From bd249f0c39d2635e433dcec2a93b13617e321f50 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Wed, 16 Feb 2022 00:58:19 -0700 Subject: [PATCH] Update CollectionController, fix broken unauthenticated access. Fixes #3242 --- app/Http/Controllers/CollectionController.php | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/app/Http/Controllers/CollectionController.php b/app/Http/Controllers/CollectionController.php index b1d072ff9..057d9fe9c 100644 --- a/app/Http/Controllers/CollectionController.php +++ b/app/Http/Controllers/CollectionController.php @@ -17,6 +17,7 @@ use App\Transformer\Api\{ }; use League\Fractal\Serializer\ArraySerializer; use League\Fractal\Pagination\IlluminatePaginatorAdapter; +use App\Services\StatusService; class CollectionController extends Controller { @@ -166,12 +167,16 @@ class CollectionController extends Controller if($collection->visibility !== 'public') { abort_if(!Auth::check() || Auth::user()->profile_id != $collection->profile_id, 404); } - $posts = $collection->posts()->orderBy('order', 'asc')->get(); - $fractal = new Fractal\Manager(); - $fractal->setSerializer(new ArraySerializer()); - $resource = new Fractal\Resource\Collection($posts, new StatusTransformer()); - $res = $fractal->createData($resource)->toArray(); + $res = CollectionItem::whereCollectionId($id) + ->pluck('object_id') + ->map(function($id) { + return StatusService::get($id); + }) + ->filter(function($post) { + return $post && isset($post['account']); + }) + ->values(); return response()->json($res); } @@ -197,11 +202,12 @@ class CollectionController extends Controller ->paginate(9) ->map(function($collection) { return [ - 'id' => $collection->id, + 'id' => (string) $collection->id, 'title' => $collection->title, 'description' => $collection->description, 'thumb' => $collection->posts()->first()->thumb(), 'url' => $collection->url(), + 'post_count' => $collection->posts()->count(), 'published_at' => $collection->published_at ]; });