mirror of https://github.com/pixelfed/pixelfed.git
232 lines
7.7 KiB
PHP
232 lines
7.7 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use Illuminate\Http\Request;
|
|
use App\Models\ParentalControls;
|
|
use App\Models\UserRoles;
|
|
use App\Profile;
|
|
use App\User;
|
|
use App\Http\Controllers\Auth\RegisterController;
|
|
use Illuminate\Auth\Events\Registered;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use App\Services\UserRoleService;
|
|
use App\Jobs\ParentalControlsPipeline\DispatchChildInvitePipeline;
|
|
|
|
class ParentalControlsController extends Controller
|
|
{
|
|
public function authPreflight($request, $maxUserCheck = false, $authCheck = true)
|
|
{
|
|
if($authCheck) {
|
|
abort_unless($request->user(), 404);
|
|
abort_unless($request->user()->has_roles === 0, 404);
|
|
}
|
|
abort_unless(config('instance.parental_controls.enabled'), 404);
|
|
if(config_cache('pixelfed.open_registration') == false) {
|
|
abort_if(config('instance.parental_controls.limits.respect_open_registration'), 404);
|
|
}
|
|
if($maxUserCheck == true) {
|
|
$hasLimit = config('pixelfed.enforce_max_users');
|
|
if($hasLimit) {
|
|
$count = User::where(function($q){ return $q->whereNull('status')->orWhereNotIn('status', ['deleted','delete']); })->count();
|
|
$limit = (int) config('pixelfed.max_users');
|
|
|
|
abort_if($limit && $limit <= $count, 404);
|
|
}
|
|
}
|
|
}
|
|
|
|
public function index(Request $request)
|
|
{
|
|
$this->authPreflight($request);
|
|
$children = ParentalControls::whereParentId($request->user()->id)->latest()->paginate(5);
|
|
return view('settings.parental-controls.index', compact('children'));
|
|
}
|
|
|
|
public function add(Request $request)
|
|
{
|
|
$this->authPreflight($request, true);
|
|
return view('settings.parental-controls.add');
|
|
}
|
|
|
|
public function view(Request $request, $id)
|
|
{
|
|
$this->authPreflight($request);
|
|
$uid = $request->user()->id;
|
|
$pc = ParentalControls::whereParentId($uid)->findOrFail($id);
|
|
return view('settings.parental-controls.manage', compact('pc'));
|
|
}
|
|
|
|
public function update(Request $request, $id)
|
|
{
|
|
$this->authPreflight($request);
|
|
$uid = $request->user()->id;
|
|
$ff = $this->requestFormFields($request);
|
|
$pc = ParentalControls::whereParentId($uid)->findOrFail($id);
|
|
$pc->permissions = $ff;
|
|
$pc->save();
|
|
|
|
$roles = UserRoleService::mapActions($pc->child_id, $ff);
|
|
if(isset($roles['account-force-private'])) {
|
|
$c = Profile::whereUserId($pc->child_id)->first();
|
|
$c->is_private = $roles['account-force-private'];
|
|
$c->save();
|
|
}
|
|
UserRoles::whereUserId($pc->child_id)->update(['roles' => $roles]);
|
|
return redirect($pc->manageUrl() . '?permissions');
|
|
}
|
|
|
|
public function store(Request $request)
|
|
{
|
|
$this->authPreflight($request, true);
|
|
$this->validate($request, [
|
|
'email' => 'required|email|unique:parental_controls,email|unique:users,email',
|
|
]);
|
|
|
|
$state = $this->requestFormFields($request);
|
|
|
|
$pc = new ParentalControls;
|
|
$pc->parent_id = $request->user()->id;
|
|
$pc->email = $request->input('email');
|
|
$pc->verify_code = str_random(32);
|
|
$pc->permissions = $state;
|
|
$pc->save();
|
|
|
|
DispatchChildInvitePipeline::dispatch($pc);
|
|
return redirect($pc->manageUrl());
|
|
}
|
|
|
|
public function inviteRegister(Request $request, $id, $code)
|
|
{
|
|
if($request->user()) {
|
|
$title = 'You cannot complete this action on this device.';
|
|
$body = 'Please log out or use a different device or browser to complete the invitation registration.';
|
|
return view('errors.custom', compact('title', 'body'));
|
|
}
|
|
|
|
$this->authPreflight($request, true, false);
|
|
|
|
$pc = ParentalControls::whereRaw('verify_code = BINARY ?', $code)->whereNull(['email_verified_at', 'child_id'])->findOrFail($id);
|
|
abort_unless(User::whereId($pc->parent_id)->exists(), 404);
|
|
return view('settings.parental-controls.invite-register-form', compact('pc'));
|
|
}
|
|
|
|
public function inviteRegisterStore(Request $request, $id, $code)
|
|
{
|
|
if($request->user()) {
|
|
$title = 'You cannot complete this action on this device.';
|
|
$body = 'Please log out or use a different device or browser to complete the invitation registration.';
|
|
return view('errors.custom', compact('title', 'body'));
|
|
}
|
|
|
|
$this->authPreflight($request, true, false);
|
|
|
|
$pc = ParentalControls::whereRaw('verify_code = BINARY ?', $code)->whereNull('email_verified_at')->findOrFail($id);
|
|
|
|
$fields = $request->all();
|
|
$fields['email'] = $pc->email;
|
|
$defaults = UserRoleService::defaultRoles();
|
|
$validator = (new RegisterController)->validator($fields);
|
|
$valid = $validator->validate();
|
|
abort_if(!$valid, 404);
|
|
event(new Registered($user = (new RegisterController)->create($fields)));
|
|
sleep(5);
|
|
$user->has_roles = true;
|
|
$user->parent_id = $pc->parent_id;
|
|
if(config('instance.parental_controls.limits.auto_verify_email')) {
|
|
$user->email_verified_at = now();
|
|
$user->save();
|
|
sleep(3);
|
|
} else {
|
|
$user->save();
|
|
sleep(3);
|
|
}
|
|
$ur = UserRoles::updateOrCreate([
|
|
'user_id' => $user->id,
|
|
],[
|
|
'roles' => UserRoleService::mapInvite($user->id, $pc->permissions)
|
|
]);
|
|
$pc->email_verified_at = now();
|
|
$pc->child_id = $user->id;
|
|
$pc->save();
|
|
sleep(2);
|
|
Auth::guard()->login($user);
|
|
|
|
return redirect('/i/web');
|
|
}
|
|
|
|
public function cancelInvite(Request $request, $id)
|
|
{
|
|
$this->authPreflight($request);
|
|
$pc = ParentalControls::whereParentId($request->user()->id)
|
|
->whereNull(['email_verified_at', 'child_id'])
|
|
->findOrFail($id);
|
|
|
|
return view('settings.parental-controls.delete-invite', compact('pc'));
|
|
}
|
|
|
|
public function cancelInviteHandle(Request $request, $id)
|
|
{
|
|
$this->authPreflight($request);
|
|
$pc = ParentalControls::whereParentId($request->user()->id)
|
|
->whereNull(['email_verified_at', 'child_id'])
|
|
->findOrFail($id);
|
|
|
|
$pc->delete();
|
|
|
|
return redirect('/settings/parental-controls');
|
|
}
|
|
|
|
public function stopManaging(Request $request, $id)
|
|
{
|
|
$this->authPreflight($request);
|
|
$pc = ParentalControls::whereParentId($request->user()->id)
|
|
->whereNotNull(['email_verified_at', 'child_id'])
|
|
->findOrFail($id);
|
|
|
|
return view('settings.parental-controls.stop-managing', compact('pc'));
|
|
}
|
|
|
|
public function stopManagingHandle(Request $request, $id)
|
|
{
|
|
$this->authPreflight($request);
|
|
$pc = ParentalControls::whereParentId($request->user()->id)
|
|
->whereNotNull(['email_verified_at', 'child_id'])
|
|
->findOrFail($id);
|
|
$pc->child()->update([
|
|
'has_roles' => false,
|
|
'parent_id' => null,
|
|
]);
|
|
$pc->delete();
|
|
|
|
return redirect('/settings/parental-controls');
|
|
}
|
|
|
|
protected function requestFormFields($request)
|
|
{
|
|
$state = [];
|
|
$fields = [
|
|
'post',
|
|
'comment',
|
|
'like',
|
|
'share',
|
|
'follow',
|
|
'bookmark',
|
|
'story',
|
|
'collection',
|
|
'discovery_feeds',
|
|
'dms',
|
|
'federation',
|
|
'hide_network',
|
|
'private',
|
|
'hide_cw'
|
|
];
|
|
|
|
foreach ($fields as $field) {
|
|
$state[$field] = $request->input($field) == 'on';
|
|
}
|
|
|
|
return $state;
|
|
}
|
|
}
|