Add user options to disable recipient verification, allow anonymous public access; rework private mode

author: Fire Demon <firedemon@creature.cafe> 2020-11-23 23:10:05 -0600
committer: Fire Demon <firedemon@creature.cafe> 2020-11-23 23:10:05 -0600
commit: 65a9abb315f18ac777f3d0e09b3f7399830ad243 (patch)
tree: 39712b50201749efad11dce09561d81f4bdcdb2f /app
parent: 7f5ba917563aa1c9a373d9dd3a6a29f73d81ee9a (diff)
29 files changed, 58 insertions, 69 deletions
diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index f97eeb80b..3d328e920 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -8,11 +8,11 @@ class AccountsController < ApplicationController
   include SignatureAuthentication
 
   before_action :require_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
+  before_action :require_authenticated!, if: -> { @account.private? }
+  before_action :require_following!, if: -> { request.format != :rss && @account.private? }
   before_action :set_cache_headers
   before_action :set_body_classes
 
-  before_action :require_authenticated!, if: -> { @account.require_auth? || @account.private? }
-
   skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
   skip_before_action :require_functional! # , unless: :whitelist_mode?
 
@@ -44,7 +44,7 @@ class AccountsController < ApplicationController
       end
 
       format.rss do
-        return render xml: '', status: 404 if rss_disabled? || unauthorized?
+        return render xml: '', status: 404 if !@account.allow_anonymous? || unauthorized?
 
         expires_in 1.minute, public: !current_account?
 
@@ -182,10 +182,6 @@ class AccountsController < ApplicationController
     @unauthorized ||= blocked? || (@account.private? && !following?(@account))
   end
 
-  def rss_disabled?
-    @account.user&.setting_rss_disabled
-  end
-
   def cached_filtered_status_page
     cache_collection_paginated_by_id(
       filtered_statuses,
diff --git a/app/controllers/activitypub/outboxes_controller.rb b/app/controllers/activitypub/outboxes_controller.rb
index 1a879c379..e06688994 100644
--- a/app/controllers/activitypub/outboxes_controller.rb
+++ b/app/controllers/activitypub/outboxes_controller.rb
@@ -7,12 +7,10 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController
   include AccountOwnedConcern
 
   before_action :require_signature!, if: :authorized_fetch_mode?
+  before_action :require_following!, if: -> { @account.private? }
   before_action :set_statuses
   before_action :set_cache_headers
 
-  before_action :require_authenticated!, if: -> { @account.require_auth? }
-  before_action -> { require_following!(@account) }, if: -> { @account.private? }
-
   def show
     expires_in(page_requested? ? 0 : 3.minutes, public: public_fetch_mode? && !(current_account.present? && page_requested?))
     render json: outbox_presenter, serializer: ActivityPub::OutboxSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json', domain: current_account&.domain
diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb
index a0ce810ad..91b8629e3 100644
--- a/app/controllers/api/v1/accounts/statuses_controller.rb
+++ b/app/controllers/api/v1/accounts/statuses_controller.rb
@@ -22,7 +22,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
   end
 
   def load_statuses
-    @account.suspended? ? [] : cached_account_statuses
+    unauthorized? ? [] : cached_account_statuses
   end
 
   def cached_account_statuses
@@ -39,7 +39,6 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
 
   def permitted_account_statuses
     return mentions_scope if truthy_param?(:mentions)
-    return Status.none if unauthorized?
 
     @account.statuses.permitted_for(
       @account,
@@ -58,7 +57,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
   end
 
   def unauthorized?
-    (@account.private && !following?(@account)) || (@account.require_auth && !current_account?)
+    @account.suspended? || (@account.private? && !following?(@account))
   end
 
   def include_reblogs?
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 5e12e89c8..9074e6450 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -49,7 +49,7 @@ class ApplicationController < ActionController::Base
   end
 
   def authorized_fetch_mode?
-    !(Rails.env.development? || Rails.env.test?)
+    !(current_account&.allow_anonymous? || (@account&.id && current_user&.account_id == @account.id) || Rails.env.development? || Rails.env.test?)
   end
 
   def public_fetch_mode?
@@ -90,8 +90,8 @@ class ApplicationController < ActionController::Base
     end
   end
 
-  def require_following!(account)
-    forbidden unless following?(account)
+  def require_following!
+    forbidden unless @account.present? && following?(@account)
   end
 
   def after_sign_out_path_for(_resource_or_scope)
diff --git a/app/controllers/settings/preferences_controller.rb b/app/controllers/settings/preferences_controller.rb
index 7e42d4e40..e8d45ff2a 100644
--- a/app/controllers/settings/preferences_controller.rb
+++ b/app/controllers/settings/preferences_controller.rb
@@ -76,7 +76,6 @@ class Settings::PreferencesController < Settings::BaseController
       :setting_boost_random,
       :setting_filter_unknown,
       :setting_unpublish_on_delete,
-      :setting_rss_disabled,
       :setting_home_reblogs,
       :setting_max_history_public,
       :setting_max_history_private,
diff --git a/app/controllers/settings/profiles_controller.rb b/app/controllers/settings/profiles_controller.rb
index e71ebbb10..93d08ee4b 100644
--- a/app/controllers/settings/profiles_controller.rb
+++ b/app/controllers/settings/profiles_controller.rb
@@ -21,7 +21,7 @@ class Settings::ProfilesController < Settings::BaseController
 
   def account_params
     params.require(:account).permit(:display_name, :note, :avatar, :header, :locked, :bot, :discoverable,
-                                    :show_replies, :show_unlisted, :private, :require_auth,
+                                    :show_replies, :show_unlisted, :private, :allow_anonymous, :no_verify_auth,
                                     fields_attributes: [:name, :value])
   end
 
diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb
index ad065a6fa..27575e414 100644
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@@ -8,10 +8,9 @@ class StatusesController < ApplicationController
 
   layout 'public'
 
-  before_action :require_signature!, only: :show, if: -> { request.format == :json && authorized_fetch_mode? && current_user&.account_id != @account.id }
-  before_action :require_authenticated!, if: -> { @account.require_auth? }
-  before_action -> { require_following!(@account) }, if: -> { request.format != :json && @account.private? }
+  before_action :require_signature!, only: :show, if: -> { request.format == :json && authorized_fetch_mode? }
   before_action :set_status
+  before_action :require_following!, if: -> { @account.private? && !(@status.public_visibility? || @status.unlisted_visibility?) }
   before_action :set_instance_presenter
   before_action :set_link_headers
   before_action :redirect_to_original, only: :show
diff --git a/app/lib/activitypub/activity/announce.rb b/app/lib/activitypub/activity/announce.rb
index 327def623..21fe556af 100644
--- a/app/lib/activitypub/activity/announce.rb
+++ b/app/lib/activitypub/activity/announce.rb
@@ -44,9 +44,9 @@ class ActivityPub::Activity::Announce < ActivityPub::Activity
 
   def visibility_from_audience
     if audience_to.include?(ActivityPub::TagManager::COLLECTIONS[:public])
-      :public
+      @account.private? ? :private : :public
     elsif audience_cc.include?(ActivityPub::TagManager::COLLECTIONS[:public])
-      :unlisted
+      @account.private? ? :private : :unlisted
     elsif audience_to.include?(@account.followers_url)
       :private
     else
diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb
index 98bcada7a..3053b1bb3 100644
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@@ -462,9 +462,9 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
 
   def visibility_from_audience
     if audience_to.include?(ActivityPub::TagManager::COLLECTIONS[:public])
-      :public
+      @account.private? ? :private : :public
     elsif audience_cc.include?(ActivityPub::TagManager::COLLECTIONS[:public])
-      :unlisted
+      @account.private? ? :private : :unlisted
     elsif audience_to.include?(@account.followers_url)
       :private
     elsif direct_message == false
diff --git a/app/lib/activitypub/adapter.rb b/app/lib/activitypub/adapter.rb
index 3063f7a4b..6fcf219be 100644
--- a/app/lib/activitypub/adapter.rb
+++ b/app/lib/activitypub/adapter.rb
@@ -12,7 +12,6 @@ class ActivityPub::Adapter < ActiveModelSerializers::Adapter::Base
     show_replies: { 'mp' => 'https://the.monsterpit.net/ns#', 'showReplies' => 'mp:showReplies' },
     show_unlisted: { 'mp' => 'https://the.monsterpit.net/ns#', 'showUnlisted' => 'mp:showUnlisted' },
     private: { 'mp' => 'https://the.monsterpit.net/ns#', 'private' => 'mp:private' },
-    require_auth: { 'mp' => 'https://the.monsterpit.net/ns#', 'requireAuth' => 'mp:requireAuth' },
     metadata: { 'mp' => 'https://the.monsterpit.net/ns#', 'metadata' => { '@id' => 'mp:metadata', '@type' => '@id' } },
     server_metadata: { 'mp' => 'https://the.monsterpit.net/ns#', 'serverMetadata' => { '@id' => 'mp:serverMetadata', '@type' => '@id' } },
     root: { 'mp' => 'https://the.monsterpit.net/ns#', 'root' => { '@id' => 'mp:root', '@type' => '@id' } },
diff --git a/app/lib/user_settings_decorator.rb b/app/lib/user_settings_decorator.rb
index 0f927d5d0..ca6c09a3a 100644
--- a/app/lib/user_settings_decorator.rb
+++ b/app/lib/user_settings_decorator.rb
@@ -63,7 +63,6 @@ class UserSettingsDecorator
     user.settings['boost_random']        = boost_random_preference if change?('setting_boost_random')
     user.settings['filter_unknown']      = filter_unknown_preference if change?('setting_filter_unknown')
     user.settings['unpublish_on_delete'] = unpublish_on_delete_preference if change?('setting_unpublish_on_delete')
-    user.settings['rss_disabled']        = rss_disabled_preference if change?('setting_rss_disabled')
     user.settings['home_reblogs']        = home_reblogs_preference if change?('setting_home_reblogs')
     user.settings['max_history_public']  = max_history_public_preference if change?('setting_max_history_public')
     user.settings['max_history_private'] = max_history_private_preference if change?('setting_max_history_private')
@@ -246,10 +245,6 @@ class UserSettingsDecorator
     boolean_cast_setting 'setting_unpublish_on_delete'
   end
 
-  def rss_disabled_preference
-    boolean_cast_setting 'setting_rss_disabled'
-  end
-
   def home_reblogs_preference
     boolean_cast_setting 'setting_home_reblogs'
   end
diff --git a/app/models/account.rb b/app/models/account.rb
index 90145ceb2..bf286d111 100644
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -53,10 +53,11 @@
 #  show_replies                  :boolean          default(TRUE), not null
 #  show_unlisted                 :boolean          default(TRUE), not null
 #  private                       :boolean          default(FALSE), not null
-#  require_auth                  :boolean          default(FALSE), not null
 #  last_synced_at                :datetime
 #  sensitized_at                 :datetime
 #  suspension_origin             :integer
+#  no_verify_auth                :boolean          default(FALSE), not null
+#  allow_anonymous               :boolean          default(FALSE), not null
 #
 
 class Account < ApplicationRecord
diff --git a/app/models/status.rb b/app/models/status.rb
index 73eda2c4c..f20e7710d 100644
--- a/app/models/status.rb
+++ b/app/models/status.rb
@@ -254,7 +254,7 @@ class Status < ApplicationRecord
   end
 
   def distributable?
-    public_visibility? || unlisted_visibility?
+    !account.private? && (public_visibility? || unlisted_visibility?)
   end
 
   alias sign? distributable?
@@ -344,6 +344,7 @@ class Status < ApplicationRecord
 
   def visibility_for_domain(domain)
     return visibility.to_s if domain.blank?
+    return 'private' if account.private?
 
     v = domain_permissions.find_by(domain: [domain, '*'])&.visibility || visibility.to_s
 
@@ -659,7 +660,7 @@ class Status < ApplicationRecord
     if reply? && !thread.nil?
       self.in_reply_to_account_id = carried_over_reply_to_account_id
       self.conversation_id        = thread.conversation_id if conversation_id.nil?
-      self.visibility             = :limited if visibility.to_s == 'private' && in_reply_to_account_id != account_id
+      self.visibility             = :limited if in_reply_to_account_id != account_id && (visibility.to_s == 'private' || account.private?)
     end
   end
 
diff --git a/app/models/user.rb b/app/models/user.rb
index 8d91593ae..d3ac464d7 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -124,7 +124,7 @@ class User < ApplicationRecord
            :style_css_profile_errors, :style_css_webapp, :style_css_webapp_errors,
            :style_wide_media, :style_lowercase,
            :publish_in, :unpublish_in, :unpublish_delete, :boost_every, :boost_jitter,
-           :boost_random, :unpublish_on_delete, :rss_disabled, :home_reblogs,
+           :boost_random, :unpublish_on_delete, :home_reblogs,
            :filter_unknown, :max_history_public, :max_history_private, :web_push,
            to: :settings, prefix: :setting, allow_nil: false
 
diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb
index 56c217cec..c16ec29ed 100644
--- a/app/policies/status_policy.rb
+++ b/app/policies/status_policy.rb
@@ -18,10 +18,12 @@ class StatusPolicy < ApplicationPolicy
 
     if requires_mention?
       owned? || mention_exists?
+    elsif author.private? && public?
+      !(author_blocking? || author_blocking_domain?)
     elsif private?
       owned? || following_author? || mention_exists?
     else
-      current_account.nil? || (!author_blocking? && !author_blocking_domain?)
+      current_account.nil? || !(author_blocking? || author_blocking_domain?)
     end
   end
 
@@ -80,7 +82,7 @@ class StatusPolicy < ApplicationPolicy
   end
 
   def author_blocking?
-    return author.require_auth? if current_account.nil?
+    return false if current_account.nil?
 
     @preloaded_relations[:blocked_by] ? @preloaded_relations[:blocked_by][author.id] : author.blocking?(current_account)
   end
@@ -94,7 +96,7 @@ class StatusPolicy < ApplicationPolicy
   def author
     record.account
   end
-  
+
   def local_only?
     record.local_only?
   end
@@ -103,6 +105,10 @@ class StatusPolicy < ApplicationPolicy
     record.published?
   end
 
+  def public?
+    record.public_visibility? || record.unlisted_visibility?
+  end
+
   def visibility_for_remote_domain
     @visibility_for_domain ||= record.visibility_for_domain(current_account&.domain)
   end
diff --git a/app/presenters/activitypub/activity_presenter.rb b/app/presenters/activitypub/activity_presenter.rb
index e17f8bb98..dbeeb5316 100644
--- a/app/presenters/activitypub/activity_presenter.rb
+++ b/app/presenters/activitypub/activity_presenter.rb
@@ -14,7 +14,7 @@ class ActivityPub::ActivityPresenter < ActiveModelSerializers::Model
         presenter.to        = ActivityPub::TagManager.instance.to(status, domain)
         presenter.cc        = ActivityPub::TagManager.instance.cc(status, domain)
 
-        unless embed
+        unless embed || status.account.no_verify_auth?
           presenter.virtual_object = ActivityPub::TagManager.instance.uri_for(status.proper)
           next
         end
diff --git a/app/serializers/activitypub/actor_serializer.rb b/app/serializers/activitypub/actor_serializer.rb
index 38c566937..ebaf2d093 100644
--- a/app/serializers/activitypub/actor_serializer.rb
+++ b/app/serializers/activitypub/actor_serializer.rb
@@ -25,8 +25,8 @@ class ActivityPub::ActorSerializer < ActivityPub::Serializer
   attribute :also_known_as, if: :also_known_as?
   attribute :suspended, if: :suspended?
 
-  context_extensions :show_replies, :private, :require_auth, :metadata, :server_metadata
-  attributes :show_replies, :show_unlisted, :private, :require_auth
+  context_extensions :show_replies, :private, :metadata, :server_metadata
+  attributes :show_replies, :show_unlisted, :private
   attributes :metadata, :server_metadata
 
   class EndpointsSerializer < ActivityPub::Serializer
diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb
index ec1041b3d..049ceae83 100644
--- a/app/services/activitypub/process_account_service.rb
+++ b/app/services/activitypub/process_account_service.rb
@@ -95,7 +95,6 @@ class ActivityPub::ProcessAccountService < BaseService
     @account.show_replies            = @json['showReplies'] || true
     @account.show_unlisted           = @json['showUnlisted'] || true
     @account.private                 = @json['private'] || false
-    @account.require_auth            = @json['require_auth'] || false
   end
 
   def set_fetchable_attributes!
diff --git a/app/services/concerns/payloadable.rb b/app/services/concerns/payloadable.rb
index ba94539c8..1492f8076 100644
--- a/app/services/concerns/payloadable.rb
+++ b/app/services/concerns/payloadable.rb
@@ -7,14 +7,10 @@ module Payloadable
     payload   = ActiveModelSerializers::SerializableResource.new(record, options.merge(serializer: serializer, adapter: ActivityPub::Adapter)).as_json
     object    = record.respond_to?(:virtual_object) ? record.virtual_object : record
 
-    if (object.respond_to?(:sign?) && object.sign?) && signer && signing_enabled?
+    if (object.respond_to?(:sign?) && object.sign?) && signer && !signer.allow_anonymous?
       ActivityPub::LinkedDataSignature.new(payload).sign!(signer, sign_with: sign_with)
     else
       payload
     end
   end
-
-  def signing_enabled?
-    true
-  end
 end
diff --git a/app/services/fan_out_on_write_service.rb b/app/services/fan_out_on_write_service.rb
index 1fa8b2520..679ba8501 100644
--- a/app/services/fan_out_on_write_service.rb
+++ b/app/services/fan_out_on_write_service.rb
@@ -21,15 +21,12 @@ class FanOutOnWriteService < BaseService
       deliver_to_lists(status)
     end
 
-    return if status.account.silenced?
+    return if !status.public_visibility? || status.account.silenced?
     return if status.reblog? && !Setting.show_reblogs_in_public_timelines
 
-    if status.distributable?
-      render_anonymous_payload(status)
-      deliver_to_hashtags(status)
-    end
+    render_anonymous_payload(status)
+    deliver_to_hashtags(status)
 
-    return unless status.public_visibility?
     return if status.reply? && status.in_reply_to_account_id != status.account_id && !Setting.show_replies_in_public_timelines
 
     deliver_to_public(status)
diff --git a/app/services/process_hashtags_service.rb b/app/services/process_hashtags_service.rb
index 5ec5ea0c2..51c152164 100644
--- a/app/services/process_hashtags_service.rb
+++ b/app/services/process_hashtags_service.rb
@@ -13,10 +13,10 @@ class ProcessHashtagsService < BaseService
       status.tags << tag
       records << tag
 
-      TrendingTags.record_use!(tag, status.account, status.created_at) if status.distributable?
+      TrendingTags.record_use!(tag, status.account, status.created_at) if status.public_visibility?
     end
 
-    return unless status.distributable?
+    return unless status.public_visibility?
 
     status.account.featured_tags.where(tag_id: records.map(&:id)).each do |featured_tag|
       featured_tag.increment(status.created_at)
diff --git a/app/services/reblog_service.rb b/app/services/reblog_service.rb
index ef7468194..b694bc500 100644
--- a/app/services/reblog_service.rb
+++ b/app/services/reblog_service.rb
@@ -32,7 +32,7 @@ class ReblogService < BaseService
     curate!(reblogged_status) unless reblogged_status.curated? || !reblogged_status.published?
 
     DistributionWorker.perform_async(reblog.id)
-    ActivityPub::DistributionWorker.perform_async(reblog.id) unless reblogged_status.local_only?
+    ActivityPub::DistributionWorker.perform_async(reblog.id) unless reblogged_status.local_only? || reblogged_status.account.private?
 
     create_notification(reblog)
     bump_potential_friendship(account, reblog)
diff --git a/app/services/remove_hashtags_service.rb b/app/services/remove_hashtags_service.rb
index 6bf77a068..af2ba6f8c 100644
--- a/app/services/remove_hashtags_service.rb
+++ b/app/services/remove_hashtags_service.rb
@@ -8,7 +8,7 @@ class RemoveHashtagsService < BaseService
       featured_tag.decrement(status.id)
     end
 
-    if status.distributable?
+    if status.public_visibility?
       delete_payload = Oj.dump(event: :delete, payload: status.id.to_s)
       tags.pluck(:name).each do |hashtag|
         redis.publish("timeline:hashtag:#{hashtag.mb_chars.downcase}", delete_payload)
diff --git a/app/services/remove_status_service.rb b/app/services/remove_status_service.rb
index beb415f94..e6ecfbc56 100644
--- a/app/services/remove_status_service.rb
+++ b/app/services/remove_status_service.rb
@@ -144,7 +144,7 @@ class RemoveStatusService < BaseService
       featured_tag.decrement(@status.id)
     end
 
-    return unless @status.distributable?
+    return unless @status.public_visibility?
 
     @tags.each do |hashtag|
       redis.publish("timeline:hashtag:#{hashtag.mb_chars.downcase}", @payload)
@@ -153,7 +153,7 @@ class RemoveStatusService < BaseService
   end
 
   def remove_from_public
-    return unless @status.distributable?
+    return unless @status.public_visibility?
 
     redis.publish('timeline:public', @payload)
     redis.publish('timeline:public:local', @payload) if @status.local?
@@ -161,7 +161,7 @@ class RemoveStatusService < BaseService
   end
 
   def remove_from_media
-    return unless @status.distributable?
+    return unless @status.public_visibility?
 
     redis.publish('timeline:public:media', @payload)
     redis.publish('timeline:public:local:media', @payload) if @status.local?
diff --git a/app/services/revoke_status_service.rb b/app/services/revoke_status_service.rb
index f4762631c..d860ab278 100644
--- a/app/services/revoke_status_service.rb
+++ b/app/services/revoke_status_service.rb
@@ -62,7 +62,7 @@ class RevokeStatusService < BaseService
       featured_tag.decrement(@status.id)
     end
 
-    return unless @status.distributable?
+    return unless @status.public_visibility?
 
     @tags.each do |hashtag|
       redis.publish("timeline:hashtag:#{hashtag.mb_chars.downcase}", @payload)
@@ -71,7 +71,7 @@ class RevokeStatusService < BaseService
   end
 
   def remove_from_public
-    return if @status.distributable?
+    return if @status.public_visibility?
 
     redis.publish('timeline:public', @payload)
     redis.publish('timeline:public:local', @payload) if @status.local?
@@ -79,7 +79,7 @@ class RevokeStatusService < BaseService
   end
 
   def remove_from_media
-    return if @status.distributable?
+    return if @status.public_visibility?
 
     redis.publish('timeline:public:media', @payload)
     redis.publish('timeline:public:local:media', @payload) if @status.local?
diff --git a/app/views/settings/preferences/privacy/show.html.haml b/app/views/settings/preferences/privacy/show.html.haml
index 8f7199665..55d27844a 100644
--- a/app/views/settings/preferences/privacy/show.html.haml
+++ b/app/views/settings/preferences/privacy/show.html.haml
@@ -29,9 +29,6 @@
   .fields-group
     = f.input :setting_hide_network, as: :boolean, wrapper: :with_label
 
-  .fields-group
-    = f.input :setting_rss_disabled, as: :boolean, wrapper: :with_label
-
   - unless Setting.hide_followers_count
     .fields-group
       = f.input :setting_hide_followers_count, as: :boolean, wrapper: :with_label
diff --git a/app/views/settings/profiles/show.html.haml b/app/views/settings/profiles/show.html.haml
index ef2600169..8c6c4c933 100644
--- a/app/views/settings/profiles/show.html.haml
+++ b/app/views/settings/profiles/show.html.haml
@@ -46,8 +46,15 @@
   .fields-group
     = f.input :private, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.private')
 
+  %h4= t 'settings.profiles.compatibility'
+
+  %p.hint= t 'settings.profiles.compatibility_html'
+
+  .fields-group
+    = f.input :no_verify_auth, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.no_verify_auth_html')
+
   .fields-group
-    = f.input :require_auth, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.require_auth')
+    = f.input :allow_anonymous, as: :boolean, wrapper: :with_label, hint: t('simple_form.hints.defaults.allow_anonymous_html')
 
   %hr.spacer/
 
diff --git a/app/workers/activitypub/distribute_poll_update_worker.rb b/app/workers/activitypub/distribute_poll_update_worker.rb
index 601075ea6..ed5447341 100644
--- a/app/workers/activitypub/distribute_poll_update_worker.rb
+++ b/app/workers/activitypub/distribute_poll_update_worker.rb
@@ -24,7 +24,7 @@ class ActivityPub::DistributePollUpdateWorker
   private
 
   def relayable?
-    @status.public_visibility?
+    @status.public_visibility? && !@account.private?
   end
 
   def inboxes
diff --git a/app/workers/activitypub/distribution_worker.rb b/app/workers/activitypub/distribution_worker.rb
index a8365ce8d..4d7527b46 100644
--- a/app/workers/activitypub/distribution_worker.rb
+++ b/app/workers/activitypub/distribution_worker.rb
@@ -30,7 +30,7 @@ class ActivityPub::DistributionWorker
   end
 
   def relayable?
-    @status.public_visibility?
+    @status.public_visibility? && !@account.private?
   end
 
   def inboxes
author	Fire Demon <firedemon@creature.cafe>	2020-11-23 23:10:05 -0600
committer	Fire Demon <firedemon@creature.cafe>	2020-11-23 23:10:05 -0600
commit	65a9abb315f18ac777f3d0e09b3f7399830ad243 (patch)
tree	39712b50201749efad11dce09561d81f4bdcdb2f /app
parent	7f5ba917563aa1c9a373d9dd3a6a29f73d81ee9a (diff)