diff options
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/account_domain_permission_policy.rb | 17 | ||||
-rw-r--r-- | app/policies/custom_emoji_policy.rb | 36 | ||||
-rw-r--r-- | app/policies/status_policy.rb | 27 |
3 files changed, 67 insertions, 13 deletions
diff --git a/app/policies/account_domain_permission_policy.rb b/app/policies/account_domain_permission_policy.rb new file mode 100644 index 000000000..b50857f9f --- /dev/null +++ b/app/policies/account_domain_permission_policy.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class AccountDomainPermissionPolicy < ApplicationPolicy + def update? + owned? + end + + def destroy? + owned? + end + + private + + def owned? + record.account_id == current_account&.id + end +end diff --git a/app/policies/custom_emoji_policy.rb b/app/policies/custom_emoji_policy.rb index a8c3cbc73..7e585a3d6 100644 --- a/app/policies/custom_emoji_policy.rb +++ b/app/policies/custom_emoji_policy.rb @@ -2,30 +2,52 @@ class CustomEmojiPolicy < ApplicationPolicy def index? - staff? + user_signed_in? end def create? - admin? + user_signed_in? end def update? - admin? + user_signed_in? && owned? end def copy? - admin? + staff? || (user_signed_in? && new_or_owned?) end def enable? - staff? + user_signed_in? && owned? end def disable? - staff? + user_signed_in? && owned? end def destroy? - admin? + user_signed_in? && owned? + end + + def claim? + staff? || claimable? + end + + def unclaim? + user_signed_in? && owned? + end + + private + + def owned? + staff? || (current_account.present? && record.account_id == current_account.id) + end + + def new_or_owned? + !CustomEmoji.where(domain: nil, shortcode: record.shortcode).where('account_id IS NULL OR account_id != ?', current_account.id).exists? + end + + def claimable? + record.local? ? record.account_id.blank? || record.account_id == current_account.id : new_or_owned? end end diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb index d0359580d..c16ec29ed 100644 --- a/app/policies/status_policy.rb +++ b/app/policies/status_policy.rb @@ -13,19 +13,22 @@ class StatusPolicy < ApplicationPolicy def show? return false if author.suspended? - return false if local_only? && (current_account.nil? || !current_account.local?) + return false if local_only? && !current_account&.local? + return false unless published? || owned? if requires_mention? owned? || mention_exists? + elsif author.private? && public? + !(author_blocking? || author_blocking_domain?) elsif private? owned? || following_author? || mention_exists? else - current_account.nil? || (!author_blocking? && !author_blocking_domain?) + current_account.nil? || !(author_blocking? || author_blocking_domain?) end end def reblog? - !requires_mention? && (!private? || owned?) && show? && !blocking_author? + published? && !requires_mention? && (!private? || owned?) && show? && !blocking_author? end def favourite? @@ -45,7 +48,7 @@ class StatusPolicy < ApplicationPolicy private def requires_mention? - record.direct_visibility? || record.limited_visibility? + %w(direct limited).include?(visibility_for_remote_domain) end def owned? @@ -53,7 +56,7 @@ class StatusPolicy < ApplicationPolicy end def private? - record.private_visibility? + visibility_for_remote_domain == 'private' end def mention_exists? @@ -93,8 +96,20 @@ class StatusPolicy < ApplicationPolicy def author record.account end - + def local_only? record.local_only? end + + def published? + record.published? + end + + def public? + record.public_visibility? || record.unlisted_visibility? + end + + def visibility_for_remote_domain + @visibility_for_domain ||= record.visibility_for_domain(current_account&.domain) + end end |