about summary refs log tree commit diff
path: root/app/controllers/api
diff options
context:
space:
mode:
authormultiple creatures <dev@multiple-creature.party>2019-08-04 20:53:20 -0500
committermultiple creatures <dev@multiple-creature.party>2019-08-04 20:53:20 -0500
commit9a3c4bc0511d1c8a19ef591752be59fb9f3cdfd8 (patch)
tree736cdbb3657d8c02c2ab6ffe1ece2ff480a0540b /app/controllers/api
parent9ba20817205de7bf46489ab2a0d834f798031d20 (diff)
restrict private pin visibility to packmates & do not include them in `featured` collection (mainline masto does not respect pin visibility)
Diffstat (limited to 'app/controllers/api')
-rw-r--r--app/controllers/api/v1/accounts/statuses_controller.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb
index 11661ce08..914a39801 100644
--- a/app/controllers/api/v1/accounts/statuses_controller.rb
+++ b/app/controllers/api/v1/accounts/statuses_controller.rb
@@ -57,7 +57,11 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
   end
 
   def pinned_scope
-    @account.pinned_statuses
+    if user_signed_in? && current_account.following?(@account)
+      @account.pinned_statuses
+    else
+      @account.pinned_statuses.where.not(visibility: :private)
+    end
   end
 
   def no_replies_scope