about summary refs log tree commit diff
path: root/app/services/favourite_service.rb
diff options
context:
space:
mode:
authorJack Jennings <jack@standard-library.com>2017-05-29 09:22:22 -0700
committerEugen Rochko <eugen@zeonfederated.com>2017-05-29 18:22:22 +0200
commit3a2003ba863252f305fb32098bcd3f095b10e2ff (patch)
tree6ff5f4a1cf6c9d042baca1441409afb9ac46775d /app/services/favourite_service.rb
parent9a81be0d3715eb846d940794f8b34cbbe4ba67a5 (diff)
Extract authorization policy for viewing statuses (#3150)
Diffstat (limited to 'app/services/favourite_service.rb')
-rw-r--r--app/services/favourite_service.rb4
1 files changed, 3 insertions, 1 deletions
diff --git a/app/services/favourite_service.rb b/app/services/favourite_service.rb
index e92aada64..f27145c96 100644
--- a/app/services/favourite_service.rb
+++ b/app/services/favourite_service.rb
@@ -1,12 +1,14 @@
 # frozen_string_literal: true
 
 class FavouriteService < BaseService
+  include Authorization
+
   # Favourite a status and notify remote user
   # @param [Account] account
   # @param [Status] status
   # @return [Favourite]
   def call(account, status)
-    raise Mastodon::NotPermittedError unless status.permitted?(account)
+    authorize_with account, status, :show?
 
     favourite = Favourite.create!(account: account, status: status)