AdminController.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552
  1. <?php
  2. namespace App\Http\Controllers;
  3. use App\{
  4. AccountInterstitial,
  5. Contact,
  6. Hashtag,
  7. Instance,
  8. Newsroom,
  9. OauthClient,
  10. Profile,
  11. Report,
  12. Status,
  13. Story,
  14. User
  15. };
  16. use DB, Cache, Storage;
  17. use Carbon\Carbon;
  18. use Illuminate\Http\Request;
  19. use Illuminate\Support\Facades\Redis;
  20. use App\Http\Controllers\Admin\{
  21. AdminDiscoverController,
  22. AdminInstanceController,
  23. AdminReportController,
  24. // AdminGroupsController,
  25. AdminMediaController,
  26. AdminSettingsController,
  27. // AdminStorageController,
  28. AdminSupportController,
  29. AdminUserController
  30. };
  31. use Illuminate\Validation\Rule;
  32. use App\Services\AdminStatsService;
  33. use App\Services\AccountService;
  34. use App\Services\StatusService;
  35. use App\Services\StoryService;
  36. use App\Models\CustomEmoji;
  37. class AdminController extends Controller
  38. {
  39. use AdminReportController,
  40. AdminDiscoverController,
  41. // AdminGroupsController,
  42. AdminMediaController,
  43. AdminSettingsController,
  44. AdminInstanceController,
  45. // AdminStorageController,
  46. AdminUserController;
  47. public function __construct()
  48. {
  49. $this->middleware('admin');
  50. $this->middleware('dangerzone');
  51. $this->middleware('twofactor');
  52. }
  53. public function home()
  54. {
  55. return view('admin.home');
  56. }
  57. public function stats()
  58. {
  59. $data = AdminStatsService::get();
  60. return view('admin.stats', compact('data'));
  61. }
  62. public function getStats()
  63. {
  64. return AdminStatsService::summary();
  65. }
  66. public function getAccounts()
  67. {
  68. $users = User::orderByDesc('id')->cursorPaginate(10);
  69. $res = [
  70. "next_page_url" => $users->nextPageUrl(),
  71. "data" => $users->map(function($user) {
  72. $account = AccountService::get($user->profile_id, true);
  73. if(!$account) {
  74. return [
  75. "id" => $user->profile_id,
  76. "username" => $user->username,
  77. "status" => "deleted",
  78. "avatar" => "/storage/avatars/default.jpg",
  79. "created_at" => $user->created_at
  80. ];
  81. }
  82. $account['user_id'] = $user->id;
  83. return $account;
  84. })
  85. ->filter(function($user) {
  86. return $user;
  87. })
  88. ];
  89. return $res;
  90. }
  91. public function getPosts()
  92. {
  93. $posts = DB::table('statuses')
  94. ->orderByDesc('id')
  95. ->cursorPaginate(10);
  96. $res = [
  97. "next_page_url" => $posts->nextPageUrl(),
  98. "data" => $posts->map(function($post) {
  99. $status = StatusService::get($post->id, false);
  100. if(!$status) {
  101. return ["id" => $post->id, "created_at" => $post->created_at];
  102. }
  103. return $status;
  104. })
  105. ];
  106. return $res;
  107. }
  108. public function getInstances()
  109. {
  110. return Instance::orderByDesc('id')->cursorPaginate(10);
  111. }
  112. public function statuses(Request $request)
  113. {
  114. $statuses = Status::orderBy('id', 'desc')->cursorPaginate(10);
  115. $data = $statuses->map(function($status) {
  116. return StatusService::get($status->id, false);
  117. })
  118. ->filter(function($s) {
  119. return $s;
  120. })
  121. ->toArray();
  122. return view('admin.statuses.home', compact('statuses', 'data'));
  123. }
  124. public function showStatus(Request $request, $id)
  125. {
  126. $status = Status::findOrFail($id);
  127. return view('admin.statuses.show', compact('status'));
  128. }
  129. public function profiles(Request $request)
  130. {
  131. $this->validate($request, [
  132. 'search' => 'nullable|string|max:250',
  133. 'filter' => [
  134. 'nullable',
  135. 'string',
  136. Rule::in(['all', 'local', 'remote'])
  137. ]
  138. ]);
  139. $search = $request->input('search');
  140. $filter = $request->input('filter');
  141. $limit = 12;
  142. $profiles = Profile::select('id','username')
  143. ->whereNull('status')
  144. ->when($search, function($q, $search) {
  145. return $q->where('username', 'like', "%$search%");
  146. })->when($filter, function($q, $filter) {
  147. if($filter == 'local') {
  148. return $q->whereNull('domain');
  149. }
  150. if($filter == 'remote') {
  151. return $q->whereNotNull('domain');
  152. }
  153. return $q;
  154. })->orderByDesc('id')
  155. ->simplePaginate($limit);
  156. return view('admin.profiles.home', compact('profiles'));
  157. }
  158. public function profileShow(Request $request, $id)
  159. {
  160. $profile = Profile::findOrFail($id);
  161. $user = $profile->user;
  162. return view('admin.profiles.edit', compact('profile', 'user'));
  163. }
  164. public function appsHome(Request $request)
  165. {
  166. $filter = $request->input('filter');
  167. if($filter == 'revoked') {
  168. $apps = OauthClient::with('user')
  169. ->whereNotNull('user_id')
  170. ->whereRevoked(true)
  171. ->orderByDesc('id')
  172. ->paginate(10);
  173. } else {
  174. $apps = OauthClient::with('user')
  175. ->whereNotNull('user_id')
  176. ->orderByDesc('id')
  177. ->paginate(10);
  178. }
  179. return view('admin.apps.home', compact('apps'));
  180. }
  181. public function hashtagsHome(Request $request)
  182. {
  183. $hashtags = Hashtag::orderByDesc('id')->paginate(10);
  184. return view('admin.hashtags.home', compact('hashtags'));
  185. }
  186. public function messagesHome(Request $request)
  187. {
  188. $messages = Contact::orderByDesc('id')->paginate(10);
  189. return view('admin.messages.home', compact('messages'));
  190. }
  191. public function messagesShow(Request $request, $id)
  192. {
  193. $message = Contact::findOrFail($id);
  194. return view('admin.messages.show', compact('message'));
  195. }
  196. public function messagesMarkRead(Request $request)
  197. {
  198. $this->validate($request, [
  199. 'id' => 'required|integer|min:1'
  200. ]);
  201. $id = $request->input('id');
  202. $message = Contact::findOrFail($id);
  203. if($message->read_at) {
  204. return;
  205. }
  206. $message->read_at = now();
  207. $message->save();
  208. return;
  209. }
  210. public function newsroomHome(Request $request)
  211. {
  212. $newsroom = Newsroom::latest()->paginate(10);
  213. return view('admin.newsroom.home', compact('newsroom'));
  214. }
  215. public function newsroomCreate(Request $request)
  216. {
  217. return view('admin.newsroom.create');
  218. }
  219. public function newsroomEdit(Request $request, $id)
  220. {
  221. $news = Newsroom::findOrFail($id);
  222. return view('admin.newsroom.edit', compact('news'));
  223. }
  224. public function newsroomDelete(Request $request, $id)
  225. {
  226. $news = Newsroom::findOrFail($id);
  227. $news->delete();
  228. return redirect('/i/admin/newsroom');
  229. }
  230. public function newsroomUpdate(Request $request, $id)
  231. {
  232. $this->validate($request, [
  233. 'title' => 'required|string|min:1|max:100',
  234. 'summary' => 'nullable|string|max:200',
  235. 'body' => 'nullable|string'
  236. ]);
  237. $changed = false;
  238. $changedFields = [];
  239. $news = Newsroom::findOrFail($id);
  240. $fields = [
  241. 'title' => 'string',
  242. 'summary' => 'string',
  243. 'body' => 'string',
  244. 'category' => 'string',
  245. 'show_timeline' => 'boolean',
  246. 'auth_only' => 'boolean',
  247. 'show_link' => 'boolean',
  248. 'force_modal' => 'boolean',
  249. 'published' => 'published'
  250. ];
  251. foreach($fields as $field => $type) {
  252. switch ($type) {
  253. case 'string':
  254. if($request->{$field} != $news->{$field}) {
  255. if($field == 'title') {
  256. $news->slug = str_slug($request->{$field});
  257. }
  258. $news->{$field} = $request->{$field};
  259. $changed = true;
  260. array_push($changedFields, $field);
  261. }
  262. break;
  263. case 'boolean':
  264. $state = $request->{$field} == 'on' ? true : false;
  265. if($state != $news->{$field}) {
  266. $news->{$field} = $state;
  267. $changed = true;
  268. array_push($changedFields, $field);
  269. }
  270. break;
  271. case 'published':
  272. $state = $request->{$field} == 'on' ? true : false;
  273. $published = $news->published_at != null;
  274. if($state != $published) {
  275. $news->published_at = $state ? now() : null;
  276. $changed = true;
  277. array_push($changedFields, $field);
  278. }
  279. break;
  280. }
  281. }
  282. if($changed) {
  283. $news->save();
  284. }
  285. $redirect = $news->published_at ? $news->permalink() : $news->editUrl();
  286. return redirect($redirect);
  287. }
  288. public function newsroomStore(Request $request)
  289. {
  290. $this->validate($request, [
  291. 'title' => 'required|string|min:1|max:100',
  292. 'summary' => 'nullable|string|max:200',
  293. 'body' => 'nullable|string'
  294. ]);
  295. $changed = false;
  296. $changedFields = [];
  297. $news = new Newsroom();
  298. $fields = [
  299. 'title' => 'string',
  300. 'summary' => 'string',
  301. 'body' => 'string',
  302. 'category' => 'string',
  303. 'show_timeline' => 'boolean',
  304. 'auth_only' => 'boolean',
  305. 'show_link' => 'boolean',
  306. 'force_modal' => 'boolean',
  307. 'published' => 'published'
  308. ];
  309. foreach($fields as $field => $type) {
  310. switch ($type) {
  311. case 'string':
  312. if($request->{$field} != $news->{$field}) {
  313. if($field == 'title') {
  314. $news->slug = str_slug($request->{$field});
  315. }
  316. $news->{$field} = $request->{$field};
  317. $changed = true;
  318. array_push($changedFields, $field);
  319. }
  320. break;
  321. case 'boolean':
  322. $state = $request->{$field} == 'on' ? true : false;
  323. if($state != $news->{$field}) {
  324. $news->{$field} = $state;
  325. $changed = true;
  326. array_push($changedFields, $field);
  327. }
  328. break;
  329. case 'published':
  330. $state = $request->{$field} == 'on' ? true : false;
  331. $published = $news->published_at != null;
  332. if($state != $published) {
  333. $news->published_at = $state ? now() : null;
  334. $changed = true;
  335. array_push($changedFields, $field);
  336. }
  337. break;
  338. }
  339. }
  340. if($changed) {
  341. $news->save();
  342. }
  343. $redirect = $news->published_at ? $news->permalink() : $news->editUrl();
  344. return redirect($redirect);
  345. }
  346. public function diagnosticsHome(Request $request)
  347. {
  348. return view('admin.diagnostics.home');
  349. }
  350. public function diagnosticsDecrypt(Request $request)
  351. {
  352. $this->validate($request, [
  353. 'payload' => 'required'
  354. ]);
  355. $key = 'exception_report:';
  356. $decrypted = decrypt($request->input('payload'));
  357. if(!starts_with($decrypted, $key)) {
  358. abort(403, 'Can only decrypt error diagnostics');
  359. }
  360. $res = [
  361. 'decrypted' => substr($decrypted, strlen($key))
  362. ];
  363. return response()->json($res);
  364. }
  365. public function stories(Request $request)
  366. {
  367. $stories = Story::with('profile')->latest()->paginate(10);
  368. $stats = StoryService::adminStats();
  369. return view('admin.stories.home', compact('stories', 'stats'));
  370. }
  371. public function customEmojiHome(Request $request)
  372. {
  373. if(!config('federation.custom_emoji.enabled')) {
  374. return view('admin.custom-emoji.not-enabled');
  375. }
  376. $this->validate($request, [
  377. 'sort' => 'sometimes|in:all,local,remote,duplicates,disabled,search'
  378. ]);
  379. if($request->has('cc')) {
  380. Cache::forget('pf:admin:custom_emoji:stats');
  381. Cache::forget('pf:custom_emoji');
  382. return redirect(route('admin.custom-emoji'));
  383. }
  384. $sort = $request->input('sort') ?? 'all';
  385. if($sort == 'search' && empty($request->input('q'))) {
  386. return redirect(route('admin.custom-emoji'));
  387. }
  388. $pg = config('database.default') == 'pgsql';
  389. $emojis = CustomEmoji::when($sort, function($query, $sort) use($request, $pg) {
  390. if($sort == 'all') {
  391. if($pg) {
  392. return $query->latest();
  393. } else {
  394. return $query->groupBy('shortcode')->latest();
  395. }
  396. } else if($sort == 'local') {
  397. return $query->latest()->where('domain', '=', config('pixelfed.domain.app'));
  398. } else if($sort == 'remote') {
  399. return $query->latest()->where('domain', '!=', config('pixelfed.domain.app'));
  400. } else if($sort == 'duplicates') {
  401. return $query->latest()->groupBy('shortcode')->havingRaw('count(*) > 1');
  402. } else if($sort == 'disabled') {
  403. return $query->latest()->whereDisabled(true);
  404. } else if($sort == 'search') {
  405. $q = $query
  406. ->latest()
  407. ->where('shortcode', 'like', '%' . $request->input('q') . '%')
  408. ->orWhere('domain', 'like', '%' . $request->input('q') . '%');
  409. if(!$request->has('dups')) {
  410. $q = $q->groupBy('shortcode');
  411. }
  412. return $q;
  413. }
  414. })
  415. ->simplePaginate(10)
  416. ->withQueryString();
  417. $stats = Cache::remember('pf:admin:custom_emoji:stats', 43200, function() use($pg) {
  418. $res = [
  419. 'total' => CustomEmoji::count(),
  420. 'active' => CustomEmoji::whereDisabled(false)->count(),
  421. 'remote' => CustomEmoji::where('domain', '!=', config('pixelfed.domain.app'))->count(),
  422. ];
  423. if($pg) {
  424. $res['duplicate'] = CustomEmoji::select('shortcode')->groupBy('shortcode')->havingRaw('count(*) > 1')->count();
  425. } else {
  426. $res['duplicate'] = CustomEmoji::groupBy('shortcode')->havingRaw('count(*) > 1')->count();
  427. }
  428. return $res;
  429. });
  430. return view('admin.custom-emoji.home', compact('emojis', 'sort', 'stats'));
  431. }
  432. public function customEmojiToggleActive(Request $request, $id)
  433. {
  434. abort_unless(config('federation.custom_emoji.enabled'), 404);
  435. $emoji = CustomEmoji::findOrFail($id);
  436. $emoji->disabled = !$emoji->disabled;
  437. $emoji->save();
  438. $key = CustomEmoji::CACHE_KEY . str_replace(':', '', $emoji->shortcode);
  439. Cache::forget($key);
  440. return redirect()->back();
  441. }
  442. public function customEmojiAdd(Request $request)
  443. {
  444. abort_unless(config('federation.custom_emoji.enabled'), 404);
  445. return view('admin.custom-emoji.add');
  446. }
  447. public function customEmojiStore(Request $request)
  448. {
  449. abort_unless(config('federation.custom_emoji.enabled'), 404);
  450. $this->validate($request, [
  451. 'shortcode' => [
  452. 'required',
  453. 'min:3',
  454. 'max:80',
  455. 'starts_with::',
  456. 'ends_with::',
  457. Rule::unique('custom_emoji')->where(function ($query) use($request) {
  458. return $query->whereDomain(config('pixelfed.domain.app'))
  459. ->whereShortcode($request->input('shortcode'));
  460. })
  461. ],
  462. 'emoji' => 'required|file|mimetypes:jpg,png|max:' . (config('federation.custom_emoji.max_size') / 1000)
  463. ]);
  464. $emoji = new CustomEmoji;
  465. $emoji->shortcode = $request->input('shortcode');
  466. $emoji->domain = config('pixelfed.domain.app');
  467. $emoji->save();
  468. $fileName = $emoji->id . '.' . $request->emoji->extension();
  469. $request->emoji->storeAs('public/emoji', $fileName);
  470. $emoji->media_path = 'emoji/' . $fileName;
  471. $emoji->save();
  472. Cache::forget('pf:custom_emoji');
  473. return redirect(route('admin.custom-emoji'));
  474. }
  475. public function customEmojiDelete(Request $request, $id)
  476. {
  477. abort_unless(config('federation.custom_emoji.enabled'), 404);
  478. $emoji = CustomEmoji::findOrFail($id);
  479. Storage::delete("public/{$emoji->media_path}");
  480. Cache::forget('pf:custom_emoji');
  481. $emoji->delete();
  482. return redirect(route('admin.custom-emoji'));
  483. }
  484. public function customEmojiShowDuplicates(Request $request, $id)
  485. {
  486. abort_unless(config('federation.custom_emoji.enabled'), 404);
  487. $emoji = CustomEmoji::orderBy('id')->whereDisabled(false)->whereShortcode($id)->firstOrFail();
  488. $emojis = CustomEmoji::whereShortcode($id)->where('id', '!=', $emoji->id)->cursorPaginate(10);
  489. return view('admin.custom-emoji.duplicates', compact('emoji', 'emojis'));
  490. }
  491. }