mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-24 16:53:17 +00:00
Update PublicApiController
This commit is contained in:
parent
0a9ffe80b3
commit
d1603aba71
1 changed files with 47 additions and 1 deletions
|
@ -5,6 +5,7 @@ namespace App\Http\Controllers;
|
|||
use Illuminate\Http\Request;
|
||||
use App\{
|
||||
Hashtag,
|
||||
Follower,
|
||||
Like,
|
||||
Media,
|
||||
Notification,
|
||||
|
@ -30,7 +31,7 @@ class PublicApiController extends Controller
|
|||
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('throttle:200, 15');
|
||||
$this->middleware('throttle:200, 30');
|
||||
$this->fractal = new Fractal\Manager();
|
||||
$this->fractal->setSerializer(new ArraySerializer());
|
||||
}
|
||||
|
@ -50,6 +51,7 @@ class PublicApiController extends Controller
|
|||
{
|
||||
$profile = Profile::whereUsername($username)->first();
|
||||
$status = Status::whereProfileId($profile->id)->find($postid);
|
||||
$this->scopeCheck($profile, $status);
|
||||
$item = new Fractal\Resource\Item($status, new StatusTransformer());
|
||||
$res = [
|
||||
'status' => $this->fractal->createData($item)->toArray(),
|
||||
|
@ -73,6 +75,7 @@ class PublicApiController extends Controller
|
|||
$limit = $request->limit ?? 10;
|
||||
$profile = Profile::whereUsername($username)->first();
|
||||
$status = Status::whereProfileId($profile->id)->find($postId);
|
||||
$this->scopeCheck($profile, $status);
|
||||
if($request->filled('min_id') || $request->filled('max_id')) {
|
||||
if($request->filled('min_id')) {
|
||||
$replies = $status->comments()
|
||||
|
@ -100,4 +103,47 @@ class PublicApiController extends Controller
|
|||
$res = $this->fractal->createData($resource)->toArray();
|
||||
return response()->json($res, 200, [], JSON_PRETTY_PRINT);
|
||||
}
|
||||
|
||||
protected function scopeCheck(Profile $profile, Status $status)
|
||||
{
|
||||
if($profile->is_private == true && Auth::check() == false) {
|
||||
abort(404);
|
||||
}
|
||||
|
||||
switch ($status->scope) {
|
||||
case 'public':
|
||||
case 'unlisted':
|
||||
$user = Auth::check() ? Auth::user() : false;
|
||||
if($user && $profile->is_private) {
|
||||
$follows = Follower::whereProfileId($user->profile->id)
|
||||
->whereFollowingId($profile->id)
|
||||
->exists();
|
||||
if($follows == false && $profile->id !== $user->profile->id) {
|
||||
abort(404);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case 'private':
|
||||
$follows = Follower::whereProfileId($user->profile->id)
|
||||
->whereFollowingId($profile->id)
|
||||
->exists();
|
||||
if($follows == false && $profile->id !== $user->profile->id) {
|
||||
abort(404);
|
||||
}
|
||||
break;
|
||||
|
||||
case 'direct':
|
||||
abort(404);
|
||||
break;
|
||||
|
||||
case 'draft':
|
||||
abort(404);
|
||||
break;
|
||||
|
||||
default:
|
||||
abort(404);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue