1
0

AdminController.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554
  1. <?php
  2. namespace App\Http\Controllers;
  3. use App\{
  4. AccountInterstitial,
  5. Contact,
  6. Hashtag,
  7. Instance,
  8. Newsroom,
  9. OauthClient,
  10. Profile,
  11. Report,
  12. Status,
  13. Story,
  14. User
  15. };
  16. use DB, Cache, Storage;
  17. use Carbon\Carbon;
  18. use Illuminate\Http\Request;
  19. use Illuminate\Support\Facades\Redis;
  20. use App\Http\Controllers\Admin\{
  21. AdminDirectoryController,
  22. AdminDiscoverController,
  23. AdminInstanceController,
  24. AdminReportController,
  25. // AdminGroupsController,
  26. AdminMediaController,
  27. AdminSettingsController,
  28. // AdminStorageController,
  29. AdminSupportController,
  30. AdminUserController
  31. };
  32. use Illuminate\Validation\Rule;
  33. use App\Services\AdminStatsService;
  34. use App\Services\AccountService;
  35. use App\Services\StatusService;
  36. use App\Services\StoryService;
  37. use App\Models\CustomEmoji;
  38. class AdminController extends Controller
  39. {
  40. use AdminReportController,
  41. AdminDirectoryController,
  42. AdminDiscoverController,
  43. // AdminGroupsController,
  44. AdminMediaController,
  45. AdminSettingsController,
  46. AdminInstanceController,
  47. // AdminStorageController,
  48. AdminUserController;
  49. public function __construct()
  50. {
  51. $this->middleware('admin');
  52. $this->middleware('dangerzone');
  53. $this->middleware('twofactor');
  54. }
  55. public function home()
  56. {
  57. return view('admin.home');
  58. }
  59. public function stats()
  60. {
  61. $data = AdminStatsService::get();
  62. return view('admin.stats', compact('data'));
  63. }
  64. public function getStats()
  65. {
  66. return AdminStatsService::summary();
  67. }
  68. public function getAccounts()
  69. {
  70. $users = User::orderByDesc('id')->cursorPaginate(10);
  71. $res = [
  72. "next_page_url" => $users->nextPageUrl(),
  73. "data" => $users->map(function($user) {
  74. $account = AccountService::get($user->profile_id, true);
  75. if(!$account) {
  76. return [
  77. "id" => $user->profile_id,
  78. "username" => $user->username,
  79. "status" => "deleted",
  80. "avatar" => "/storage/avatars/default.jpg",
  81. "created_at" => $user->created_at
  82. ];
  83. }
  84. $account['user_id'] = $user->id;
  85. return $account;
  86. })
  87. ->filter(function($user) {
  88. return $user;
  89. })
  90. ];
  91. return $res;
  92. }
  93. public function getPosts()
  94. {
  95. $posts = DB::table('statuses')
  96. ->orderByDesc('id')
  97. ->cursorPaginate(10);
  98. $res = [
  99. "next_page_url" => $posts->nextPageUrl(),
  100. "data" => $posts->map(function($post) {
  101. $status = StatusService::get($post->id, false);
  102. if(!$status) {
  103. return ["id" => $post->id, "created_at" => $post->created_at];
  104. }
  105. return $status;
  106. })
  107. ];
  108. return $res;
  109. }
  110. public function getInstances()
  111. {
  112. return Instance::orderByDesc('id')->cursorPaginate(10);
  113. }
  114. public function statuses(Request $request)
  115. {
  116. $statuses = Status::orderBy('id', 'desc')->cursorPaginate(10);
  117. $data = $statuses->map(function($status) {
  118. return StatusService::get($status->id, false);
  119. })
  120. ->filter(function($s) {
  121. return $s;
  122. })
  123. ->toArray();
  124. return view('admin.statuses.home', compact('statuses', 'data'));
  125. }
  126. public function showStatus(Request $request, $id)
  127. {
  128. $status = Status::findOrFail($id);
  129. return view('admin.statuses.show', compact('status'));
  130. }
  131. public function profiles(Request $request)
  132. {
  133. $this->validate($request, [
  134. 'search' => 'nullable|string|max:250',
  135. 'filter' => [
  136. 'nullable',
  137. 'string',
  138. Rule::in(['all', 'local', 'remote'])
  139. ]
  140. ]);
  141. $search = $request->input('search');
  142. $filter = $request->input('filter');
  143. $limit = 12;
  144. $profiles = Profile::select('id','username')
  145. ->whereNull('status')
  146. ->when($search, function($q, $search) {
  147. return $q->where('username', 'like', "%$search%");
  148. })->when($filter, function($q, $filter) {
  149. if($filter == 'local') {
  150. return $q->whereNull('domain');
  151. }
  152. if($filter == 'remote') {
  153. return $q->whereNotNull('domain');
  154. }
  155. return $q;
  156. })->orderByDesc('id')
  157. ->simplePaginate($limit);
  158. return view('admin.profiles.home', compact('profiles'));
  159. }
  160. public function profileShow(Request $request, $id)
  161. {
  162. $profile = Profile::findOrFail($id);
  163. $user = $profile->user;
  164. return view('admin.profiles.edit', compact('profile', 'user'));
  165. }
  166. public function appsHome(Request $request)
  167. {
  168. $filter = $request->input('filter');
  169. if($filter == 'revoked') {
  170. $apps = OauthClient::with('user')
  171. ->whereNotNull('user_id')
  172. ->whereRevoked(true)
  173. ->orderByDesc('id')
  174. ->paginate(10);
  175. } else {
  176. $apps = OauthClient::with('user')
  177. ->whereNotNull('user_id')
  178. ->orderByDesc('id')
  179. ->paginate(10);
  180. }
  181. return view('admin.apps.home', compact('apps'));
  182. }
  183. public function hashtagsHome(Request $request)
  184. {
  185. $hashtags = Hashtag::orderByDesc('id')->paginate(10);
  186. return view('admin.hashtags.home', compact('hashtags'));
  187. }
  188. public function messagesHome(Request $request)
  189. {
  190. $messages = Contact::orderByDesc('id')->paginate(10);
  191. return view('admin.messages.home', compact('messages'));
  192. }
  193. public function messagesShow(Request $request, $id)
  194. {
  195. $message = Contact::findOrFail($id);
  196. return view('admin.messages.show', compact('message'));
  197. }
  198. public function messagesMarkRead(Request $request)
  199. {
  200. $this->validate($request, [
  201. 'id' => 'required|integer|min:1'
  202. ]);
  203. $id = $request->input('id');
  204. $message = Contact::findOrFail($id);
  205. if($message->read_at) {
  206. return;
  207. }
  208. $message->read_at = now();
  209. $message->save();
  210. return;
  211. }
  212. public function newsroomHome(Request $request)
  213. {
  214. $newsroom = Newsroom::latest()->paginate(10);
  215. return view('admin.newsroom.home', compact('newsroom'));
  216. }
  217. public function newsroomCreate(Request $request)
  218. {
  219. return view('admin.newsroom.create');
  220. }
  221. public function newsroomEdit(Request $request, $id)
  222. {
  223. $news = Newsroom::findOrFail($id);
  224. return view('admin.newsroom.edit', compact('news'));
  225. }
  226. public function newsroomDelete(Request $request, $id)
  227. {
  228. $news = Newsroom::findOrFail($id);
  229. $news->delete();
  230. return redirect('/i/admin/newsroom');
  231. }
  232. public function newsroomUpdate(Request $request, $id)
  233. {
  234. $this->validate($request, [
  235. 'title' => 'required|string|min:1|max:100',
  236. 'summary' => 'nullable|string|max:200',
  237. 'body' => 'nullable|string'
  238. ]);
  239. $changed = false;
  240. $changedFields = [];
  241. $news = Newsroom::findOrFail($id);
  242. $fields = [
  243. 'title' => 'string',
  244. 'summary' => 'string',
  245. 'body' => 'string',
  246. 'category' => 'string',
  247. 'show_timeline' => 'boolean',
  248. 'auth_only' => 'boolean',
  249. 'show_link' => 'boolean',
  250. 'force_modal' => 'boolean',
  251. 'published' => 'published'
  252. ];
  253. foreach($fields as $field => $type) {
  254. switch ($type) {
  255. case 'string':
  256. if($request->{$field} != $news->{$field}) {
  257. if($field == 'title') {
  258. $news->slug = str_slug($request->{$field});
  259. }
  260. $news->{$field} = $request->{$field};
  261. $changed = true;
  262. array_push($changedFields, $field);
  263. }
  264. break;
  265. case 'boolean':
  266. $state = $request->{$field} == 'on' ? true : false;
  267. if($state != $news->{$field}) {
  268. $news->{$field} = $state;
  269. $changed = true;
  270. array_push($changedFields, $field);
  271. }
  272. break;
  273. case 'published':
  274. $state = $request->{$field} == 'on' ? true : false;
  275. $published = $news->published_at != null;
  276. if($state != $published) {
  277. $news->published_at = $state ? now() : null;
  278. $changed = true;
  279. array_push($changedFields, $field);
  280. }
  281. break;
  282. }
  283. }
  284. if($changed) {
  285. $news->save();
  286. }
  287. $redirect = $news->published_at ? $news->permalink() : $news->editUrl();
  288. return redirect($redirect);
  289. }
  290. public function newsroomStore(Request $request)
  291. {
  292. $this->validate($request, [
  293. 'title' => 'required|string|min:1|max:100',
  294. 'summary' => 'nullable|string|max:200',
  295. 'body' => 'nullable|string'
  296. ]);
  297. $changed = false;
  298. $changedFields = [];
  299. $news = new Newsroom();
  300. $fields = [
  301. 'title' => 'string',
  302. 'summary' => 'string',
  303. 'body' => 'string',
  304. 'category' => 'string',
  305. 'show_timeline' => 'boolean',
  306. 'auth_only' => 'boolean',
  307. 'show_link' => 'boolean',
  308. 'force_modal' => 'boolean',
  309. 'published' => 'published'
  310. ];
  311. foreach($fields as $field => $type) {
  312. switch ($type) {
  313. case 'string':
  314. if($request->{$field} != $news->{$field}) {
  315. if($field == 'title') {
  316. $news->slug = str_slug($request->{$field});
  317. }
  318. $news->{$field} = $request->{$field};
  319. $changed = true;
  320. array_push($changedFields, $field);
  321. }
  322. break;
  323. case 'boolean':
  324. $state = $request->{$field} == 'on' ? true : false;
  325. if($state != $news->{$field}) {
  326. $news->{$field} = $state;
  327. $changed = true;
  328. array_push($changedFields, $field);
  329. }
  330. break;
  331. case 'published':
  332. $state = $request->{$field} == 'on' ? true : false;
  333. $published = $news->published_at != null;
  334. if($state != $published) {
  335. $news->published_at = $state ? now() : null;
  336. $changed = true;
  337. array_push($changedFields, $field);
  338. }
  339. break;
  340. }
  341. }
  342. if($changed) {
  343. $news->save();
  344. }
  345. $redirect = $news->published_at ? $news->permalink() : $news->editUrl();
  346. return redirect($redirect);
  347. }
  348. public function diagnosticsHome(Request $request)
  349. {
  350. return view('admin.diagnostics.home');
  351. }
  352. public function diagnosticsDecrypt(Request $request)
  353. {
  354. $this->validate($request, [
  355. 'payload' => 'required'
  356. ]);
  357. $key = 'exception_report:';
  358. $decrypted = decrypt($request->input('payload'));
  359. if(!starts_with($decrypted, $key)) {
  360. abort(403, 'Can only decrypt error diagnostics');
  361. }
  362. $res = [
  363. 'decrypted' => substr($decrypted, strlen($key))
  364. ];
  365. return response()->json($res);
  366. }
  367. public function stories(Request $request)
  368. {
  369. $stories = Story::with('profile')->latest()->paginate(10);
  370. $stats = StoryService::adminStats();
  371. return view('admin.stories.home', compact('stories', 'stats'));
  372. }
  373. public function customEmojiHome(Request $request)
  374. {
  375. if(!config('federation.custom_emoji.enabled')) {
  376. return view('admin.custom-emoji.not-enabled');
  377. }
  378. $this->validate($request, [
  379. 'sort' => 'sometimes|in:all,local,remote,duplicates,disabled,search'
  380. ]);
  381. if($request->has('cc')) {
  382. Cache::forget('pf:admin:custom_emoji:stats');
  383. Cache::forget('pf:custom_emoji');
  384. return redirect(route('admin.custom-emoji'));
  385. }
  386. $sort = $request->input('sort') ?? 'all';
  387. if($sort == 'search' && empty($request->input('q'))) {
  388. return redirect(route('admin.custom-emoji'));
  389. }
  390. $pg = config('database.default') == 'pgsql';
  391. $emojis = CustomEmoji::when($sort, function($query, $sort) use($request, $pg) {
  392. if($sort == 'all') {
  393. if($pg) {
  394. return $query->latest();
  395. } else {
  396. return $query->groupBy('shortcode')->latest();
  397. }
  398. } else if($sort == 'local') {
  399. return $query->latest()->where('domain', '=', config('pixelfed.domain.app'));
  400. } else if($sort == 'remote') {
  401. return $query->latest()->where('domain', '!=', config('pixelfed.domain.app'));
  402. } else if($sort == 'duplicates') {
  403. return $query->latest()->groupBy('shortcode')->havingRaw('count(*) > 1');
  404. } else if($sort == 'disabled') {
  405. return $query->latest()->whereDisabled(true);
  406. } else if($sort == 'search') {
  407. $q = $query
  408. ->latest()
  409. ->where('shortcode', 'like', '%' . $request->input('q') . '%')
  410. ->orWhere('domain', 'like', '%' . $request->input('q') . '%');
  411. if(!$request->has('dups')) {
  412. $q = $q->groupBy('shortcode');
  413. }
  414. return $q;
  415. }
  416. })
  417. ->simplePaginate(10)
  418. ->withQueryString();
  419. $stats = Cache::remember('pf:admin:custom_emoji:stats', 43200, function() use($pg) {
  420. $res = [
  421. 'total' => CustomEmoji::count(),
  422. 'active' => CustomEmoji::whereDisabled(false)->count(),
  423. 'remote' => CustomEmoji::where('domain', '!=', config('pixelfed.domain.app'))->count(),
  424. ];
  425. if($pg) {
  426. $res['duplicate'] = CustomEmoji::select('shortcode')->groupBy('shortcode')->havingRaw('count(*) > 1')->count();
  427. } else {
  428. $res['duplicate'] = CustomEmoji::groupBy('shortcode')->havingRaw('count(*) > 1')->count();
  429. }
  430. return $res;
  431. });
  432. return view('admin.custom-emoji.home', compact('emojis', 'sort', 'stats'));
  433. }
  434. public function customEmojiToggleActive(Request $request, $id)
  435. {
  436. abort_unless(config('federation.custom_emoji.enabled'), 404);
  437. $emoji = CustomEmoji::findOrFail($id);
  438. $emoji->disabled = !$emoji->disabled;
  439. $emoji->save();
  440. $key = CustomEmoji::CACHE_KEY . str_replace(':', '', $emoji->shortcode);
  441. Cache::forget($key);
  442. return redirect()->back();
  443. }
  444. public function customEmojiAdd(Request $request)
  445. {
  446. abort_unless(config('federation.custom_emoji.enabled'), 404);
  447. return view('admin.custom-emoji.add');
  448. }
  449. public function customEmojiStore(Request $request)
  450. {
  451. abort_unless(config('federation.custom_emoji.enabled'), 404);
  452. $this->validate($request, [
  453. 'shortcode' => [
  454. 'required',
  455. 'min:3',
  456. 'max:80',
  457. 'starts_with::',
  458. 'ends_with::',
  459. Rule::unique('custom_emoji')->where(function ($query) use($request) {
  460. return $query->whereDomain(config('pixelfed.domain.app'))
  461. ->whereShortcode($request->input('shortcode'));
  462. })
  463. ],
  464. 'emoji' => 'required|file|mimes:jpg,png|max:' . (config('federation.custom_emoji.max_size') / 1000)
  465. ]);
  466. $emoji = new CustomEmoji;
  467. $emoji->shortcode = $request->input('shortcode');
  468. $emoji->domain = config('pixelfed.domain.app');
  469. $emoji->save();
  470. $fileName = $emoji->id . '.' . $request->emoji->extension();
  471. $request->emoji->storeAs('public/emoji', $fileName);
  472. $emoji->media_path = 'emoji/' . $fileName;
  473. $emoji->save();
  474. Cache::forget('pf:custom_emoji');
  475. return redirect(route('admin.custom-emoji'));
  476. }
  477. public function customEmojiDelete(Request $request, $id)
  478. {
  479. abort_unless(config('federation.custom_emoji.enabled'), 404);
  480. $emoji = CustomEmoji::findOrFail($id);
  481. Storage::delete("public/{$emoji->media_path}");
  482. Cache::forget('pf:custom_emoji');
  483. $emoji->delete();
  484. return redirect(route('admin.custom-emoji'));
  485. }
  486. public function customEmojiShowDuplicates(Request $request, $id)
  487. {
  488. abort_unless(config('federation.custom_emoji.enabled'), 404);
  489. $emoji = CustomEmoji::orderBy('id')->whereDisabled(false)->whereShortcode($id)->firstOrFail();
  490. $emojis = CustomEmoji::whereShortcode($id)->where('id', '!=', $emoji->id)->cursorPaginate(10);
  491. return view('admin.custom-emoji.duplicates', compact('emoji', 'emojis'));
  492. }
  493. }