diff options
| author | multiple creatures <dev@multiple-creature.party> | 2019-08-04 20:53:20 -0500 |
|---|---|---|
| committer | multiple creatures <dev@multiple-creature.party> | 2019-08-04 20:53:20 -0500 |
| commit | 9a3c4bc0511d1c8a19ef591752be59fb9f3cdfd8 (patch) | |
| tree | 736cdbb3657d8c02c2ab6ffe1ece2ff480a0540b | |
| parent | 9ba20817205de7bf46489ab2a0d834f798031d20 (diff) | |
restrict private pin visibility to packmates & do not include them in `featured` collection (mainline masto does not respect pin visibility)
| -rw-r--r-- | app/controllers/accounts_controller.rb | 10 | ||||
| -rw-r--r-- | app/controllers/activitypub/collections_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/api/v1/accounts/statuses_controller.rb | 6 |
3 files changed, 16 insertions, 4 deletions
diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index bcc806b89..c00ff56b5 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -29,7 +29,7 @@ class AccountsController < ApplicationController end - @pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses? + @pinned_statuses = cache_collection(pinned_statuses, Status) if show_pinned_statuses? @statuses = filtered_status_page(params) @statuses = cache_collection(@statuses, Status) @@ -51,6 +51,14 @@ class AccountsController < ApplicationController private + def pinned_statuses + if user_signed_in? && current_account.following?(@account) + @account.pinned_statuses + else + @account.pinned_statuses.where.not(visibility: :private) + end + end + def show_pinned_statuses? [reblogs_requested?, replies_requested?, media_requested?, tag_requested?, params[:max_id].present?, params[:min_id].present?].none? end diff --git a/app/controllers/activitypub/collections_controller.rb b/app/controllers/activitypub/collections_controller.rb index 853f4f907..fb7976a39 100644 --- a/app/controllers/activitypub/collections_controller.rb +++ b/app/controllers/activitypub/collections_controller.rb @@ -35,7 +35,7 @@ class ActivityPub::CollectionsController < Api::BaseController def set_size case params[:id] when 'featured' - @account.pinned_statuses.count + @account.pinned_statuses.where.not(visibility: :private).count else raise ActiveRecord::RecordNotFound end @@ -45,7 +45,7 @@ class ActivityPub::CollectionsController < Api::BaseController case params[:id] when 'featured' @account.statuses.permitted_for(@account, signed_request_account).tap do |scope| - scope.merge!(@account.pinned_statuses) + scope.merge!(@account.pinned_statuses.where.not(visibility: :private)) end else raise ActiveRecord::RecordNotFound diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb index 11661ce08..914a39801 100644 --- a/app/controllers/api/v1/accounts/statuses_controller.rb +++ b/app/controllers/api/v1/accounts/statuses_controller.rb @@ -57,7 +57,11 @@ class Api::V1::Accounts::StatusesController < Api::BaseController end def pinned_scope - @account.pinned_statuses + if user_signed_in? && current_account.following?(@account) + @account.pinned_statuses + else + @account.pinned_statuses.where.not(visibility: :private) + end end def no_replies_scope |