diff options
author | ThibG <thib@sitedethib.com> | 2019-09-13 16:03:46 +0200 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2019-09-13 16:03:46 +0200 |
commit | 225edac118634b146c1bbf45f199d8a1257bcf56 (patch) | |
tree | 064fd78f970c1ff8e172a9dd0e0ced01c0b77009 /app/controllers/api | |
parent | 4e1b742cb270e7857d9e05b75b0409ce43732b7c (diff) |
Change /api/v1/timelines/public to require auth when public preview is off (#11802)
Fixes #11289
Diffstat (limited to 'app/controllers/api')
-rw-r--r-- | app/controllers/api/v1/timelines/public_controller.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/app/controllers/api/v1/timelines/public_controller.rb b/app/controllers/api/v1/timelines/public_controller.rb index aabe24324..ccc10f966 100644 --- a/app/controllers/api/v1/timelines/public_controller.rb +++ b/app/controllers/api/v1/timelines/public_controller.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true class Api::V1::Timelines::PublicController < Api::BaseController + before_action :require_user!, only: [:show], if: :require_auth? after_action :insert_pagination_headers, unless: -> { @statuses.empty? } respond_to :json @@ -12,6 +13,10 @@ class Api::V1::Timelines::PublicController < Api::BaseController private + def require_auth? + !Setting.timeline_preview + end + def load_statuses cached_public_statuses end |