diff options
Diffstat (limited to 'app/controllers/api/v1/statuses')
-rw-r--r-- | app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb | 1 | ||||
-rw-r--r-- | app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb index 8229786d6..45dc212bb 100644 --- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb +++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb @@ -66,6 +66,7 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController def set_status @status = Status.find(params[:status_id]) authorize @status, :show? + authorize @status.reblog, :show? if @status.reblog? rescue Mastodon::NotPermittedError not_found end diff --git a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb index 6c9e49d90..cc8c75ea0 100644 --- a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb +++ b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb @@ -63,6 +63,7 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController def set_status @status = Status.find(params[:status_id]) authorize @status, :show? + authorize @status.reblog, :show? if @status.reblog? rescue Mastodon::NotPermittedError not_found end |