kopia lustrzana https://github.com/pixelfed/pixelfed
Update ApiV1Controller, normalize profile id comparison
Daniel Supernault
rodzic
796ad37419
commit
374bfdae15
|
|
@ -458,7 +458,7 @@ class ApiV1Controller extends Controller
|
||||||
abort_if(!$account, 404);
|
abort_if(!$account, 404);
|
||||||
$pid = $request->user()->profile_id;
|
$pid = $request->user()->profile_id;
|
||||||
|
|
||||||
if($pid != $account['id']) {
|
if(intval($pid) !== intval($account['id'])) {
|
||||||
if($account['locked']) {
|
if($account['locked']) {
|
||||||
if(!FollowerService::follows($pid, $account['id'])) {
|
if(!FollowerService::follows($pid, $account['id'])) {
|
||||||
return [];
|
return [];
|
||||||
|
|
@ -505,7 +505,7 @@ class ApiV1Controller extends Controller
|
||||||
abort_if(!$account, 404);
|
abort_if(!$account, 404);
|
||||||
$pid = $request->user()->profile_id;
|
$pid = $request->user()->profile_id;
|
||||||
|
|
||||||
if($pid != $account['id']) {
|
if(intval($pid) !== intval($account['id'])) {
|
||||||
if($account['locked']) {
|
if($account['locked']) {
|
||||||
if(!FollowerService::follows($pid, $account['id'])) {
|
if(!FollowerService::follows($pid, $account['id'])) {
|
||||||
return [];
|
return [];
|
||||||
|
|
@ -564,7 +564,7 @@ class ApiV1Controller extends Controller
|
||||||
$profile = $napi ? AccountService::get($id, true) : AccountService::getMastodon($id, true);
|
$profile = $napi ? AccountService::get($id, true) : AccountService::getMastodon($id, true);
|
||||||
|
|
||||||
if(!$profile || !isset($profile['id']) || !$user) {
|
if(!$profile || !isset($profile['id']) || !$user) {
|
||||||
return response('', 404);
|
return $this->json(['error' => 'Account not found'], 404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$limit = $request->limit ?? 20;
|
$limit = $request->limit ?? 20;
|
||||||
|
|
@ -587,7 +587,7 @@ class ApiV1Controller extends Controller
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if($pid == $profile['id']) {
|
if(intval($pid) === intval($profile['id'])) {
|
||||||
$visibility = ['public', 'unlisted', 'private'];
|
$visibility = ['public', 'unlisted', 'private'];
|
||||||
} else if($profile['locked']) {
|
} else if($profile['locked']) {
|
||||||
$following = FollowerService::follows($pid, $profile['id']);
|
$following = FollowerService::follows($pid, $profile['id']);
|
||||||
|
|
@ -817,7 +817,7 @@ class ApiV1Controller extends Controller
|
||||||
$pid = $request->user()->profile_id ?? $request->user()->profile->id;
|
$pid = $request->user()->profile_id ?? $request->user()->profile->id;
|
||||||
$res = collect($request->input('id'))
|
$res = collect($request->input('id'))
|
||||||
->filter(function($id) use($pid) {
|
->filter(function($id) use($pid) {
|
||||||
return $id != $pid;
|
return intval($id) !== intval($pid);
|
||||||
})
|
})
|
||||||
->map(function($id) use($pid) {
|
->map(function($id) use($pid) {
|
||||||
return RelationshipService::get($pid, $id);
|
return RelationshipService::get($pid, $id);
|
||||||
|
|
@ -848,15 +848,21 @@ class ApiV1Controller extends Controller
|
||||||
$resolve = (bool) $request->input('resolve', false);
|
$resolve = (bool) $request->input('resolve', false);
|
||||||
$q = '%' . $query . '%';
|
$q = '%' . $query . '%';
|
||||||
|
|
||||||
$profiles = Profile::whereNull('status')
|
$profiles = Cache::remember('api:v1:accounts:search:' . sha1($query) . ':limit:' . $limit, 86400, function() use($q, $limit) {
|
||||||
->where('username', 'like', $q)
|
return Profile::whereNull('status')
|
||||||
->orWhere('name', 'like', $q)
|
->where('username', 'like', $q)
|
||||||
->limit($limit)
|
->orWhere('name', 'like', $q)
|
||||||
->get();
|
->limit($limit)
|
||||||
|
->pluck('id')
|
||||||
|
->map(function($id) {
|
||||||
|
return AccountService::getMastodon($id);
|
||||||
|
})
|
||||||
|
->filter(function($account) {
|
||||||
|
return $account && isset($account['id']);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
$resource = new Fractal\Resource\Collection($profiles, new AccountTransformer());
|
return $this->json($profiles);
|
||||||
$res = $this->fractal->createData($resource)->toArray();
|
|
||||||
return $this->json($res);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -908,7 +914,7 @@ class ApiV1Controller extends Controller
|
||||||
$user = $request->user();
|
$user = $request->user();
|
||||||
$pid = $user->profile_id ?? $user->profile->id;
|
$pid = $user->profile_id ?? $user->profile->id;
|
||||||
|
|
||||||
if($id == $pid) {
|
if(intval($id) === intval($pid)) {
|
||||||
abort(400, 'You cannot block yourself');
|
abort(400, 'You cannot block yourself');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -953,7 +959,7 @@ class ApiV1Controller extends Controller
|
||||||
$user = $request->user();
|
$user = $request->user();
|
||||||
$pid = $user->profile_id ?? $user->profile->id;
|
$pid = $user->profile_id ?? $user->profile->id;
|
||||||
|
|
||||||
if($id == $pid) {
|
if(intval($id) === intval($pid)) {
|
||||||
abort(400, 'You cannot unblock yourself');
|
abort(400, 'You cannot unblock yourself');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1088,7 +1094,7 @@ class ApiV1Controller extends Controller
|
||||||
|
|
||||||
$spid = $status['account']['id'];
|
$spid = $status['account']['id'];
|
||||||
|
|
||||||
if($spid !== $user->profile_id) {
|
if(intval($spid) !== intval($user->profile_id)) {
|
||||||
if($status['visibility'] == 'private') {
|
if($status['visibility'] == 'private') {
|
||||||
abort_if(!FollowerService::follows($user->profile_id, $spid), 403);
|
abort_if(!FollowerService::follows($user->profile_id, $spid), 403);
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -1143,7 +1149,7 @@ class ApiV1Controller extends Controller
|
||||||
|
|
||||||
$status = Status::findOrFail($id);
|
$status = Status::findOrFail($id);
|
||||||
|
|
||||||
if($status->profile_id !== $user->profile_id) {
|
if(intval($status->profile_id) !== intval($user->profile_id)) {
|
||||||
if($status->scope == 'private') {
|
if($status->scope == 'private') {
|
||||||
abort_if(!$status->profile->followedBy($user->profile), 403);
|
abort_if(!$status->profile->followedBy($user->profile), 403);
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -1770,6 +1776,10 @@ class ApiV1Controller extends Controller
|
||||||
$user = $request->user();
|
$user = $request->user();
|
||||||
$pid = $user->profile_id;
|
$pid = $user->profile_id;
|
||||||
|
|
||||||
|
if(intval($pid) === intval($id)) {
|
||||||
|
return $this->json(['error' => 'You cannot mute yourself'], 500);
|
||||||
|
}
|
||||||
|
|
||||||
$account = Profile::findOrFail($id);
|
$account = Profile::findOrFail($id);
|
||||||
|
|
||||||
$filter = UserFilter::firstOrCreate([
|
$filter = UserFilter::firstOrCreate([
|
||||||
|
|
@ -1803,6 +1813,10 @@ class ApiV1Controller extends Controller
|
||||||
$user = $request->user();
|
$user = $request->user();
|
||||||
$pid = $user->profile_id;
|
$pid = $user->profile_id;
|
||||||
|
|
||||||
|
if(intval($pid) === intval($id)) {
|
||||||
|
return $this->json(['error' => 'You cannot unmute yourself'], 500);
|
||||||
|
}
|
||||||
|
|
||||||
$account = Profile::findOrFail($id);
|
$account = Profile::findOrFail($id);
|
||||||
|
|
||||||
$filter = UserFilter::whereUserId($pid)
|
$filter = UserFilter::whereUserId($pid)
|
||||||
|
|
@ -2228,7 +2242,7 @@ class ApiV1Controller extends Controller
|
||||||
$scope = $res['visibility'];
|
$scope = $res['visibility'];
|
||||||
if(!in_array($scope, ['public', 'unlisted'])) {
|
if(!in_array($scope, ['public', 'unlisted'])) {
|
||||||
if($scope === 'private') {
|
if($scope === 'private') {
|
||||||
if($res['account']['id'] != $user->profile_id) {
|
if(intval($res['account']['id']) !== intval($user->profile_id)) {
|
||||||
abort_unless(FollowerService::follows($user->profile_id, $res['account']['id']), 403);
|
abort_unless(FollowerService::follows($user->profile_id, $res['account']['id']), 403);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -2261,7 +2275,7 @@ class ApiV1Controller extends Controller
|
||||||
return response('', 404);
|
return response('', 404);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($status['account']['id'] != $user->profile_id) {
|
if(intval($status['account']['id']) !== intval($user->profile_id)) {
|
||||||
if($status['visibility'] == 'private') {
|
if($status['visibility'] == 'private') {
|
||||||
if(!FollowerService::follows($user->profile_id, $status['account']['id'])) {
|
if(!FollowerService::follows($user->profile_id, $status['account']['id'])) {
|
||||||
return response('', 404);
|
return response('', 404);
|
||||||
|
|
@ -2341,7 +2355,7 @@ class ApiV1Controller extends Controller
|
||||||
$user = $request->user();
|
$user = $request->user();
|
||||||
$status = Status::findOrFail($id);
|
$status = Status::findOrFail($id);
|
||||||
|
|
||||||
if($status->profile_id !== $user->profile_id) {
|
if(intval($status->profile_id) !== intval($user->profile_id)) {
|
||||||
if($status->scope == 'private') {
|
if($status->scope == 'private') {
|
||||||
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -2407,7 +2421,7 @@ class ApiV1Controller extends Controller
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if($status->profile_id !== $user->profile_id) {
|
if(intval($status->profile_id) !== intval($user->profile_id)) {
|
||||||
if($status->scope == 'private') {
|
if($status->scope == 'private') {
|
||||||
abort_if(!$status->profile->followedBy($user->profile), 403);
|
abort_if(!$status->profile->followedBy($user->profile), 403);
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -2644,7 +2658,7 @@ class ApiV1Controller extends Controller
|
||||||
$user = $request->user();
|
$user = $request->user();
|
||||||
$status = Status::whereScope('public')->findOrFail($id);
|
$status = Status::whereScope('public')->findOrFail($id);
|
||||||
|
|
||||||
if($status->profile_id !== $user->profile_id) {
|
if(intval($status->profile_id) !== intval($user->profile_id)) {
|
||||||
if($status->scope == 'private') {
|
if($status->scope == 'private') {
|
||||||
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -2692,7 +2706,7 @@ class ApiV1Controller extends Controller
|
||||||
$user = $request->user();
|
$user = $request->user();
|
||||||
$status = Status::whereScope('public')->findOrFail($id);
|
$status = Status::whereScope('public')->findOrFail($id);
|
||||||
|
|
||||||
if($status->profile_id !== $user->profile_id) {
|
if(intval($status->profile_id) !== intval($user->profile_id)) {
|
||||||
if($status->scope == 'private') {
|
if($status->scope == 'private') {
|
||||||
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
abort_if(!FollowerService::follows($user->profile_id, $status->profile_id), 403);
|
||||||
} else {
|
} else {
|
||||||
|
|
|
||||||
Ładowanie…
Reference in New Issue