StatusController.php 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360
  1. <?php
  2. namespace App\Http\Controllers;
  3. use App\Jobs\ImageOptimizePipeline\ImageOptimize;
  4. use App\Jobs\StatusPipeline\NewStatusPipeline;
  5. use App\Jobs\StatusPipeline\StatusDelete;
  6. use App\Jobs\SharePipeline\SharePipeline;
  7. use App\Media;
  8. use App\Profile;
  9. use App\Status;
  10. use App\Transformer\ActivityPub\StatusTransformer;
  11. use App\Transformer\ActivityPub\Verb\Note;
  12. use App\User;
  13. use Auth, Cache;
  14. use Illuminate\Http\Request;
  15. use League\Fractal;
  16. use App\Util\Media\Filter;
  17. use Illuminate\Support\Str;
  18. use App\Services\HashidService;
  19. class StatusController extends Controller
  20. {
  21. public function show(Request $request, $username, int $id)
  22. {
  23. $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  24. if($user->status != null) {
  25. return ProfileController::accountCheck($user);
  26. }
  27. $status = Status::whereProfileId($user->id)
  28. ->whereNull('reblog_of_id')
  29. ->whereNotIn('visibility',['draft','direct'])
  30. ->findOrFail($id);
  31. if($status->uri || $status->url) {
  32. $url = $status->uri ?? $status->url;
  33. if(ends_with($url, '/activity')) {
  34. $url = str_replace('/activity', '', $url);
  35. }
  36. return redirect($url);
  37. }
  38. if($status->visibility == 'private' || $user->is_private) {
  39. if(!Auth::check()) {
  40. abort(404);
  41. }
  42. $pid = Auth::user()->profile;
  43. if($user->followedBy($pid) == false && $user->id !== $pid->id && Auth::user()->is_admin == false) {
  44. abort(404);
  45. }
  46. }
  47. if($status->type == 'archived') {
  48. if(Auth::user()->profile_id !== $status->profile_id) {
  49. abort(404);
  50. }
  51. }
  52. if ($request->wantsJson() && config('federation.activitypub.enabled')) {
  53. return $this->showActivityPub($request, $status);
  54. }
  55. $template = $status->in_reply_to_id ? 'status.reply' : 'status.show';
  56. return view($template, compact('user', 'status'));
  57. }
  58. public function shortcodeRedirect(Request $request, $id)
  59. {
  60. if(strlen($id) < 5 || !Auth::check()) {
  61. return redirect('/login?next='.urlencode('/' . $request->path()));
  62. }
  63. $id = HashidService::decode($id);
  64. $status = Status::findOrFail($id);
  65. return redirect($status->url());
  66. }
  67. public function showId(int $id)
  68. {
  69. abort(404);
  70. $status = Status::whereNull('reblog_of_id')
  71. ->whereIn('scope', ['public', 'unlisted'])
  72. ->findOrFail($id);
  73. return redirect($status->url());
  74. }
  75. public function showEmbed(Request $request, $username, int $id)
  76. {
  77. $profile = Profile::whereNull(['domain','status'])
  78. ->whereIsPrivate(false)
  79. ->whereUsername($username)
  80. ->first();
  81. if(!$profile) {
  82. $content = view('status.embed-removed');
  83. return response($content)->header('X-Frame-Options', 'ALLOWALL');
  84. }
  85. $status = Status::whereProfileId($profile->id)
  86. ->whereNull('uri')
  87. ->whereScope('public')
  88. ->whereIsNsfw(false)
  89. ->whereIn('type', ['photo', 'video'])
  90. ->find($id);
  91. if(!$status) {
  92. $content = view('status.embed-removed');
  93. return response($content)->header('X-Frame-Options', 'ALLOWALL');
  94. }
  95. $showLikes = $request->filled('likes') && $request->likes == true;
  96. $showCaption = $request->filled('caption') && $request->caption !== false;
  97. $layout = $request->filled('layout') && $request->layout == 'compact' ? 'compact' : 'full';
  98. $content = view('status.embed', compact('status', 'showLikes', 'showCaption', 'layout'));
  99. return response($content)->withHeaders(['X-Frame-Options' => 'ALLOWALL']);
  100. }
  101. public function showObject(Request $request, $username, int $id)
  102. {
  103. $user = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
  104. if($user->status != null) {
  105. return ProfileController::accountCheck($user);
  106. }
  107. $status = Status::whereProfileId($user->id)
  108. ->whereNotIn('visibility',['draft','direct'])
  109. ->findOrFail($id);
  110. abort_if($status->uri, 404);
  111. if($status->visibility == 'private' || $user->is_private) {
  112. if(!Auth::check()) {
  113. abort(403);
  114. }
  115. $pid = Auth::user()->profile;
  116. if($user->followedBy($pid) == false && $user->id !== $pid->id) {
  117. abort(403);
  118. }
  119. }
  120. return $this->showActivityPub($request, $status);
  121. }
  122. public function compose()
  123. {
  124. $this->authCheck();
  125. return view('status.compose');
  126. }
  127. public function store(Request $request)
  128. {
  129. return;
  130. }
  131. public function delete(Request $request)
  132. {
  133. $this->authCheck();
  134. $this->validate($request, [
  135. 'item' => 'required|integer|min:1',
  136. ]);
  137. $status = Status::findOrFail($request->input('item'));
  138. if ($status->profile_id === Auth::user()->profile->id || Auth::user()->is_admin == true) {
  139. Cache::forget('profile:status_count:'.$status->profile_id);
  140. StatusDelete::dispatch($status);
  141. }
  142. if($request->wantsJson()) {
  143. return response()->json(['Status successfully deleted.']);
  144. } else {
  145. return redirect(Auth::user()->url());
  146. }
  147. }
  148. public function storeShare(Request $request)
  149. {
  150. $this->authCheck();
  151. $this->validate($request, [
  152. 'item' => 'required|integer|min:1',
  153. ]);
  154. $user = Auth::user();
  155. $profile = $user->profile;
  156. $status = Status::withCount('shares')
  157. ->whereIn('scope', ['public', 'unlisted'])
  158. ->findOrFail($request->input('item'));
  159. $count = $status->shares()->count();
  160. $exists = Status::whereProfileId(Auth::user()->profile->id)
  161. ->whereReblogOfId($status->id)
  162. ->count();
  163. if ($exists !== 0) {
  164. $shares = Status::whereProfileId(Auth::user()->profile->id)
  165. ->whereReblogOfId($status->id)
  166. ->get();
  167. foreach ($shares as $share) {
  168. $share->delete();
  169. $count--;
  170. }
  171. } else {
  172. $share = new Status();
  173. $share->profile_id = $profile->id;
  174. $share->reblog_of_id = $status->id;
  175. $share->in_reply_to_profile_id = $status->profile_id;
  176. $share->save();
  177. $count++;
  178. SharePipeline::dispatch($share);
  179. }
  180. if($count >= 0) {
  181. $status->reblogs_count = $count;
  182. $status->save();
  183. }
  184. Cache::forget('status:'.$status->id.':sharedby:userid:'.$user->id);
  185. if ($request->ajax()) {
  186. $response = ['code' => 200, 'msg' => 'Share saved', 'count' => $count];
  187. } else {
  188. $response = redirect($status->url());
  189. }
  190. return $response;
  191. }
  192. public function showActivityPub(Request $request, $status)
  193. {
  194. $fractal = new Fractal\Manager();
  195. $resource = new Fractal\Resource\Item($status, new Note());
  196. $res = $fractal->createData($resource)->toArray();
  197. return response()->json($res['data'], 200, ['Content-Type' => 'application/activity+json'], JSON_PRETTY_PRINT);
  198. }
  199. public function edit(Request $request, $username, $id)
  200. {
  201. $this->authCheck();
  202. $user = Auth::user()->profile;
  203. $status = Status::whereProfileId($user->id)
  204. ->with(['media'])
  205. ->where('created_at', '>', now()->subHours(24))
  206. ->findOrFail($id);
  207. return view('status.edit', compact('user', 'status'));
  208. }
  209. public function editStore(Request $request, $username, $id)
  210. {
  211. $this->authCheck();
  212. $user = Auth::user()->profile;
  213. $status = Status::whereProfileId($user->id)
  214. ->with(['media'])
  215. ->where('created_at', '>', now()->subHours(24))
  216. ->findOrFail($id);
  217. $this->validate($request, [
  218. 'id' => 'required|integer|min:1',
  219. 'caption' => 'nullable',
  220. 'filter' => 'nullable|alpha_dash|max:30',
  221. ]);
  222. $id = $request->input('id');
  223. $caption = $request->input('caption');
  224. $filter = $request->input('filter');
  225. $media = Media::whereProfileId($user->id)
  226. ->whereStatusId($status->id)
  227. ->findOrFail($id);
  228. $changed = false;
  229. if ($media->caption != $caption) {
  230. $media->caption = $caption;
  231. $changed = true;
  232. }
  233. if ($media->filter_class != $filter && in_array($filter, Filter::classes())) {
  234. $media->filter_class = $filter;
  235. $changed = true;
  236. }
  237. if ($changed === true) {
  238. $media->save();
  239. Cache::forget('status:transformer:media:attachments:'.$media->status_id);
  240. }
  241. return response()->json([], 200);
  242. }
  243. protected function authCheck()
  244. {
  245. if (Auth::check() == false) {
  246. abort(403);
  247. }
  248. }
  249. protected function validateVisibility($visibility)
  250. {
  251. $allowed = ['public', 'unlisted', 'private'];
  252. return in_array($visibility, $allowed) ? $visibility : 'public';
  253. }
  254. public static function mimeTypeCheck($mimes)
  255. {
  256. $allowed = explode(',', config('pixelfed.media_types'));
  257. $count = count($mimes);
  258. $photos = 0;
  259. $videos = 0;
  260. foreach($mimes as $mime) {
  261. if(in_array($mime, $allowed) == false && $mime !== 'video/mp4') {
  262. continue;
  263. }
  264. if(str_contains($mime, 'image/')) {
  265. $photos++;
  266. }
  267. if(str_contains($mime, 'video/')) {
  268. $videos++;
  269. }
  270. }
  271. if($photos == 1 && $videos == 0) {
  272. return 'photo';
  273. }
  274. if($videos == 1 && $photos == 0) {
  275. return 'video';
  276. }
  277. if($photos > 1 && $videos == 0) {
  278. return 'photo:album';
  279. }
  280. if($videos > 1 && $photos == 0) {
  281. return 'video:album';
  282. }
  283. if($photos >= 1 && $videos >= 1) {
  284. return 'photo:video:album';
  285. }
  286. }
  287. public function toggleVisibility(Request $request) {
  288. $this->authCheck();
  289. $this->validate($request, [
  290. 'item' => 'required|string|min:1|max:20',
  291. 'disableComments' => 'required|boolean'
  292. ]);
  293. $user = Auth::user();
  294. $id = $request->input('item');
  295. $state = $request->input('disableComments');
  296. $status = Status::findOrFail($id);
  297. if($status->profile_id != $user->profile->id && $user->is_admin == false) {
  298. abort(403);
  299. }
  300. $status->comments_disabled = $status->comments_disabled == true ? false : true;
  301. $status->save();
  302. return response()->json([200]);
  303. }
  304. }