From c6b1ed97f99bff53a3616b91e3796e3aac02d9fe Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Wed, 25 Sep 2019 01:02:28 -0600
Subject: [PATCH] Add /api/v1/accounts/{id}/block endpoint

---
 app/Http/Controllers/Api/ApiV1Controller.php | 40 ++++++++++++++++++++
 routes/web.php                               |  1 +
 2 files changed, 41 insertions(+)

diff --git a/app/Http/Controllers/Api/ApiV1Controller.php b/app/Http/Controllers/Api/ApiV1Controller.php
index 1debc4ecd..446993324 100644
--- a/app/Http/Controllers/Api/ApiV1Controller.php
+++ b/app/Http/Controllers/Api/ApiV1Controller.php
@@ -535,6 +535,46 @@ class ApiV1Controller extends Controller
         return response()->json($res);
     }
 
+    /**
+     * POST /api/v1/accounts/{id}/block
+     *
+     * @param  integer  $id
+     *
+     * @return \App\Transformer\Api\RelationshipTransformer
+     */
+    public function accountBlockById(Request $request, $id)
+    {
+        abort_if(!$request->user(), 403);
+
+        $user = $request->user();
+        $pid = $user->profile_id ?? $user->profile->id;
+
+        if($id == $pid) {
+            abort(400, 'You cannot block yourself');
+        }
+
+        $profile = Profile::findOrFail($id);
+
+        Follower::whereProfileId($profile->id)->whereFollowingId($pid)->delete();
+        Follower::whereProfileId($pid)->whereFollowingId($profile->id)->delete();
+        Notification::whereProfileId($pid)->whereActorId($profile->id)->delete();
+
+        $filter = UserFilter::firstOrCreate([
+            'user_id'         => $pid,
+            'filterable_id'   => $profile->id,
+            'filterable_type' => 'App\Profile',
+            'filter_type'     => 'block',
+        ]);
+
+        Cache::forget("user:filter:list:$pid");
+        Cache::forget("api:local:exp:rec:$pid");
+
+        $resource = new Fractal\Resource\Item($profile, new RelationshipTransformer());
+        $res = $this->fractal->createData($resource)->toArray();
+
+        return response()->json($res);
+    }
+
     public function statusById(Request $request, $id)
     {
         $status = Status::whereVisibility('public')->findOrFail($id);
diff --git a/routes/web.php b/routes/web.php
index ad649abed..62b160c3f 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -87,6 +87,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
             Route::post('accounts/{id}/follow', 'Api\ApiV1Controller@accountFollowById')->middleware('auth:api');
             Route::post('accounts/{id}/unfollow', 'Api\ApiV1Controller@accountUnfollowById')->middleware('auth:api');
             Route::get('blocks', 'Api\ApiV1Controller@accountBlocks')->middleware('auth:api');
+            Route::post('accounts/{id}/block', 'Api\ApiV1Controller@accountBlockById')->middleware('auth:api');
             // Route::get('accounts/{id}', 'PublicApiController@account');
             Route::get('accounts/{id}', 'Api\ApiV1Controller@accountById');
             Route::post('avatar/update', 'ApiController@avatarUpdate')->middleware('auth:api');