diff options
| author | Fire Demon <firedemon@creature.cafe> | 2020-08-20 05:52:54 -0500 |
|---|---|---|
| committer | Fire Demon <firedemon@creature.cafe> | 2020-08-30 05:45:19 -0500 |
| commit | a921eb4e39390eeec6c49c706aad3630b1d50282 (patch) | |
| tree | 298ba410ba1019fa361f7d38bf0a8159b17cb8b7 | |
| parent | d77bce3d82653091feffa7b3884b695afdd9c006 (diff) | |
[Filtering, Bug] Remove duplicate or unnecessary permission checks, add missing filter_options argument
| -rw-r--r-- | app/controllers/activitypub/replies_controller.rb | 1 | ||||
| -rw-r--r-- | app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb | 1 | ||||
| -rw-r--r-- | app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb | 1 | ||||
| -rw-r--r-- | app/controllers/api/v1/statuses_controller.rb | 1 | ||||
| -rw-r--r-- | app/controllers/remote_interaction_controller.rb | 1 | ||||
| -rw-r--r-- | app/controllers/statuses_controller.rb | 1 | ||||
| -rw-r--r-- | app/lib/feed_manager.rb | 3 | ||||
| -rw-r--r-- | app/lib/status_filter.rb | 1 | ||||
| -rw-r--r-- | app/policies/status_policy.rb | 39 |
9 files changed, 12 insertions, 37 deletions
diff --git a/app/controllers/activitypub/replies_controller.rb b/app/controllers/activitypub/replies_controller.rb index 1e1b342b3..4d553fc07 100644 --- a/app/controllers/activitypub/replies_controller.rb +++ b/app/controllers/activitypub/replies_controller.rb @@ -26,7 +26,6 @@ class ActivityPub::RepliesController < ActivityPub::BaseController def set_status @status = @account.statuses.find(params[:status_id]) authorize @status, :show? - authorize @status.reblog, :show? if @status.reblog? rescue Mastodon::NotPermittedError not_found end diff --git a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb index 45dc212bb..8229786d6 100644 --- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb +++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb @@ -66,7 +66,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController def set_status @status = Status.find(params[:status_id]) authorize @status, :show? - authorize @status.reblog, :show? if @status.reblog? rescue Mastodon::NotPermittedError not_found end diff --git a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb index cc8c75ea0..6c9e49d90 100644 --- a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb +++ b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb @@ -63,7 +63,6 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController def set_status @status = Status.find(params[:status_id]) authorize @status, :show? - authorize @status.reblog, :show? if @status.reblog? rescue Mastodon::NotPermittedError not_found end diff --git a/app/controllers/api/v1/statuses_controller.rb b/app/controllers/api/v1/statuses_controller.rb index cf21ee90c..d4cdb6eae 100644 --- a/app/controllers/api/v1/statuses_controller.rb +++ b/app/controllers/api/v1/statuses_controller.rb @@ -108,7 +108,6 @@ class Api::V1::StatusesController < Api::BaseController def set_status @status = Status.find(params[:id]) authorize @status, :show? - authorize @status.reblog, :show? if @status.reblog? rescue Mastodon::NotPermittedError not_found end diff --git a/app/controllers/remote_interaction_controller.rb b/app/controllers/remote_interaction_controller.rb index 5db70aac4..5ead3aaa0 100644 --- a/app/controllers/remote_interaction_controller.rb +++ b/app/controllers/remote_interaction_controller.rb @@ -41,7 +41,6 @@ class RemoteInteractionController < ApplicationController def set_status @status = Status.find(params[:id]) authorize @status, :show? - authorize @status.reblog, :show? if @status.reblog? rescue Mastodon::NotPermittedError not_found end diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index 15ea0f38d..6f8e74414 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -76,7 +76,6 @@ class StatusesController < ApplicationController def set_status @status = @account.statuses.find(params[:id]) authorize @status, :show? - authorize @status.reblog, :show? if @status.reblog? rescue Mastodon::NotPermittedError not_found end diff --git a/app/lib/feed_manager.rb b/app/lib/feed_manager.rb index 12df1ab88..0ae15db9a 100644 --- a/app/lib/feed_manager.rb +++ b/app/lib/feed_manager.rb @@ -202,9 +202,10 @@ class FeedManager statuses = target_account.statuses.published.without_replies.where(visibility: [:public, :unlisted, :private]).includes(:preloadable_poll, reblog: :account).limit(limit) crutches = build_crutches(account.id, statuses) + filter_options = filter_options_for(account.id) statuses.each do |status| - next if filter_from_home?(status, account.id, crutches) + next if filter_from_home?(status, account.id, crutches, filter_options) add_to_feed(:home, account.id, status, aggregate) end diff --git a/app/lib/status_filter.rb b/app/lib/status_filter.rb index 7555243c0..eb31dcad6 100644 --- a/app/lib/status_filter.rb +++ b/app/lib/status_filter.rb @@ -12,6 +12,7 @@ class StatusFilter def filtered? return false if !account.nil? && account.id == status.account_id + blocked_by_policy? || (account_present? && filtered_status?) || (@filter_silenced && silenced_account?) end diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb index 082c27f8e..6d1584ee8 100644 --- a/app/policies/status_policy.rb +++ b/app/policies/status_policy.rb @@ -12,7 +12,7 @@ class StatusPolicy < ApplicationPolicy end def show? - return false if local_only? && (current_account.nil? || !current_account.local?) + return false if local_only? && !current_account&.local? return false unless published? || owned? if requires_mention? @@ -72,12 +72,6 @@ class StatusPolicy < ApplicationPolicy author.domain_blocking?(current_account.domain) end - def parent_author_blocking_domain? - return false if current_account.nil? || current_account.domain.nil? || parent_author.nil? - - parent_author.domain_blocking?(current_account.domain) - end - def conversation_author_blocking_domain? return false if current_account.nil? || current_account.domain.nil? || conversation_owner.nil? @@ -96,12 +90,6 @@ class StatusPolicy < ApplicationPolicy @preloaded_relations[:blocked_by] ? @preloaded_relations[:blocked_by][author.id] : author.blocking?(current_account) end - def parent_author_blocking? - return parent_author&.require_auth? if current_account.nil? || parent_author.nil? - - @preloaded_relations[:blocked_by] ? @preloaded_relations[:blocked_by][parent_author.id] : parent_author.blocking?(current_account) - end - def conversation_author_blocking? return public_conversation? if conversation_owner.nil? @@ -109,10 +97,10 @@ class StatusPolicy < ApplicationPolicy end def blocked_by_owners? - return (author_blocking? || author_blocking_domain?) if conversation_owner&.id == author.id && parent_author&.id == author.id - return true if conversation_author_blocking? || parent_author_blocking? || author_blocking? + return author_blocking? || author_blocking_domain? if conversation_owner&.id == author.id + return true if conversation_author_blocking? || author_blocking? - conversation_author_blocking_domain? || parent_author_blocking_domain? || author_blocking_domain? + conversation_author_blocking_domain? || author_blocking_domain? end def following_author? @@ -121,13 +109,6 @@ class StatusPolicy < ApplicationPolicy @preloaded_relations[:following] ? @preloaded_relations[:following][author.id] : current_account.following?(author) end - def following_parent_author? - return false if current_account.nil? - return true if parent_author.nil? - - @preloaded_relations[:following] ? @preloaded_relations[:following][parent_author.id] : current_account.following?(parent_author) - end - def following_conversation_owner? return false if current_account.nil? return public_conversation? if conversation_owner.nil? @@ -136,19 +117,15 @@ class StatusPolicy < ApplicationPolicy end def following_owners? - return following_author? if conversation_owner&.id == author.id && parent_author&.id == author.id + return following_author? if conversation_owner&.id == author.id - following_conversation_owner? && following_parent_author? && following_author? + following_conversation_owner? && following_author? end def author @author ||= record.account end - def parent_author - @parent_author ||= record.in_reply_to_account - end - def conversation_owner @conversation_owner ||= record.conversation&.account end @@ -162,7 +139,9 @@ class StatusPolicy < ApplicationPolicy end def public_conversation? - @public_conversation ||= record.conversation&.public? || false + return @public_conversation if defined?(@public_conversation) + + @public_conversation = record.conversation&.public? || false end def visibility_for_remote_domain |