[Privacy] Use reply visibility gating to preserve thread permissions rather than public/private flag on thread

author: Fire Demon <firedemon@creature.cafe> 2020-08-22 00:49:56 -0500
committer: Fire Demon <firedemon@creature.cafe> 2020-08-30 05:45:19 -0500
commit: 6c3a1729e38264d811c1ccbe25a91b7c9b04ba9d (patch)
tree: 11c1187dbe2f8c68732bdd10fc9a22f3af235a99
parent: c299e9555426e36c4dbb489dcccad3ab6bad2f17 (diff)
5 files changed, 19 insertions, 21 deletions
diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb
index 23786c1cc..69480ccf6 100644
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@@ -404,7 +404,6 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
           uri: uri,
           root: object_uri,
           account: @account,
-          public: %i(public unlisted).include?(visibility_from_audience),
         }.freeze
         if conversation.blank?
           conversation = Conversation.create!(params)
@@ -412,7 +411,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
           conversation.update!(params)
         end
       elsif conversation.blank?
-        conversation = Conversation.create!(uri: uri, account_id: nil, public: false)
+        conversation = Conversation.create!(uri: uri, account_id: nil)
       end
 
       conversation
diff --git a/app/models/status.rb b/app/models/status.rb
index 36b3eecf4..826091bb0 100644
--- a/app/models/status.rb
+++ b/app/models/status.rb
@@ -136,7 +136,6 @@ class Status < ApplicationRecord
   scope :without_semiprivate, -> { where(semiprivate: false) }
   scope :reblogs, -> { where('statuses.reblog_of_id IS NOT NULL') }
   scope :locally_reblogged, -> { where(id: Status.unscoped.local.reblogs.select(:reblog_of_id)) }
-  scope :public_conversations, -> { joins(:conversation).where(conversations: { public: true }) }
   scope :conversations_by, ->(account) { joins(:conversation).where(conversations: { account: account }) }
   scope :mentioning_account, ->(account) { joins(:mentions).where(mentions: { account: account }) }
   scope :replies, -> { where(reply: true).where('statuses.in_reply_to_account_id != statuses.account_id') }
@@ -364,9 +363,9 @@ class Status < ApplicationRecord
 
   def should_be_semiprivate?
     return @should_be_semiprivate if defined?(@should_be_semiprivate)
-    return @should_be_semiprivate = true if distributable? && (!conversation.public? || private_domain_permissions? || account.private_domain_permissions?)
+    return @should_be_semiprivate = true if distributable? && (private_domain_permissions? || account.private_domain_permissions?)
 
-    @should_be_semiprivate = !distributable? && (conversation.public? || public_domain_permissions? || account.public_domain_permissions?)
+    @should_be_semiprivate = !distributable? && (public_domain_permissions? || account.public_domain_permissions?)
   end
 
   def should_limit_visibility?
@@ -584,7 +583,7 @@ class Status < ApplicationRecord
 
         query = if options[:include_replies]
                   query = query.replies if options[:only_replies]
-                  query.public_conversations.or(query.conversations_by(target_account))
+                  query.conversations_by(target_account)
                 else
                   query.without_replies
                 end
@@ -715,14 +714,14 @@ class Status < ApplicationRecord
       self.in_reply_to_account_id = carried_over_reply_to_account_id
       self.conversation_id        = thread.conversation_id if conversation_id.nil?
     elsif conversation_id.nil?
-      self.conversation = reply? ? Conversation.new(account_id: nil, public: false) : Conversation.new(account_id: account_id, public: distributable?)
-    elsif !reply? && account_id != conversation.account_id || conversation.public? != distributable?
-      conversation.update!(account_id: account_id, public: distributable?)
+      self.conversation = reply? ? Conversation.new(account_id: nil) : Conversation.new(account_id: account_id)
+    elsif !reply? && account_id != conversation.account_id
+      conversation.update!(account_id: account_id)
     end
   end
 
   def set_conversation_root
-    conversation.update!(root: uri, account_id: account_id, public: distributable?) if !reply && conversation.root.blank?
+    conversation.update!(root: uri, account_id: account_id) if !reply && conversation.root.blank?
   end
 
   def carried_over_reply_to_account_id
diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb
index b92494103..9f851feb3 100644
--- a/app/policies/status_policy.rb
+++ b/app/policies/status_policy.rb
@@ -53,7 +53,7 @@ class StatusPolicy < ApplicationPolicy
   end
 
   def private?
-    visibility_for_remote_domain == 'private' || reply? && !public_conversation?
+    visibility_for_remote_domain == 'private'
   end
 
   def mention_exists?
@@ -91,7 +91,7 @@ class StatusPolicy < ApplicationPolicy
   end
 
   def conversation_author_blocking?
-    return public_conversation? if conversation_owner.nil?
+    return false if conversation_owner.nil?
 
     @preloaded_relations[:blocked_by] ? @preloaded_relations[:blocked_by][conversation_owner.id] : conversation_owner.blocking?(current_account)
   end
@@ -110,8 +110,7 @@ class StatusPolicy < ApplicationPolicy
   end
 
   def following_conversation_owner?
-    return false if current_account.nil?
-    return public_conversation? if conversation_owner.nil?
+    return false if current_account.nil? || conversation_owner.nil?
 
     @preloaded_relations[:following] ? @preloaded_relations[:following][conversation_owner.id] : current_account.following?(conversation_owner)
   end
@@ -142,12 +141,6 @@ class StatusPolicy < ApplicationPolicy
     record.reply? && record.in_reply_to_account_id != author.id
   end
 
-  def public_conversation?
-    return @public_conversation if defined?(@public_conversation)
-
-    @public_conversation = record.conversation&.public? || false
-  end
-
   def visibility_for_remote_domain
     @visibility_for_domain ||= record.visibility_for_domain(current_account&.domain)
   end
diff --git a/db/migrate/20200822054516_remove_public_column_from_conversations.rb b/db/migrate/20200822054516_remove_public_column_from_conversations.rb
new file mode 100644
index 000000000..e015f3f63
--- /dev/null
+++ b/db/migrate/20200822054516_remove_public_column_from_conversations.rb
@@ -0,0 +1,7 @@
+class RemovePublicColumnFromConversations < ActiveRecord::Migration[5.2]
+  def change
+    def safety_assured
+      remove_column :conversations, :public
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 22210f7a2..498f2e052 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2020_08_21_051721) do
+ActiveRecord::Schema.define(version: 2020_08_22_054516) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
author	Fire Demon <firedemon@creature.cafe>	2020-08-22 00:49:56 -0500
committer	Fire Demon <firedemon@creature.cafe>	2020-08-30 05:45:19 -0500
commit	6c3a1729e38264d811c1ccbe25a91b7c9b04ba9d (patch)
tree	11c1187dbe2f8c68732bdd10fc9a22f3af235a99
parent	c299e9555426e36c4dbb489dcccad3ab6bad2f17 (diff)