about summary refs log tree commit diff
path: root/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/remote_interaction_controller.rb2
-rw-r--r--app/controllers/statuses_controller.rb4
2 files changed, 2 insertions, 4 deletions
diff --git a/app/controllers/remote_interaction_controller.rb b/app/controllers/remote_interaction_controller.rb
index aa8f73ac8..7ecf95400 100644
--- a/app/controllers/remote_interaction_controller.rb
+++ b/app/controllers/remote_interaction_controller.rb
@@ -49,7 +49,7 @@ class RemoteInteractionController < ApplicationController
     @status = Status.find(params[:id])
     @sharekey = params[:key]
 
-    if @status.sharekey.present? && @sharekey == @status.sharekey
+    if @status.sharekey.present? && @sharekey == @status.sharekey.key
       skip_authorization
     else
       authorize @status, :show?
diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb
index eeece1785..f8e81864c 100644
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@@ -185,7 +185,7 @@ class StatusesController < ApplicationController
     @type         = @stream_entry.activity_type.downcase
     @sharekey     = params[:key]
 
-    if @status.sharekey.present? && @sharekey == @status.sharekey
+    if @status.sharekey.present? && @sharekey == @status.sharekey.key
       skip_authorization
     elsif @account.block_anon && !user_signed_in?
       raise ActiveRecord::RecordNotFound
@@ -203,11 +203,9 @@ class StatusesController < ApplicationController
     case params[:rekey]
     when '1'
       @status.sharekey = SecureRandom.urlsafe_base64(32)
-      @status.save
       Rails.cache.delete("statuses/#{@status.id}")
     when '0'
       @status.sharekey = nil
-      @status.save
       Rails.cache.delete("statuses/#{@status.id}")
     end
   end
generated by cgit-pink (git 2.37.1) at 2024-11-22 15:22:05 +0000