diff options
| author | multiple creatures <dev@multiple-creature.party> | 2020-02-18 02:02:54 -0600 |
|---|---|---|
| committer | multiple creatures <dev@multiple-creature.party> | 2020-02-18 02:18:09 -0600 |
| commit | 0f3b01eaab82325baaf1c7a4c75a322d3c21a67f (patch) | |
| tree | f3d19c99328336997919803ffc6850a96d5a6411 /app/controllers | |
| parent | fc69e4a0bb4e3d2fdcb2ffef0f3211f8c347ed15 (diff) | |
switch to irc-like oper behavior; require mods & admins to explicitly oper up using `fangs`/`op` bangtag or toggling defang setting in profile; auto-defang after 15 mins or with `defang`/`deop` bangtag
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/accounts_controller.rb | 13 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/settings/profiles_controller.rb | 2 |
3 files changed, 13 insertions, 6 deletions
diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index 3359eafdf..8bff3ab18 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -16,7 +16,8 @@ class AccountsController < ApplicationController unless current_account&.id == @account.id if @account.hidden || @account&.user&.hides_public_profile? - return not_found unless current_account&.following?(@account) + not_found unless current_account&.following?(@account) + return end end @@ -44,10 +45,12 @@ class AccountsController < ApplicationController format.rss do expires_in 1.minute, public: true - return not_found unless current_account&.user&.allows_rss? - - @statuses = filtered_statuses.without_reblogs.without_replies.limit(PAGE_SIZE) - @statuses = cache_collection(@statuses, Status) + if current_account&.user&.allows_rss? + @statuses = filtered_statuses.without_reblogs.without_replies.limit(PAGE_SIZE) + @statuses = cache_collection(@statuses, Status) + else + @statuses = [] + end render xml: RSS::AccountSerializer.render(@account, @statuses, params[:tag]) end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 3169151a8..b6c2feafb 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -63,6 +63,10 @@ class ApplicationController < ActionController::Base forbidden unless current_user&.staff? end + def require_halfmod! + forbidden unless current_user&.halfmod? + end + def check_user_permissions forbidden if current_user.disabled? || current_user.account.suspended? end diff --git a/app/controllers/settings/profiles_controller.rb b/app/controllers/settings/profiles_controller.rb index 6b3f0d311..dab613085 100644 --- a/app/controllers/settings/profiles_controller.rb +++ b/app/controllers/settings/profiles_controller.rb @@ -25,7 +25,7 @@ class Settings::ProfilesController < Settings::BaseController private def account_params - params.require(:account).permit(:display_name, :note, :avatar, :header, :replies, :locked, :hidden, :unlisted, :block_anon, :gently, :kobold, :adult_content, :bot, :discoverable, :filter_undescribed, fields_attributes: [:name, :value]) + params.require(:account).permit(:display_name, :note, :avatar, :header, :replies, :locked, :hidden, :unlisted, :block_anon, :gently, :kobold, :adult_content, :bot, :discoverable, :filter_undescribed, :user_defanged, fields_attributes: [:name, :value]) end def set_account |