json'], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES);
  252. }
  253. public function edit(Request $request, $username, $id)
  254. {
  255. $this->authCheck();
  256. $user = Auth::user()->profile;
  257. $status = Status::whereProfileId($user->id)
  258. ->with(['media'])
  259. ->where('created_at', '>', now()->subHours(24))
  260. ->findOrFail($id);
  261. return view('status.edit', compact('user', 'status'));
  262. }
  263. public function editStore(Request $request, $username, $id)
  264. {
  265. $this->authCheck();
  266. $user = Auth::user()->profile;
  267. $status = Status::whereProfileId($user->id)
  268. ->with(['media'])
  269. ->where('created_at', '>', now()->subHours(24))
  270. ->findOrFail($id);
  271. $this->validate($request, [
  272. 'id' => 'required|integer|min:1',
  273. 'caption' => 'nullable',
  274. 'filter' => 'nullable|alpha_dash|max:30',
  275. ]);
  276. $id = $request->input('id');
  277. $caption = $request->input('caption');
  278. $filter = $request->input('filter');
  279. $media = Media::whereProfileId($user->id)
  280. ->whereStatusId($status->id)
  281. ->findOrFail($id);
  282. $changed = false;
  283. if ($media->caption != $caption) {
  284. $media->caption = $caption;
  285. $changed = true;
  286. }
  287. if ($media->filter_class != $filter && in_array($filter, Filter::classes())) {
  288. $media->filter_class = $filter;
  289. $changed = true;
  290. }
  291. if ($changed === true) {
  292. $media->save();
  293. Cache::forget('status:transformer:media:attachments:'.$media->status_id);
  294. }
  295. return response()->json([], 200);
  296. }
  297. protected function authCheck()
  298. {
  299. if (Auth::check() == false) {
  300. abort(403);
  301. }
  302. }
  303. protected function validateVisibility($visibility)
  304. {
  305. $allowed = ['public', 'unlisted', 'private'];
  306. return in_array($visibility, $allowed) ? $visibility : 'public';
  307. }
  308. public static function mimeTypeCheck($mimes)
  309. {
  310. $allowed = explode(',', config('pixelfed.media_types'));
  311. $count = count($mimes);
  312. $photos = 0;
  313. $videos = 0;
  314. foreach($mimes as $mime) {
  315. if(in_array($mime, $allowed) == false && $mime !== 'video/mp4') {
  316. continue;
  317. }
  318. if(str_contains($mime, 'image/')) {
  319. $photos++;
  320. }
  321. if(str_contains($mime, 'video/')) {
  322. $videos++;
  323. }
  324. }
  325. if($photos == 1 && $videos == 0) {
  326. return 'photo';
  327. }
  328. if($videos == 1 && $photos == 0) {
  329. return 'video';
  330. }
  331. if($photos > 1 && $videos == 0) {
  332. return 'photo:album';
  333. }
  334. if($videos > 1 && $photos == 0) {
  335. return 'video:album';
  336. }
  337. if($photos >= 1 && $videos >= 1) {
  338. return 'photo:video:album';
  339. }
  340. }
  341. public function toggleVisibility(Request $request) {
  342. $this->authCheck();
  343. $this->validate($request, [
  344. 'item' => 'required|string|min:1|max:20',
  345. 'disableComments' => 'required|boolean'
  346. ]);
  347. $user = Auth::user();
  348. $id = $request->input('item');
  349. $state = $request->input('disableComments');
  350. $status = Status::findOrFail($id);
  351. if($status->profile_id != $user->profile->id && $user->is_admin == false) {
  352. abort(403);
  353. }
  354. $status->comments_disabled = $status->comments_disabled == true ? false : true;
  355. $status->save();
  356. return response()->json([200]);
  357. }
  358. public function storeView(Request $request)
  359. {
  360. abort_if(!$request->user(), 403);
  361. $this->validate($request, [
  362. 'status_id' => 'required|integer|exists:statuses,id',
  363. 'profile_id' => 'required|integer|exists:profiles,id'
  364. ]);
  365. $sid = (int) $request->input('status_id');
  366. $pid = (int) $request->input('profile_id');
  367. StatusView::firstOrCreate([
  368. 'status_id' => $sid,
  369. 'status_profile_id' => $pid,
  370. 'profile_id' => $request->user()->profile_id
  371. ]);
  372. return response()->json(1);
  373. }
  374. }