1
0

ProfileController.php 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281
  1. <?php
  2. namespace App\Http\Controllers;
  3. use Illuminate\Http\Request;
  4. use Auth;
  5. use Cache;
  6. use DB;
  7. use View;
  8. use App\Follower;
  9. use App\FollowRequest;
  10. use App\Profile;
  11. use App\Story;
  12. use App\User;
  13. use App\UserFilter;
  14. use League\Fractal;
  15. use App\Services\AccountService;
  16. use App\Services\FollowerService;
  17. use App\Services\StatusService;
  18. use App\Util\Lexer\Nickname;
  19. use App\Util\Webfinger\Webfinger;
  20. use App\Transformer\ActivityPub\ProfileOutbox;
  21. use App\Transformer\ActivityPub\ProfileTransformer;
  22. class ProfileController extends Controller
  23. {
  24. public function show(Request $request, $username)
  25. {
  26. // redirect authed users to Metro 2.0
  27. if($request->user()) {
  28. // unless they force static view
  29. if(!$request->has('fs') || $request->input('fs') != '1') {
  30. $pid = AccountService::usernameToId($username);
  31. if($pid) {
  32. return redirect('/i/web/profile/' . $pid);
  33. }
  34. }
  35. }
  36. $user = Profile::whereNull('domain')
  37. ->whereNull('status')
  38. ->whereUsername($username)
  39. ->firstOrFail();
  40. if($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
  41. return $this->showActivityPub($request, $user);
  42. }
  43. return $this->buildProfile($request, $user);
  44. }
  45. protected function buildProfile(Request $request, $user)
  46. {
  47. $username = $user->username;
  48. $loggedIn = Auth::check();
  49. $isPrivate = false;
  50. $isBlocked = false;
  51. if(!$loggedIn) {
  52. $key = 'profile:settings:' . $user->id;
  53. $ttl = now()->addHours(6);
  54. $settings = Cache::remember($key, $ttl, function() use($user) {
  55. return $user->user->settings;
  56. });
  57. if ($user->is_private == true) {
  58. $profile = null;
  59. return view('profile.private', compact('user'));
  60. }
  61. $owner = false;
  62. $is_following = false;
  63. $profile = $user;
  64. $settings = [
  65. 'crawlable' => $settings->crawlable,
  66. 'following' => [
  67. 'count' => $settings->show_profile_following_count,
  68. 'list' => $settings->show_profile_following
  69. ],
  70. 'followers' => [
  71. 'count' => $settings->show_profile_follower_count,
  72. 'list' => $settings->show_profile_followers
  73. ]
  74. ];
  75. $ui = $request->has('ui') && $request->input('ui') == 'memory' ? 'profile.memory' : 'profile.show';
  76. return view($ui, compact('profile', 'settings'));
  77. } else {
  78. $key = 'profile:settings:' . $user->id;
  79. $ttl = now()->addHours(6);
  80. $settings = Cache::remember($key, $ttl, function() use($user) {
  81. return $user->user->settings;
  82. });
  83. if ($user->is_private == true) {
  84. $isPrivate = $this->privateProfileCheck($user, $loggedIn);
  85. }
  86. $isBlocked = $this->blockedProfileCheck($user);
  87. $owner = $loggedIn && Auth::id() === $user->user_id;
  88. $is_following = ($owner == false && Auth::check()) ? $user->followedBy(Auth::user()->profile) : false;
  89. if ($isPrivate == true || $isBlocked == true) {
  90. $requested = Auth::check() ? FollowRequest::whereFollowerId(Auth::user()->profile_id)
  91. ->whereFollowingId($user->id)
  92. ->exists() : false;
  93. return view('profile.private', compact('user', 'is_following', 'requested'));
  94. }
  95. $is_admin = is_null($user->domain) ? $user->user->is_admin : false;
  96. $profile = $user;
  97. $settings = [
  98. 'crawlable' => $settings->crawlable,
  99. 'following' => [
  100. 'count' => $settings->show_profile_following_count,
  101. 'list' => $settings->show_profile_following
  102. ],
  103. 'followers' => [
  104. 'count' => $settings->show_profile_follower_count,
  105. 'list' => $settings->show_profile_followers
  106. ]
  107. ];
  108. $ui = $request->has('ui') && $request->input('ui') == 'memory' ? 'profile.memory' : 'profile.show';
  109. return view($ui, compact('profile', 'settings'));
  110. }
  111. }
  112. public function permalinkRedirect(Request $request, $username)
  113. {
  114. $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  115. if ($request->wantsJson() && config_cache('federation.activitypub.enabled')) {
  116. return $this->showActivityPub($request, $user);
  117. }
  118. return redirect($user->url());
  119. }
  120. protected function privateProfileCheck(Profile $profile, $loggedIn)
  121. {
  122. if (!Auth::check()) {
  123. return true;
  124. }
  125. $user = Auth::user()->profile;
  126. if($user->id == $profile->id || !$profile->is_private) {
  127. return false;
  128. }
  129. $follows = Follower::whereProfileId($user->id)->whereFollowingId($profile->id)->exists();
  130. if ($follows == false) {
  131. return true;
  132. }
  133. return false;
  134. }
  135. public static function accountCheck(Profile $profile)
  136. {
  137. switch ($profile->status) {
  138. case 'disabled':
  139. case 'suspended':
  140. case 'delete':
  141. return view('profile.disabled');
  142. break;
  143. default:
  144. break;
  145. }
  146. return abort(404);
  147. }
  148. protected function blockedProfileCheck(Profile $profile)
  149. {
  150. $pid = Auth::user()->profile->id;
  151. $blocks = UserFilter::whereUserId($profile->id)
  152. ->whereFilterType('block')
  153. ->whereFilterableType('App\Profile')
  154. ->pluck('filterable_id')
  155. ->toArray();
  156. if (in_array($pid, $blocks)) {
  157. return true;
  158. }
  159. return false;
  160. }
  161. public function showActivityPub(Request $request, $user)
  162. {
  163. abort_if(!config_cache('federation.activitypub.enabled'), 404);
  164. abort_if($user->domain, 404);
  165. $fractal = new Fractal\Manager();
  166. $resource = new Fractal\Resource\Item($user, new ProfileTransformer);
  167. $res = $fractal->createData($resource)->toArray();
  168. return response(json_encode($res['data']))->header('Content-Type', 'application/activity+json');
  169. }
  170. public function showAtomFeed(Request $request, $user)
  171. {
  172. abort_if(!config('federation.atom.enabled'), 404);
  173. $pid = AccountService::usernameToId($user);
  174. abort_if(!$pid, 404);
  175. $profile = AccountService::get($pid);
  176. abort_if(!$profile || $profile['locked'] || !$profile['local'], 404);
  177. $items = DB::table('statuses')
  178. ->whereProfileId($pid)
  179. ->whereVisibility('public')
  180. ->whereType('photo')
  181. ->latest()
  182. ->take(10)
  183. ->get()
  184. ->map(function($status) {
  185. return StatusService::get($status->id);
  186. })
  187. ->filter(function($status) {
  188. return $status &&
  189. isset($status['account']) &&
  190. isset($status['media_attachments']) &&
  191. count($status['media_attachments']);
  192. })
  193. ->values();
  194. $permalink = config('app.url') . "/users/{$profile['username']}.atom";
  195. return response()
  196. ->view('atom.user', compact('profile', 'items', 'permalink'))
  197. ->header('Content-Type', 'application/atom+xml');
  198. }
  199. public function meRedirect()
  200. {
  201. abort_if(!Auth::check(), 404);
  202. return redirect(Auth::user()->url());
  203. }
  204. public function embed(Request $request, $username)
  205. {
  206. $res = view('profile.embed-removed');
  207. if(strlen($username) > 15 || strlen($username) < 2) {
  208. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  209. }
  210. $profile = Profile::whereUsername($username)
  211. ->whereIsPrivate(false)
  212. ->whereNull('status')
  213. ->whereNull('domain')
  214. ->first();
  215. if(!$profile) {
  216. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  217. }
  218. if(AccountService::canEmbed($profile->user_id) == false) {
  219. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  220. }
  221. $profile = AccountService::get($profile->id);
  222. $res = view('profile.embed', compact('profile'));
  223. return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  224. }
  225. public function stories(Request $request, $username)
  226. {
  227. abort_if(!config_cache('instance.stories.enabled') || !$request->user(), 404);
  228. $profile = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  229. $pid = $profile->id;
  230. $authed = Auth::user()->profile_id;
  231. abort_if($pid != $authed && !FollowerService::follows($authed, $pid), 404);
  232. $exists = Story::whereProfileId($pid)
  233. ->whereActive(true)
  234. ->exists();
  235. abort_unless($exists, 404);
  236. return view('profile.story', compact('pid', 'profile'));
  237. }
  238. }