diff options
author | Thibaut Girka <thib@sitedethib.com> | 2020-07-07 15:34:00 +0200 |
---|---|---|
committer | Thibaut Girka <thib@sitedethib.com> | 2020-07-07 15:58:45 +0200 |
commit | e9ad99bc93b6f65277956d997792ec40f08165cb (patch) | |
tree | ce71714d2d0d680adecf070cb4e698f3a6984b56 /app/controllers/media_proxy_controller.rb | |
parent | 94e09d309cb068ea92919767e40e655260ac43cb (diff) | |
parent | 6e25574ce599cbc37b7215ded03c7d07208af6bb (diff) |
Merge branch 'master' into glitch-soc/merge-upstream
Conflicts: - `package.json`: Not really a conflict, just some glitch-soc-specific dependency too close to an upstream-updated one.
Diffstat (limited to 'app/controllers/media_proxy_controller.rb')
-rw-r--r-- | app/controllers/media_proxy_controller.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/app/controllers/media_proxy_controller.rb b/app/controllers/media_proxy_controller.rb index a8261ec2b..0b1d09de9 100644 --- a/app/controllers/media_proxy_controller.rb +++ b/app/controllers/media_proxy_controller.rb @@ -2,6 +2,7 @@ class MediaProxyController < ApplicationController include RoutingHelper + include Authorization skip_before_action :store_current_location skip_before_action :require_functional! @@ -10,12 +11,14 @@ class MediaProxyController < ApplicationController rescue_from ActiveRecord::RecordInvalid, with: :not_found rescue_from Mastodon::UnexpectedResponseError, with: :not_found + rescue_from Mastodon::NotPermittedError, with: :not_found rescue_from HTTP::TimeoutError, HTTP::ConnectionError, OpenSSL::SSL::SSLError, with: :internal_server_error def show RedisLock.acquire(lock_options) do |lock| if lock.acquired? - @media_attachment = MediaAttachment.remote.find(params[:id]) + @media_attachment = MediaAttachment.remote.attached.find(params[:id]) + authorize @media_attachment.status, :show? redownload! if @media_attachment.needs_redownload? && !reject_media? else raise Mastodon::RaceConditionError |