diff --git a/app/Http/Controllers/Api/ApiV1Dot1Controller.php b/app/Http/Controllers/Api/ApiV1Dot1Controller.php new file mode 100644 index 00000000..7bc3cf94 --- /dev/null +++ b/app/Http/Controllers/Api/ApiV1Dot1Controller.php @@ -0,0 +1,131 @@ +fractal = new Fractal\Manager(); + $this->fractal->setSerializer(new ArraySerializer()); + } + + public function json($res, $code = 200, $headers = []) + { + return response()->json($res, $code, $headers, JSON_UNESCAPED_SLASHES); + } + + public function error($msg, $code = 400, $extra = [], $headers = []) + { + $res = [ + "msg" => $msg, + "code" => $code + ]; + return response()->json(array_merge($res, $extra), $code, $headers, JSON_UNESCAPED_SLASHES); + } + + public function report(Request $request) + { + $user = $request->user(); + + abort_if(!$user, 403); + abort_if($user->status != null, 403); + + $report_type = $request->input('report_type'); + $object_id = $request->input('object_id'); + $object_type = $request->input('object_type'); + + $types = [ + 'spam', + 'sensitive', + 'abusive', + 'underage', + 'violence', + 'copyright', + 'impersonation', + 'scam', + 'terrorism' + ]; + + if (!$report_type || !$object_id || !$object_type) { + return $this->error("Invalid or missing parameters", 400, ["error_code" => "ERROR_INVALID_PARAMS"]); + } + + if (!in_array($report_type, $types)) { + return $this->error("Invalid report type", 400, ["error_code" => "ERROR_TYPE_INVALID"]); + } + + if ($object_type === "user" && $object_id == $user->profile_id) { + return $this->error("Cannot self report", 400, ["error_code" => "ERROR_NO_SELF_REPORTS"]); + } + + $rpid = null; + + switch ($object_type) { + case 'post': + $object = Status::find($object_id); + if (!$object) { + return $this->error("Invalid object id", 400, ["error_code" => "ERROR_INVALID_OBJECT_ID"]); + } + $object_type = 'App\Status'; + $exists = Report::whereUserId($user->id) + ->whereObjectId($object->id) + ->whereObjectType('App\Status') + ->count(); + + $rpid = $object->profile_id; + break; + + case 'user': + $object = Profile::find($object_id); + if (!$object) { + return $this->error("Invalid object id", 400, ["error_code" => "ERROR_INVALID_OBJECT_ID"]); + } + $object_type = 'App\Profile'; + $exists = Report::whereUserId($user->id) + ->whereObjectId($object->id) + ->whereObjectType('App\Profile') + ->count(); + $rpid = $object->id; + break; + + default: + return $this->error("Invalid report type", 400, ["error_code" => "ERROR_REPORT_OBJECT_TYPE_INVALID"]); + break; + } + + if ($exists !== 0) { + return $this->error("Duplicate report", 400, ["error_code" => "ERROR_REPORT_DUPLICATE"]); + } + + if ($object->profile_id == $user->profile_id) { + return $this->error("Cannot self report", 400, ["error_code" => "ERROR_NO_SELF_REPORTS"]); + } + + $report = new Report; + $report->profile_id = $user->profile_id; + $report->user_id = $user->id; + $report->object_id = $object->id; + $report->object_type = $object_type; + $report->reported_profile_id = $rpid; + $report->type = $report_type; + $report->save(); + + $res = [ + "msg" => "Successfully sent report", + "code" => 200 + ]; + return $this->json($res); + } +} diff --git a/routes/api.php b/routes/api.php index 9ffcd9c4..55675483 100644 --- a/routes/api.php +++ b/routes/api.php @@ -97,6 +97,10 @@ Route::group(['prefix' => 'api'], function() use($middleware) { Route::get('streaming/config', 'Api\ApiV1Controller@getWebsocketConfig'); }); + Route::group(['prefix' => 'v1.1'], function() use($middleware) { + Route::post('report', 'Api\ApiV1Dot1Controller@report')->middleware($middleware); + }); + Route::group(['prefix' => 'live'], function() use($middleware) { Route::post('create_stream', 'LiveStreamController@createStream')->middleware($middleware); Route::post('stream/edit', 'LiveStreamController@editStream')->middleware($middleware);