93 lines
4.2 KiB
PHP
93 lines
4.2 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api\Posts;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Http\Requests\Posts\CreatePostRequest;
|
|
use App\Http\Requests\Posts\UpdatePostRequest;
|
|
use App\Models\Post;
|
|
use App\Services\Posts\PostFeedService;
|
|
use App\Services\Posts\PostService;
|
|
use Carbon\Carbon;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Support\Facades\Gate;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
|
|
class PostController extends Controller
|
|
{
|
|
public function __construct(
|
|
private PostService $postService,
|
|
private PostFeedService $feedService,
|
|
) {}
|
|
|
|
// ─────────────────────────────────────────────────────────────────────────
|
|
// Create
|
|
// ─────────────────────────────────────────────────────────────────────────
|
|
|
|
public function store(CreatePostRequest $request): JsonResponse
|
|
{
|
|
$user = $request->user();
|
|
|
|
// Rate limit: 10 post creations per hour
|
|
$key = 'create_post:' . $user->id;
|
|
if (RateLimiter::tooManyAttempts($key, 10)) {
|
|
$seconds = RateLimiter::availableIn($key);
|
|
return response()->json([
|
|
'message' => "You're posting too quickly. Please wait {$seconds} seconds.",
|
|
], 429);
|
|
}
|
|
RateLimiter::hit($key, 3600);
|
|
|
|
Gate::authorize('create', Post::class);
|
|
|
|
$post = $this->postService->createPost(
|
|
user: $user,
|
|
type: $request->input('type', Post::TYPE_TEXT),
|
|
visibility: $request->input('visibility', Post::VISIBILITY_PUBLIC),
|
|
body: $request->input('body'),
|
|
targets: $request->input('targets', []),
|
|
linkPreview: $request->input('link_preview'),
|
|
taggedUsers: $request->input('tagged_users'), publishAt: $request->filled('publish_at') ? Carbon::parse($request->input('publish_at')) : null, );
|
|
|
|
$post->load(['user', 'user.profile', 'targets', 'targets.artwork', 'targets.artwork.user', 'targets.artwork.user.profile', 'reactions']);
|
|
|
|
return response()->json([
|
|
'post' => $this->feedService->formatPost($post, $user->id),
|
|
], 201);
|
|
}
|
|
|
|
// ─────────────────────────────────────────────────────────────────────────
|
|
// Update
|
|
// ─────────────────────────────────────────────────────────────────────────
|
|
|
|
public function update(UpdatePostRequest $request, int $id): JsonResponse
|
|
{
|
|
$post = Post::findOrFail($id);
|
|
Gate::authorize('update', $post);
|
|
|
|
$updated = $this->postService->updatePost(
|
|
post: $post,
|
|
body: $request->input('body'),
|
|
visibility: $request->input('visibility'),
|
|
);
|
|
|
|
return response()->json([
|
|
'post' => $this->feedService->formatPost($updated->load(['user', 'user.profile', 'targets', 'targets.artwork', 'targets.artwork.user', 'targets.artwork.user.profile', 'reactions']), $request->user()?->id),
|
|
]);
|
|
}
|
|
|
|
// ─────────────────────────────────────────────────────────────────────────
|
|
// Delete
|
|
// ─────────────────────────────────────────────────────────────────────────
|
|
|
|
public function destroy(int $id): JsonResponse
|
|
{
|
|
$post = Post::findOrFail($id);
|
|
Gate::authorize('delete', $post);
|
|
|
|
$this->postService->deletePost($post);
|
|
|
|
return response()->json(['message' => 'Post deleted.']);
|
|
}
|
|
}
|