diff options
| author | Thibaut Girka <thib@sitedethib.com> | 2018-08-17 17:43:54 +0200 |
|---|---|---|
| committer | Thibaut Girka <thib@sitedethib.com> | 2018-08-17 17:43:54 +0200 |
| commit | 280d7b1df8566239f15130d8bf1e0e2c1d467fc0 (patch) | |
| tree | 7903e071b0013fb15dcc5a74f6143239dcbaa2c2 /app/services | |
| parent | 4a6bc2482a26aa0441485ca360a3d3c0eeea7fe4 (diff) | |
| parent | 59f7f4c923494bb8dd6f2881a1610c7b51240d9c (diff) | |
Merge branch 'master' into glitch-soc/merge-upstream
Conflicts: app/models/status.rb db/migrate/20180528141303_fix_accounts_unique_index.rb db/schema.rb Resolved by taking upstream changes (no real conflicts, just glitch-soc specific code too close to actual changes).
Diffstat (limited to 'app/services')
| -rw-r--r-- | app/services/authorize_follow_service.rb | 2 | ||||
| -rw-r--r-- | app/services/resolve_url_service.rb | 10 | ||||
| -rw-r--r-- | app/services/search_service.rb | 2 |
3 files changed, 10 insertions, 4 deletions
diff --git a/app/services/authorize_follow_service.rb b/app/services/authorize_follow_service.rb index f47d488f1..1674239df 100644 --- a/app/services/authorize_follow_service.rb +++ b/app/services/authorize_follow_service.rb @@ -3,7 +3,7 @@ class AuthorizeFollowService < BaseService def call(source_account, target_account, **options) if options[:skip_follow_request] - follow_request = FollowRequest.new(account: source_account, target_account: target_account) + follow_request = FollowRequest.new(account: source_account, target_account: target_account, uri: options[:follow_request_uri]) else follow_request = FollowRequest.find_by!(account: source_account, target_account: target_account) follow_request.authorize! diff --git a/app/services/resolve_url_service.rb b/app/services/resolve_url_service.rb index a068c1ed8..1db1917e2 100644 --- a/app/services/resolve_url_service.rb +++ b/app/services/resolve_url_service.rb @@ -2,11 +2,13 @@ class ResolveURLService < BaseService include JsonLdHelper + include Authorization attr_reader :url - def call(url) + def call(url, on_behalf_of: nil) @url = url + @on_behalf_of = on_behalf_of return process_local_url if local_url? @@ -84,6 +86,10 @@ class ResolveURLService < BaseService def check_local_status(status) return if status.nil? - status if status.public_visibility? || status.unlisted_visibility? + authorize_with @on_behalf_of, status, :show? + status + rescue Mastodon::NotPermittedError + # Do not disclose the existence of status the user is not authorized to see + nil end end diff --git a/app/services/search_service.rb b/app/services/search_service.rb index 5bb395942..cc1fcb52f 100644 --- a/app/services/search_service.rb +++ b/app/services/search_service.rb @@ -53,7 +53,7 @@ class SearchService < BaseService end def url_resource - @_url_resource ||= ResolveURLService.new.call(query) + @_url_resource ||= ResolveURLService.new.call(query, on_behalf_of: @account) end def url_resource_symbol |