mirror
/
pixelfed
mirror of https://github.com/pixelfed/pixelfed.git
1
0
Fork 1
Code Issues Releases Wiki Activity

Add Parental Controls feature

This commit is contained in:
Daniel Supernault 2024-01-11 01:35:15 -07:00
parent d25209f74a
commit c53894fe16
No known key found for this signature in database
GPG Key ID: 23740873EE6F76A1
20 changed files with 1039 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Controllers/Auth/RegisterController.php
View File

@ -60,7 +60,7 @@ class RegisterController extends Controller
*
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
public function validator(array $data)
{
if(config('database.default') == 'pgsql') {
$data['username'] = strtolower($data['username']);
@ -151,7 +151,7 @@ class RegisterController extends Controller
*
* @return \App\User
*/
protected function create(array $data)
public function create(array $data)
{
if(config('database.default') == 'pgsql') {
$data['username'] = strtolower($data['username']);

207
app/Http/Controllers/ParentalControlsController.php Normal file
View File

@ -0,0 +1,207 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\ParentalControls;
use App\Models\UserRoles;
use App\User;
use App\Http\Controllers\Auth\RegisterController;
use Illuminate\Auth\Events\Registered;
use Illuminate\Support\Facades\Auth;
use App\Services\UserRoleService;
use App\Jobs\ParentalControlsPipeline\DispatchChildInvitePipeline;
class ParentalControlsController extends Controller
{
public function authPreflight($request, $maxUserCheck = false, $authCheck = true)
{
if($authCheck) {
abort_unless($request->user(), 404);
}
abort_unless(config('instance.parental_controls.enabled'), 404);
if(config_cache('pixelfed.open_registration') == false) {
abort_if(config('instance.parental_controls.limits.respect_open_registration'), 404);
}
if($maxUserCheck == true) {
$hasLimit = config('pixelfed.enforce_max_users');
if($hasLimit) {
$count = User::where(function($q){ return $q->whereNull('status')->orWhereNotIn('status', ['deleted','delete']); })->count();
$limit = (int) config('pixelfed.max_users');
abort_if($limit && $limit <= $count, 404);
}
}
}
public function index(Request $request)
{
$this->authPreflight($request);
$children = ParentalControls::whereParentId($request->user()->id)->latest()->paginate(5);
return view('settings.parental-controls.index', compact('children'));
}
public function add(Request $request)
{
$this->authPreflight($request, true);
return view('settings.parental-controls.add');
}
public function view(Request $request, $id)
{
$this->authPreflight($request);
$uid = $request->user()->id;
$pc = ParentalControls::whereParentId($uid)->findOrFail($id);
return view('settings.parental-controls.manage', compact('pc'));
}
public function update(Request $request, $id)
{
$this->authPreflight($request);
$uid = $request->user()->id;
$pc = ParentalControls::whereParentId($uid)->findOrFail($id);
$pc->permissions = $this->requestFormFields($request);
$pc->save();
return redirect($pc->manageUrl() . '?permissions');
}
public function store(Request $request)
{
$this->authPreflight($request, true);
$this->validate($request, [
'email' => 'required|email|unique:parental_controls,email|unique:users,email',
]);
$state = $this->requestFormFields($request);
$pc = new ParentalControls;
$pc->parent_id = $request->user()->id;
$pc->email = $request->input('email');
$pc->verify_code = str_random(32);
$pc->permissions = $state;
$pc->save();
DispatchChildInvitePipeline::dispatch($pc);
return redirect($pc->manageUrl());
}
public function inviteRegister(Request $request, $id, $code)
{
$this->authPreflight($request, true, false);
$pc = ParentalControls::whereRaw('verify_code = BINARY ?', $code)->whereNull(['email_verified_at', 'child_id'])->findOrFail($id);
abort_unless(User::whereId($pc->parent_id)->exists(), 404);
return view('settings.parental-controls.invite-register-form', compact('pc'));
}
public function inviteRegisterStore(Request $request, $id, $code)
{
$this->authPreflight($request, true, false);
$pc = ParentalControls::whereRaw('verify_code = BINARY ?', $code)->whereNull('email_verified_at')->findOrFail($id);
$fields = $request->all();
$fields['email'] = $pc->email;
$defaults = UserRoleService::defaultRoles();
$validator = (new RegisterController)->validator($fields);
$valid = $validator->validate();
abort_if(!$valid, 404);
event(new Registered($user = (new RegisterController)->create($fields)));
sleep(5);
$user->has_roles = true;
$user->parent_id = $pc->parent_id;
if(config('instance.parental_controls.limits.auto_verify_email')) {
$user->email_verified_at = now();
$user->save();
sleep(3);
} else {
$user->save();
sleep(3);
}
$ur = UserRoles::updateOrCreate([
'user_id' => $user->id,
],[
'roles' => UserRoleService::mapInvite($user->id, $pc->permissions)
]);
$pc->email_verified_at = now();
$pc->child_id = $user->id;
$pc->save();
sleep(2);
Auth::guard()->login($user);
return redirect('/i/web');
}
public function cancelInvite(Request $request, $id)
{
$this->authPreflight($request);
$pc = ParentalControls::whereParentId($request->user()->id)
->whereNull(['email_verified_at', 'child_id'])
->findOrFail($id);
return view('settings.parental-controls.delete-invite', compact('pc'));
}
public function cancelInviteHandle(Request $request, $id)
{
$this->authPreflight($request);
$pc = ParentalControls::whereParentId($request->user()->id)
->whereNull(['email_verified_at', 'child_id'])
->findOrFail($id);
$pc->delete();
return redirect('/settings/parental-controls');
}
public function stopManaging(Request $request, $id)
{
$this->authPreflight($request);
$pc = ParentalControls::whereParentId($request->user()->id)
->whereNotNull(['email_verified_at', 'child_id'])
->findOrFail($id);
return view('settings.parental-controls.stop-managing', compact('pc'));
}
public function stopManagingHandle(Request $request, $id)
{
$this->authPreflight($request);
$pc = ParentalControls::whereParentId($request->user()->id)
->whereNotNull(['email_verified_at', 'child_id'])
->findOrFail($id);
$pc->child()->update([
'has_roles' => false,
'parent_id' => null,
]);
$pc->delete();
return redirect('/settings/parental-controls');
}
protected function requestFormFields($request)
{
$state = [];
$fields = [
'post',
'comment',
'like',
'share',
'follow',
'bookmark',
'story',
'collection',
'discovery_feeds',
'dms',
'federation',
'hide_network',
'private',
'hide_cw'
];
foreach ($fields as $field) {
$state[$field] = $request->input($field) == 'on';
}
return $state;
}
}

38
app/Jobs/ParentalControlsPipeline/DispatchChildInvitePipeline.php Normal file
View File

@ -0,0 +1,38 @@
<?php
namespace App\Jobs\ParentalControlsPipeline;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldBeUnique;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Foundation\Bus\Dispatchable;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Queue\SerializesModels;
use App\Models\ParentalControls;
use App\Mail\ParentChildInvite;
use Illuminate\Support\Facades\Mail;
class DispatchChildInvitePipeline implements ShouldQueue
{
use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
public $pc;
/**
* Create a new job instance.
*/
public function __construct(ParentalControls $pc)
{
$this->pc = $pc;
}
/**
* Execute the job.
*/
public function handle(): void
{
$pc = $this->pc;
Mail::to($pc->email)->send(new ParentChildInvite($pc));
}
}

49
app/Mail/ParentChildInvite.php Normal file
View File

@ -0,0 +1,49 @@
<?php
namespace App\Mail;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Mail\Mailable;
use Illuminate\Mail\Mailables\Content;
use Illuminate\Mail\Mailables\Envelope;
use Illuminate\Queue\SerializesModels;
class ParentChildInvite extends Mailable
{
use Queueable, SerializesModels;
public function __construct(
public $verify,
) {}
/**
* Get the message envelope.
*/
public function envelope(): Envelope
{
return new Envelope(
subject: 'You\'ve been invited to join Pixelfed!',
);
}
/**
* Get the message content definition.
*/
public function content(): Content
{
return new Content(
markdown: 'emails.parental-controls.invite',
);
}
/**
* Get the attachments for the message.
*
* @return array<int, \Illuminate\Mail\Mailables\Attachment>
*/
public function attachments(): array
{
return [];
}
}

55
app/Models/ParentalControls.php Normal file
View File

@ -0,0 +1,55 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;
use App\User;
use App\Services\AccountService;
class ParentalControls extends Model
{
use HasFactory, SoftDeletes;
protected $casts = [
'permissions' => 'array',
'email_sent_at' => 'datetime',
'email_verified_at' => 'datetime'
];
protected $guarded = [];
public function parent()
{
return $this->belongsTo(User::class, 'parent_id');
}
public function child()
{
return $this->belongsTo(User::class, 'child_id');
}
public function childAccount()
{
if($u = $this->child) {
if($u->profile_id) {
return AccountService::get($u->profile_id, true);
} else {
return [];
}
} else {
return [];
}
}
public function manageUrl()
{
return url('/settings/parental-controls/manage/' . $this->id);
}
public function inviteUrl()
{
return url('/auth/pci/' . $this->id . '/' . $this->verify_code);
}
}

72
app/Services/UserRoleService.php
View File

@ -52,6 +52,13 @@ class UserRoleService
'can-follow' => false,
'can-make-public' => false,
'can-direct-message' => false,
'can-use-stories' => false,
'can-view-sensitive' => false,
'can-bookmark' => false,
'can-collections' => false,
'can-federation' => false,
];
}
@ -114,6 +121,71 @@ class UserRoleService
'title' => 'Can make account public',
'action' => 'Allows the ability to make account public'
],
'can-direct-message' => [
'title' => '',
'action' => ''
],
'can-use-stories' => [
'title' => '',
'action' => ''
],
'can-view-sensitive' => [
'title' => '',
'action' => ''
],
'can-bookmark' => [
'title' => '',
'action' => ''
],
'can-collections' => [
'title' => '',
'action' => ''
],
'can-federation' => [
'title' => '',
'action' => ''
],
];
}
public static function mapInvite($id, $data = [])
{
$roles = self::get($id);
$map = [
'account-force-private' => 'private',
'account-ignore-follow-requests' => 'private',
'can-view-public-feed' => 'discovery_feeds',
'can-view-network-feed' => 'discovery_feeds',
'can-view-discover' => 'discovery_feeds',
'can-view-hashtag-feed' => 'discovery_feeds',
'can-post' => 'post',
'can-comment' => 'comment',
'can-like' => 'like',
'can-share' => 'share',
'can-follow' => 'follow',
'can-make-public' => '!private',
'can-direct-message' => 'dms',
'can-use-stories' => 'story',
'can-view-sensitive' => '!hide_cw',
'can-bookmark' => 'bookmark',
'can-collections' => 'collection',
'can-federation' => 'federation',
];
foreach ($map as $key => $value) {
if(!isset($data[$value], $data[substr($value, 1)])) {
$map[$key] = false;
continue;
}
$map[$key] = str_starts_with($value, '!') ? !$data[substr($value, 1)] : $data[$value];
}
return $map;
}
}

12
config/instance.php
View File

@ -129,5 +129,15 @@ return [
'banner' => [
'blurhash' => env('INSTANCE_BANNER_BLURHASH', 'UzJR]l{wHZRjM}R%XRkCH?X9xaWEjZj]kAjt')
]
],
'parental_controls' => [
'enabled' => env('INSTANCE_PARENTAL_CONTROLS', true),
'limits' => [
'respect_open_registration' => env('INSTANCE_PARENTAL_CONTROLS_RESPECT_OPENREG', true),
'max_children' => env('INSTANCE_PARENTAL_CONTROLS_MAX_CHILDREN', 10),
'auto_verify_email' => true,
],
]
];

45
database/migrations/2024_01_09_052419_create_parental_controls_table.php Normal file
View File

@ -0,0 +1,45 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('parental_controls', function (Blueprint $table) {
$table->id();
$table->unsignedInteger('parent_id')->index();
$table->unsignedInteger('child_id')->unique()->index()->nullable();
$table->string('email')->unique()->nullable();
$table->string('verify_code')->nullable();
$table->timestamp('email_sent_at')->nullable();
$table->timestamp('email_verified_at')->nullable();
$table->json('permissions')->nullable();
$table->softDeletes();
$table->timestamps();
});
Schema::table('user_roles', function (Blueprint $table) {
$table->dropIndex('user_roles_profile_id_unique');
$table->unsignedBigInteger('profile_id')->unique()->nullable()->index()->change();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('parental_controls');
Schema::table('user_roles', function (Blueprint $table) {
$table->dropIndex('user_roles_profile_id_unique');
$table->unsignedBigInteger('profile_id')->unique()->index()->change();
});
}
};

12
resources/views/components/collapse.blade.php Normal file
View File

@ -0,0 +1,12 @@
@php
$cid = 'col' . str_random(6);
@endphp
<p>
<a class="text-dark font-weight-bold" data-toggle="collapse" href="#{{$cid}}" role="button" aria-expanded="false" aria-controls="{{$cid}}">
<i class="fas fa-chevron-down mr-2"></i>
{{ $title }}
</a>
<div class="collapse" id="{{$cid}}">
{{ $slot }}
</div>
</p>

18
resources/views/emails/parental-controls/invite.blade.php Normal file
View File

@ -0,0 +1,18 @@
<x-mail::message>
# You've been invited to join Pixelfed!
<x-mail::panel>
A parent account with the username **{{ $verify->parent->username }}** has invited you to join Pixelfed with a special youth account managed by them.
If you do not recognize this account as your parents or a trusted guardian, please check with them first.
</x-mail::panel>
<x-mail::button :url="$verify->inviteUrl()">
Accept Invite
</x-mail::button>
Thanks,<br>
Pixelfed
<small>This email is automatically generated. Please do not reply to this message.</small>
</x-mail::message>

59
resources/views/settings/parental-controls/add.blade.php Normal file
View File

@ -0,0 +1,59 @@
@extends('settings.template-vue')
@section('section')
<form class="d-flex h-100 flex-column" method="post">
@csrf
<div class="d-flex h-100 flex-column">
<div class="d-flex justify-content-between align-items-center">
<div class="title d-flex align-items-center" style="gap: 1rem;">
<p class="mb-0"><a href="/settings/parental-controls"><i class="far fa-chevron-left fa-lg"></i></a></p>
<h3 class="font-weight-bold mb-0">Add child</h3>
</div>
</div>
<hr />
<div class="d-flex flex-column flex-grow-1">
<h4>Choose your child's policies</h4>
<div class="mb-4">
<p class="font-weight-bold mb-1">Allowed Actions</p>
@include('settings.parental-controls.checkbox', ['name' => 'post', 'title' => 'Post', 'checked' => true])
@include('settings.parental-controls.checkbox', ['name' => 'comment', 'title' => 'Comment', 'checked' => true])
@include('settings.parental-controls.checkbox', ['name' => 'like', 'title' => 'Like', 'checked' => true])
@include('settings.parental-controls.checkbox', ['name' => 'share', 'title' => 'Share', 'checked' => true])
@include('settings.parental-controls.checkbox', ['name' => 'follow', 'title' => 'Follow'])
@include('settings.parental-controls.checkbox', ['name' => 'bookmark', 'title' => 'Bookmark'])
@include('settings.parental-controls.checkbox', ['name' => 'story', 'title' => 'Add to story'])
@include('settings.parental-controls.checkbox', ['name' => 'collection', 'title' => 'Add to collection'])
</div>
<div class="mb-4">
<p class="font-weight-bold mb-1">Enabled features</p>
@include('settings.parental-controls.checkbox', ['name' => 'discovery_feeds', 'title' => 'Discovery Feeds'])
@include('settings.parental-controls.checkbox', ['name' => 'dms', 'title' => 'Direct Messages'])
@include('settings.parental-controls.checkbox', ['name' => 'federation', 'title' => 'Federation'])
</div>
<div class="mb-4">
<p class="font-weight-bold mb-1">Preferences</p>
@include('settings.parental-controls.checkbox', ['name' => 'hide_network', 'title' => 'Hide my child\'s connections'])
@include('settings.parental-controls.checkbox', ['name' => 'private', 'title' => 'Make my child\'s account private'])
@include('settings.parental-controls.checkbox', ['name' => 'hide_cw', 'title' => 'Hide sensitive media'])
</div>
</div>
<div>
<div class="form-group">
<label class="font-weight-bold mb-0">Email address</label>
<p class="help-text lh-1 small">Where should we send this invite?</p>
<input class="form-control" placeholder="Enter your childs email address" name="email" required>
</div>
<button class="btn btn-dark btn-block font-weight-bold">Add Child</button>
</div>
</div>
</form>
@endsection

7
resources/views/settings/parental-controls/checkbox.blade.php Normal file
View File

@ -0,0 +1,7 @@
@php
$id = str_random(6) . '_' . str_slug($name);
$defaultChecked = isset($checked) && $checked ? 'checked=""' : '';
@endphp<div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="{{$id}}" name="{{$name}}" {!!$defaultChecked!!}>
<label class="custom-control-label pl-2" for="{{$id}}">{{ $title }}</label>
</div>

44
resources/views/settings/parental-controls/child-status.blade.php Normal file
View File

@ -0,0 +1,44 @@
@if($state)
<div class="card shadow-none border">
@if($state === 'sent_invite')
<div class="card-body d-flex justify-content-center flex-column align-items-center py-5" style="gap:1rem">
<i class="far fa-envelope fa-3x"></i>
<p class="lead mb-0 font-weight-bold">Child Invite Sent!</p>
<div class="list-group">
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Created child invite</div>
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Sent invite email to child</div>
<div class="list-group-item py-1"><i class="far fa-times-circle text-dark mr-2"></i> Child joined via invite</div>
<div class="list-group-item py-1"><i class="far fa-times-circle text-dark mr-2"></i> Child account is active</div>
</div>
</div>
@elseif($state === 'awaiting_email_confirmation')
<div class="card-body d-flex justify-content-center flex-column align-items-center py-5" style="gap:1rem">
<i class="far fa-envelope fa-3x"></i>
<p class="lead mb-0 font-weight-bold">Child Invite Sent!</p>
<div class="list-group">
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Created child invite</div>
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Sent invite email to child</div>
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Child joined via invite</div>
<div class="list-group-item py-1"><i class="far fa-times-circle text-dark mr-2"></i> Child account is active</div>
</div>
</div>
@elseif($state === 'active')
<div class="card-body d-flex justify-content-center flex-column align-items-center py-5" style="gap:1rem">
<i class="far fa-check-circle fa-3x text-success"></i>
<p class="lead mb-0 font-weight-bold">Child Account Active</p>
<div class="list-group">
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Created child invite</div>
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Sent invite email to child</div>
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Child joined via invite</div>
<div class="list-group-item py-1"><i class="far fa-check-circle text-success mr-2"></i> Child account is active</div>
</div>
<a class="btn btn-dark font-weight-bold px-5" href="{{ $pc->childAccount()['url'] }}">View Account</a>
</div>
@endif
</div>
@else
@endif

32
resources/views/settings/parental-controls/delete-invite.blade.php Normal file
View File

@ -0,0 +1,32 @@
@extends('settings.template-vue')
@section('section')
<form class="d-flex h-100 flex-column" method="post">
@csrf
<div class="d-flex h-100 flex-column" style="gap: 1rem;">
<div class="d-flex justify-content-between align-items-center">
<div class="title d-flex align-items-center" style="gap: 1rem;">
<p class="mb-0"><a href="{{ $pc->manageUrl() }}?actions"><i class="far fa-chevron-left fa-lg"></i></a></p>
<div>
<h3 class="font-weight-bold mb-0">Cancel child invite</h3>
<p class="small mb-0">Last updated: {{ $pc->updated_at->diffForHumans() }}</p>
</div>
</div>
</div>
<div>
<hr />
</div>
<div class="d-flex bg-light align-items-center justify-content-center flex-grow-1 flex-column">
<p>
<i class="far fa-exclamation-triangle fa-3x"></i>
</p>
<h4>Are you sure you want to cancel this invite?</h4>
<p>The child you invited will not be able to join if you cancel the invite.</p>
</div>
<button type="submit" class="btn btn-danger btn-block font-weight-bold">Cancel invite</button>
</div>
</form>
@endsection

62
resources/views/settings/parental-controls/index.blade.php Normal file
View File

@ -0,0 +1,62 @@
@extends('settings.template-vue')
@section('section')
<div class="d-flex h-100 flex-column">
<div class="d-flex justify-content-between align-items-center">
<div class="title d-flex align-items-center" style="gap: 1rem;">
<p class="mb-0"><a href="/settings/home"><i class="far fa-chevron-left fa-lg"></i></a></p>
<h3 class="font-weight-bold mb-0">Parental Controls</h3>
</div>
</div>
<hr />
@if($children->count())
<div class="d-flex flex-column flex-grow-1 w-100">
<div class="list-group w-100">
@foreach($children as $child)
<a class="list-group-item d-flex align-items-center text-decoration-none text-dark" href="{{ $child->manageUrl() }}" style="gap: 1rem;">
<img src="/storage/avatars/default.png" width="40" height="40" class="rounded-circle" />
<div class="flex-grow-1">
@if($child->child_id && $child->email_verified_at)
<p class="font-weight-bold mb-0" style="line-height: 1.5;">&commat;{{ $child->childAccount()['username'] }}</p>
<p class="small text-muted mb-0" style="line-height: 1;">{{ $child->childAccount()['display_name'] }}</p>
@else
<p class="font-weight-light mb-0 text-danger" style="line-height: 1.5;">Invite Pending</p>
<p class="mb-0 small" style="line-height: 1;">{{ $child->email }}</p>
@endif
</div>
<div class="font-weight-bold small text-lighter" style="line-height:1;">
<i class="far fa-clock mr-1"></i>
{{ $child->updated_at->diffForHumans() }}
</div>
</a>
@endforeach
</div>
<div class="mt-3">
{{ $children->links() }}
</div>
</div>
@else
<div class="d-flex flex-grow-1 bg-light mb-3 rounded p-4">
<p>You are not managing any children accounts.</p>
</div>
@endif
<div class="d-flex justify-content-between align-items-center">
<a class="btn btn-outline-dark font-weight-bold py-2 px-4" href="{{ route('settings.pc.add') }}">
<i class="far fa-plus mr-2"></i> Add Child
</a>
<div class="font-weight-bold">
<span>{{ $children->total() }}/{{ config('instance.parental_controls.limits.max_children') }}</span>
<span>children added</span>
</div>
</div>
</div>
@endsection

115
resources/views/settings/parental-controls/invite-register-form.blade.php Normal file
View File

@ -0,0 +1,115 @@
@extends('layouts.app')
@section('content')
<div class="container mt-4">
<div class="row justify-content-center">
<div class="col-lg-5">
<div class="card shadow-none border mb-3">
<a
class="card-body d-flex flex-column justify-content-center align-items-center text-decoration-none"
href="{{ $pc->parent->url() }}"
target="_blank">
<p class="text-center font-weight-bold text-muted">You've been invited by:</p>
<div class="media align-items-center">
<img
src="{{ $pc->parent->avatarUrl() }}"
width="30"
height="30"
class="rounded-circle mr-2"
draggable="false"
onerror="this.onerror=null;this.src='/storage/avatars/default.png?v=0';">
<div class="media-body">
<p class="lead font-weight-bold mb-0 text-dark" style="line-height: 1;">&commat;{{ $pc->parent->username }}</p>
</div>
</div>
</a>
</div>
<div class="card shadow-none border">
<div class="card-header bg-white p-3 text-center font-weight-bold">Create your Account</div>
<div class="card-body">
<form method="POST" class="px-md-3">
@csrf
<input type="hidden" name="rt" value="{{ (new \App\Http\Controllers\Auth\RegisterController())->getRegisterToken() }}">
<div class="form-group row">
<div class="col-md-12">
<label class="small font-weight-bold text-lighter">Name</label>
<input id="name" type="text" class="form-control{{ $errors->has('name') ? ' is-invalid' : '' }}" name="name" value="{{ old('name') }}" placeholder="{{ __('Name') }}" required autofocus>
@if ($errors->has('name'))
<span class="invalid-feedback">
<strong>{{ $errors->first('name') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<label class="small font-weight-bold text-lighter">Username</label>
<input id="username" type="text" class="form-control{{ $errors->has('username') ? ' is-invalid' : '' }}" name="username" value="{{ old('username') }}" placeholder="{{ __('Username') }}" required>
@if ($errors->has('username'))
<span class="invalid-feedback">
<strong>{{ $errors->first('username') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<label class="small font-weight-bold text-lighter">Password</label>
<input id="password" type="password" class="form-control{{ $errors->has('password') ? ' is-invalid' : '' }}" name="password" placeholder="{{ __('Password') }}" required>
@if ($errors->has('password'))
<span class="invalid-feedback">
<strong>{{ $errors->first('password') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<label class="small font-weight-bold text-lighter">Confirm Password</label>
<input id="password-confirm" type="password" class="form-control" name="password_confirmation" placeholder="{{ __('Confirm Password') }}" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<div class="form-check">
<input class="form-check-input" name="agecheck" type="checkbox" value="true" id="ageCheck" required>
<label class="form-check-label" for="ageCheck">
I am at least 16 years old
</label>
</div>
</div>
</div>
@if(config('captcha.enabled') || config('captcha.active.register'))
<div class="d-flex justify-content-center my-3">
{!! Captcha::display() !!}
</div>
@endif
<p class="small">By signing up, you agree to our <a href="{{route('site.terms')}}" class="font-weight-bold text-dark">Terms of Use</a> and <a href="{{route('site.privacy')}}" class="font-weight-bold text-dark">Privacy Policy</a>, in addition, you understand that your account is managed by <span class="font-weight-bold">{{ $pc->parent->username }}</span> and they can limit your account without your permission. For more details, view the <a href="/site/kb/parental-controls" class="text-dark font-weight-bold">Parental Controls</a> help center page.</p>
<div class="form-group row">
<div class="col-md-12">
<button type="submit" class="btn btn-primary btn-block py-0 font-weight-bold">
{{ __('Register') }}
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection

119
resources/views/settings/parental-controls/manage.blade.php Normal file
View File

@ -0,0 +1,119 @@
@extends('settings.template-vue')
@section('section')
<form class="d-flex h-100 flex-column" method="post">
@csrf
<div class="d-flex h-100 flex-column">
<div class="d-flex justify-content-between align-items-center">
<div class="title d-flex align-items-center" style="gap: 1rem;">
<p class="mb-0"><a href="/settings/parental-controls"><i class="far fa-chevron-left fa-lg"></i></a></p>
<div>
<h3 class="font-weight-bold mb-0">Manage child</h3>
<p class="small mb-0">Last updated: {{ $pc->updated_at->diffForHumans() }}</p>
</div>
</div>
<button class="btn btn-dark font-weight-bold">Update</button>
</div>
<hr />
<div class="d-flex flex-column flex-grow-1">
<ul class="nav nav-pills mb-0" id="pills-tab" role="tablist">
<li class="nav-item" role="presentation">
<button class="nav-link active font-weight-bold" id="pills-status-tab" data-toggle="pill" data-target="#pills-status" type="button" role="tab" aria-controls="pills-status" aria-selected="true">Status</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link font-weight-bold" id="pills-permissions-tab" data-toggle="pill" data-target="#pills-permissions" type="button" role="tab" aria-controls="pills-permissions" aria-selected="false">Permissions</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link font-weight-bold" id="pills-details-tab" data-toggle="pill" data-target="#pills-details" type="button" role="tab" aria-controls="pills-details" aria-selected="false">Account Details</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link font-weight-bold" id="pills-actions-tab" data-toggle="pill" data-target="#pills-actions" type="button" role="tab" aria-controls="pills-actions" aria-selected="false">Actions</button>
</li>
</ul>
<div>
<hr>
</div>
<div class="tab-content" id="pills-tabContent">
<div class="tab-pane fade show active" id="pills-status" role="tabpanel" aria-labelledby="pills-status-tab">
@if(!$pc->child_id && !$pc->email_verified_at)
@include('settings.parental-controls.child-status', ['state' => 'sent_invite'])
@elseif($pc->child_id && !$pc->email_verified_at)
@include('settings.parental-controls.child-status', ['state' => 'awaiting_email_confirmation'])
@elseif($pc->child_id && $pc->email_verified_at)
@include('settings.parental-controls.child-status', ['state' => 'active'])
@else
@include('settings.parental-controls.child-status', ['state' => 'sent_invite'])
@endif
</div>
<div class="tab-pane fade" id="pills-permissions" role="tabpanel" aria-labelledby="pills-permissions-tab">
<div class="mb-4">
<p class="font-weight-bold mb-1">Allowed Actions</p>
@include('settings.parental-controls.checkbox', ['name' => 'post', 'title' => 'Post', 'checked' => $pc->permissions['post']])
@include('settings.parental-controls.checkbox', ['name' => 'comment', 'title' => 'Comment', 'checked' => $pc->permissions['comment']])
@include('settings.parental-controls.checkbox', ['name' => 'like', 'title' => 'Like', 'checked' => $pc->permissions['like']])
@include('settings.parental-controls.checkbox', ['name' => 'share', 'title' => 'Share', 'checked' => $pc->permissions['share']])
@include('settings.parental-controls.checkbox', ['name' => 'follow', 'title' => 'Follow', 'checked' => $pc->permissions['follow']])
@include('settings.parental-controls.checkbox', ['name' => 'bookmark', 'title' => 'Bookmark', 'checked' => $pc->permissions['bookmark']])
@include('settings.parental-controls.checkbox', ['name' => 'story', 'title' => 'Add to story', 'checked' => $pc->permissions['story']])
@include('settings.parental-controls.checkbox', ['name' => 'collection', 'title' => 'Add to collection', 'checked' => $pc->permissions['collection']])
</div>
<div class="mb-4">
<p class="font-weight-bold mb-1">Enabled features</p>
@include('settings.parental-controls.checkbox', ['name' => 'discovery_feeds', 'title' => 'Discovery Feeds', 'checked' => $pc->permissions['discovery_feeds']])
@include('settings.parental-controls.checkbox', ['name' => 'dms', 'title' => 'Direct Messages', 'checked' => $pc->permissions['dms']])
@include('settings.parental-controls.checkbox', ['name' => 'federation', 'title' => 'Federation', 'checked' => $pc->permissions['federation']])
</div>
<div class="mb-4">
<p class="font-weight-bold mb-1">Preferences</p>
@include('settings.parental-controls.checkbox', ['name' => 'hide_network', 'title' => 'Hide my child\'s connections', 'checked' => $pc->permissions['hide_network']])
@include('settings.parental-controls.checkbox', ['name' => 'private', 'title' => 'Make my child\'s account private', 'checked' => $pc->permissions['private']])
@include('settings.parental-controls.checkbox', ['name' => 'hide_cw', 'title' => 'Hide sensitive media', 'checked' => $pc->permissions['hide_cw']])
</div>
</div>
<div class="tab-pane fade" id="pills-details" role="tabpanel" aria-labelledby="pills-details-tab">
<div>
<div class="form-group">
<label class="font-weight-bold mb-0">Email address</label>
<input class="form-control" name="email" value="{{ $pc->email }}" disabled>
</div>
</div>
</div>
<div class="tab-pane fade" id="pills-actions" role="tabpanel" aria-labelledby="pills-actions-tab">
<div class="d-flex flex-column" style="gap: 2rem;">
@if(!$pc->child_id && !$pc->email_verified_at)
<div>
<p class="lead font-weight-bold mb-0">Cancel Invite</p>
<p class="small text-muted">Cancel the child invite and prevent it from being used.</p>
<a class="btn btn-outline-dark px-5" href="{{ route('settings.pc.cancel-invite', ['id' => $pc->id]) }}"><i class="fas fa-user-minus mr-1"></i> Cancel Invite</a>
</div>
@else
<div>
<p class="lead font-weight-bold mb-0">Stop Managing</p>
<p class="small text-muted">Transition account to a regular account without parental controls.</p>
<a class="btn btn-outline-dark px-5" href="{{ route('settings.pc.stop-managing', ['id' => $pc->id]) }}"><i class="fas fa-user-minus mr-1"></i> Stop Managing Child</a>
</div>
@endif
</div>
</div>
</div>
</div>
</div>
</form>
@endsection
@push('scripts')
<script type="text/javascript">
@if(request()->has('permissions'))
$('#pills-tab button[data-target="#pills-permissions"]').tab('show')
@elseif(request()->has('actions'))
$('#pills-tab button[data-target="#pills-actions"]').tab('show')
@endif
</script>
@endpush

32
resources/views/settings/parental-controls/stop-managing.blade.php Normal file
View File

@ -0,0 +1,32 @@
@extends('settings.template-vue')
@section('section')
<form class="d-flex h-100 flex-column" method="post">
@csrf
<div class="d-flex h-100 flex-column" style="gap: 1rem;">
<div class="d-flex justify-content-between align-items-center">
<div class="title d-flex align-items-center" style="gap: 1rem;">
<p class="mb-0"><a href="{{ $pc->manageUrl() }}?actions"><i class="far fa-chevron-left fa-lg"></i></a></p>
<div>
<h3 class="font-weight-bold mb-0">Stop Managing Child</h3>
<p class="small mb-0">Last updated: {{ $pc->updated_at->diffForHumans() }}</p>
</div>
</div>
</div>
<div>
<hr />
</div>
<div class="d-flex bg-light align-items-center justify-content-center flex-grow-1 flex-column">
<p>
<i class="far fa-exclamation-triangle fa-3x"></i>
</p>
<h4>Confirm Stop Managing this Account?</h4>
<p>This child account will be transitioned to a regular account without any limitations.</p>
</div>
<button type="submit" class="btn btn-danger btn-block font-weight-bold">Stop Managing</button>
</div>
</form>
@endsection

47
resources/views/site/help/parental-controls.blade.php Normal file
View File

@ -0,0 +1,47 @@
@extends('site.help.partial.template', ['breadcrumb'=>'Parental Controls'])
@section('section')
<div class="title">
<h3 class="font-weight-bold">Parental Controls</h3>
</div>
<hr>
<p>In the digital age, ensuring your children's online safety is paramount. Designed with both fun and safety in mind, this feature allows parents to create child accounts, tailor-made for a worry-free social media experience.</p>
<p class="font-weight-bold text-center">Key Features:</p>
<ul>
<li><strong>Child Account Creation</strong>: Easily set up a child account with just a few clicks. This account is linked to your own, giving you complete oversight.</li>
<li><strong>Post Control</strong>: Decide if your child can post content. This allows you to ensure they're only sharing what's appropriate and safe.</li>
<li><strong>Comment Management</strong>: Control whether your child can comment on posts. This helps in safeguarding them from unwanted interactions and maintaining a positive online environment.</li>
<li><strong>Like & Share Restrictions</strong>: You have the power to enable or disable the ability to like and share posts. This feature helps in controlling the extent of your child's social media engagement.</li>
<li><strong>Disable Federation</strong>: For added safety, you can choose to disable federation for your child's account, limiting their interaction to a more controlled environment.</li>
</ul>
<hr>
<x-collapse title="How do I create a child account?">
<div>
@if(config('instance.parental_controls.enabled'))
<ol>
<li>Click <a href="/settings/parental-controls">here</a> and tap on the <strong>Add Child</strong> button in the bottom left corner</li>
<li>Select the Allowed Actions, Enabled features and Preferences</li>
<li>Enter your childs email address</li>
<li>Press the <strong>Add Child</strong> buttton</li>
<li>Open your childs email and tap on the <strong>Accept Invite</strong> button in the email, ensure your parent username is present in the email</li>
<li>Fill out the child display name, username and password</li>
<li>Press <strong>Register</strong> and your child account will be active!</li>
</ol>
@else
<p>This feature has been disabled by server admins.</p>
@endif
</div>
</x-collapse>
@if(config('instance.parental_controls.enabled'))
<x-collapse title="How many child accounts can I create/manage?">
<div>
You can create and manage up to <strong>{{ config('instance.parental_controls.limits.max_children') }}</strong> child accounts.
</div>
</x-collapse>
@endif
@endsection

13
routes/web.php
View File

@ -200,6 +200,8 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
Route::post('auth/raw/mastodon/s/account-to-id', 'RemoteAuthController@accountToId');
Route::post('auth/raw/mastodon/s/finish-up', 'RemoteAuthController@finishUp');
Route::post('auth/raw/mastodon/s/login', 'RemoteAuthController@handleLogin');
Route::get('auth/pci/{id}/{code}', 'ParentalControlsController@inviteRegister');
Route::post('auth/pci/{id}/{code}', 'ParentalControlsController@inviteRegisterStore');
Route::get('discover', 'DiscoverController@home')->name('discover');
@ -534,6 +536,16 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
});
Route::get('parental-controls', 'ParentalControlsController@index');
Route::get('parental-controls/add', 'ParentalControlsController@add')->name('settings.pc.add');
Route::post('parental-controls/add', 'ParentalControlsController@store');
Route::get('parental-controls/manage/{id}', 'ParentalControlsController@view');
Route::post('parental-controls/manage/{id}', 'ParentalControlsController@update');
Route::get('parental-controls/manage/{id}/cancel-invite', 'ParentalControlsController@cancelInvite')->name('settings.pc.cancel-invite');
Route::post('parental-controls/manage/{id}/cancel-invite', 'ParentalControlsController@cancelInviteHandle');
Route::get('parental-controls/manage/{id}/stop-managing', 'ParentalControlsController@stopManaging')->name('settings.pc.stop-managing');
Route::post('parental-controls/manage/{id}/stop-managing', 'ParentalControlsController@stopManagingHandle');
Route::get('applications', 'SettingsController@applications')->name('settings.applications')->middleware('dangerzone');
Route::get('data-export', 'SettingsController@dataExport')->name('settings.dataexport')->middleware('dangerzone');
Route::post('data-export/following', 'SettingsController@exportFollowing')->middleware('dangerzone');
@ -618,6 +630,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
Route::view('licenses', 'site.help.licenses')->name('help.licenses');
Route::view('instance-max-users-limit', 'site.help.instance-max-users')->name('help.instance-max-users-limit');
Route::view('import', 'site.help.import')->name('help.import');
Route::view('parental-controls', 'site.help.parental-controls');
});
Route::get('newsroom/{year}/{month}/{slug}', 'NewsroomController@show');
Route::get('newsroom/archive', 'NewsroomController@archive');