chris
/
pixelfed
forked from mirror/pixelfed
1
0
Fork 0
Code Pull Requests Activity

Merge pull request #4125 from pixelfed/staging 

Staging
This commit is contained in:
daniel 2023-01-29 02:20:04 -07:00 committed by GitHub
parent 01242c1849 b6846f7019
commit d0519e6ce6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 47 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -80,6 +80,8 @@
- Update SearchApiV2Service, improve query performance ([4d1f2811](https://github.com/pixelfed/pixelfed/commit/4d1f2811)) - Update SearchApiV2Service, improve query performance ([4d1f2811](https://github.com/pixelfed/pixelfed/commit/4d1f2811))
- Update InstanceService, improve unlisted/banned network post filtering ([a0da6ec3](https://github.com/pixelfed/pixelfed/commit/a0da6ec3)) - Update InstanceService, improve unlisted/banned network post filtering ([a0da6ec3](https://github.com/pixelfed/pixelfed/commit/a0da6ec3))
- Update ApiV1DotController, fix inAppRegistrationConfirm logic ([6cfbedd9](https://github.com/pixelfed/pixelfed/commit/6cfbedd9)) - Update ApiV1DotController, fix inAppRegistrationConfirm logic ([6cfbedd9](https://github.com/pixelfed/pixelfed/commit/6cfbedd9))
- Update ApiV1Controller, allow description (alt text) updates after status is published ([869c3ed1](https://github.com/pixelfed/pixelfed/commit/869c3ed1))
- Update AdminApiController, fix postgres support ([84fb59d0](https://github.com/pixelfed/pixelfed/commit/84fb59d0))
- ([](https://github.com/pixelfed/pixelfed/commit/)) - ([](https://github.com/pixelfed/pixelfed/commit/))
## [v0.11.4 (2022-10-04)](https://github.com/pixelfed/pixelfed/compare/v0.11.3...v0.11.4) ## [v0.11.4 (2022-10-04)](https://github.com/pixelfed/pixelfed/compare/v0.11.3...v0.11.4)

2
app/Console/Commands/FixDuplicateProfiles.php
View File

@ -71,7 +71,7 @@ class FixDuplicateProfiles extends Command
{ {
$duplicates = DB::table('profiles') $duplicates = DB::table('profiles')
->whereNull('domain') ->whereNull('domain')
->select('username', DB::raw('COUNT(*) as `count`')) ->select('username', DB::raw('COUNT(*) as "count"'))
->groupBy('username') ->groupBy('username')
->havingRaw('COUNT(*) > 1') ->havingRaw('COUNT(*) > 1')
->pluck('username'); ->pluck('username');

32
app/Http/Controllers/Api/AdminApiController.php
View File

@ -33,7 +33,7 @@ class AdminApiController extends Controller
public function supported(Request $request) public function supported(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
return response()->json(['supported' => true]); return response()->json(['supported' => true]);
} }
@ -41,7 +41,8 @@ class AdminApiController extends Controller
public function getStats(Request $request) public function getStats(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$res = AdminStatsService::summary(); $res = AdminStatsService::summary();
$res['autospam_count'] = AccountInterstitial::whereType('post.autospam') $res['autospam_count'] = AccountInterstitial::whereType('post.autospam')
->whereNull('appeal_handled_at') ->whereNull('appeal_handled_at')
@ -52,7 +53,7 @@ class AdminApiController extends Controller
public function autospam(Request $request) public function autospam(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$appeals = AccountInterstitial::whereType('post.autospam') $appeals = AccountInterstitial::whereType('post.autospam')
->whereNull('appeal_handled_at') ->whereNull('appeal_handled_at')
@ -87,7 +88,7 @@ class AdminApiController extends Controller
public function autospamHandle(Request $request) public function autospamHandle(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$this->validate($request, [ $this->validate($request, [
'action' => 'required|in:dismiss,approve,dismiss-all,approve-all', 'action' => 'required|in:dismiss,approve,dismiss-all,approve-all',
@ -176,7 +177,7 @@ class AdminApiController extends Controller
public function modReports(Request $request) public function modReports(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$reports = Report::whereNull('admin_seen') $reports = Report::whereNull('admin_seen')
->orderBy('created_at','desc') ->orderBy('created_at','desc')
@ -222,7 +223,7 @@ class AdminApiController extends Controller
public function modReportHandle(Request $request) public function modReportHandle(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$this->validate($request, [ $this->validate($request, [
'action' => 'required|string', 'action' => 'required|string',
@ -280,7 +281,7 @@ class AdminApiController extends Controller
public function getConfiguration(Request $request) public function getConfiguration(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless(config('instance.enable_cc'), 400); abort_unless(config('instance.enable_cc'), 400);
return collect([ return collect([
@ -323,7 +324,7 @@ class AdminApiController extends Controller
public function updateConfiguration(Request $request) public function updateConfiguration(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
abort_unless(config('instance.enable_cc'), 400); abort_unless(config('instance.enable_cc'), 400);
$this->validate($request, [ $this->validate($request, [
@ -385,7 +386,7 @@ class AdminApiController extends Controller
public function getUsers(Request $request) public function getUsers(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$q = $request->input('q'); $q = $request->input('q');
$sort = $request->input('sort', 'desc') === 'asc' ? 'asc' : 'desc'; $sort = $request->input('sort', 'desc') === 'asc' ? 'asc' : 'desc';
$res = User::whereNull('status') $res = User::whereNull('status')
@ -400,7 +401,7 @@ class AdminApiController extends Controller
public function getUser(Request $request) public function getUser(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$id = $request->input('user_id'); $id = $request->input('user_id');
$user = User::findOrFail($id); $user = User::findOrFail($id);
@ -419,7 +420,7 @@ class AdminApiController extends Controller
public function userAdminAction(Request $request) public function userAdminAction(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$this->validate($request, [ $this->validate($request, [
'id' => 'required', 'id' => 'required',
@ -494,7 +495,8 @@ class AdminApiController extends Controller
public function instances(Request $request) public function instances(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$this->validate($request, [ $this->validate($request, [
'q' => 'sometimes', 'q' => 'sometimes',
'sort' => 'sometimes|in:asc,desc', 'sort' => 'sometimes|in:asc,desc',
@ -531,7 +533,7 @@ class AdminApiController extends Controller
public function getInstance(Request $request) public function getInstance(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$id = $request->input('id'); $id = $request->input('id');
$res = Instance::findOrFail($id); $res = Instance::findOrFail($id);
@ -542,7 +544,7 @@ class AdminApiController extends Controller
public function moderateInstance(Request $request) public function moderateInstance(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$this->validate($request, [ $this->validate($request, [
'id' => 'required', 'id' => 'required',
@ -566,7 +568,7 @@ class AdminApiController extends Controller
public function refreshInstanceStats(Request $request) public function refreshInstanceStats(Request $request)
{ {
abort_if(!$request->user(), 404); abort_if(!$request->user(), 404);
abort_unless($request->user()->is_admin === 1, 404); abort_unless($request->user()->is_admin == 1, 404);
$this->validate($request, [ $this->validate($request, [
'id' => 'required', 'id' => 'required',

33
app/Http/Controllers/Api/ApiV1Controller.php
View File

@ -68,6 +68,7 @@ use App\Services\{
LikeService, LikeService,
NetworkTimelineService, NetworkTimelineService,
NotificationService, NotificationService,
MediaService,
MediaPathService, MediaPathService,
ProfileStatusService, ProfileStatusService,
PublicTimelineService, PublicTimelineService,
@ -90,6 +91,8 @@ use App\Services\MarkerService;
use App\Models\Conversation; use App\Models\Conversation;
use App\Jobs\FollowPipeline\FollowAcceptPipeline; use App\Jobs\FollowPipeline\FollowAcceptPipeline;
use App\Jobs\FollowPipeline\FollowRejectPipeline; use App\Jobs\FollowPipeline\FollowRejectPipeline;
use Illuminate\Support\Facades\RateLimiter;
use Purify;
class ApiV1Controller extends Controller class ApiV1Controller extends Controller
{ {
@ -1582,15 +1585,33 @@ class ApiV1Controller extends Controller
$user = $request->user(); $user = $request->user();
$media = Media::whereUserId($user->id) $media = Media::whereUserId($user->id)
->whereNull('status_id') ->whereProfileId($user->profile_id)
->findOrFail($id); ->findOrFail($id);
$media->caption = $request->input('description'); $executed = RateLimiter::attempt(
$media->save(); 'media:update:'.$user->id,
10,
function() use($media, $request) {
$caption = Purify::clean($request->input('description'));
$resource = new Fractal\Resource\Item($media, new MediaTransformer()); if($caption != $media->caption) {
$res = $this->fractal->createData($resource)->toArray(); $media->caption = $caption;
return $this->json($res); $media->save();
if($media->status_id) {
MediaService::del($media->status_id);
StatusService::del($media->status_id);
}
}
});
if(!$executed) {
return response()->json([
'error' => 'Too many attempts. Try again in a few minutes.'
], 429);
};
return $this->json(MediaService::get($media->status_id));
} }
/** /**