1
0
Fork 1
mirror of https://github.com/pixelfed/pixelfed.git synced 2024-12-26 01:36:43 +00:00

Update StatusController, add visibility

This commit is contained in:
Daniel Supernault 2018-09-08 21:13:04 -06:00
parent 5b5a9d0a3a
commit 43e36b45b2
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7

View file

@ -25,6 +25,16 @@ class StatusController extends Controller
->withCount(['likes', 'comments', 'media']) ->withCount(['likes', 'comments', 'media'])
->findOrFail($id); ->findOrFail($id);
if($status->visibility == 'private' || $user->is_private) {
if(!Auth::check()) {
abort(403);
}
$pid = Auth::user()->profile;
if($user->followedBy($pid) == false && $user->id !== $pid->id) {
abort(403);
}
}
if ($request->wantsJson() && config('pixelfed.activitypub_enabled')) { if ($request->wantsJson() && config('pixelfed.activitypub_enabled')) {
return $this->showActivityPub($request, $status); return $this->showActivityPub($request, $status);
} }
@ -80,6 +90,7 @@ class StatusController extends Controller
'cw' => 'nullable|string', 'cw' => 'nullable|string',
'filter_class' => 'nullable|string', 'filter_class' => 'nullable|string',
'filter_name' => 'nullable|string', 'filter_name' => 'nullable|string',
'visibility' => 'required|string|min:5|max:10',
]); ]);
if (count($request->file('photo')) > config('pixelfed.max_album_length')) { if (count($request->file('photo')) > config('pixelfed.max_album_length')) {
@ -89,11 +100,13 @@ class StatusController extends Controller
$monthHash = hash('sha1', date('Y').date('m')); $monthHash = hash('sha1', date('Y').date('m'));
$userHash = hash('sha1', $user->id.(string) $user->created_at); $userHash = hash('sha1', $user->id.(string) $user->created_at);
$profile = $user->profile; $profile = $user->profile;
$visibility = $this->validateVisibility($request->visibility);
$status = new Status(); $status = new Status();
$status->profile_id = $profile->id; $status->profile_id = $profile->id;
$status->caption = strip_tags($request->caption); $status->caption = strip_tags($request->caption);
$status->is_nsfw = $cw; $status->is_nsfw = $cw;
$status->visibility = $visibility;
$status->save(); $status->save();
@ -252,4 +265,10 @@ class StatusController extends Controller
abort(403); abort(403);
} }
} }
protected function validateVisibility($visibility)
{
$allowed = ['public', 'unlisted', 'private'];
return in_array($visibility, $allowed) ? $visibility : 'public';
}
} }