diff options
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/account_domain_permission_policy.rb | 17 | ||||
-rw-r--r-- | app/policies/custom_emoji_policy.rb | 36 | ||||
-rw-r--r-- | app/policies/status_policy.rb | 19 |
3 files changed, 60 insertions, 12 deletions
diff --git a/app/policies/account_domain_permission_policy.rb b/app/policies/account_domain_permission_policy.rb new file mode 100644 index 000000000..b50857f9f --- /dev/null +++ b/app/policies/account_domain_permission_policy.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class AccountDomainPermissionPolicy < ApplicationPolicy + def update? + owned? + end + + def destroy? + owned? + end + + private + + def owned? + record.account_id == current_account&.id + end +end diff --git a/app/policies/custom_emoji_policy.rb b/app/policies/custom_emoji_policy.rb index a8c3cbc73..7e585a3d6 100644 --- a/app/policies/custom_emoji_policy.rb +++ b/app/policies/custom_emoji_policy.rb @@ -2,30 +2,52 @@ class CustomEmojiPolicy < ApplicationPolicy def index? - staff? + user_signed_in? end def create? - admin? + user_signed_in? end def update? - admin? + user_signed_in? && owned? end def copy? - admin? + staff? || (user_signed_in? && new_or_owned?) end def enable? - staff? + user_signed_in? && owned? end def disable? - staff? + user_signed_in? && owned? end def destroy? - admin? + user_signed_in? && owned? + end + + def claim? + staff? || claimable? + end + + def unclaim? + user_signed_in? && owned? + end + + private + + def owned? + staff? || (current_account.present? && record.account_id == current_account.id) + end + + def new_or_owned? + !CustomEmoji.where(domain: nil, shortcode: record.shortcode).where('account_id IS NULL OR account_id != ?', current_account.id).exists? + end + + def claimable? + record.local? ? record.account_id.blank? || record.account_id == current_account.id : new_or_owned? end end diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb index d0359580d..56c217cec 100644 --- a/app/policies/status_policy.rb +++ b/app/policies/status_policy.rb @@ -13,7 +13,8 @@ class StatusPolicy < ApplicationPolicy def show? return false if author.suspended? - return false if local_only? && (current_account.nil? || !current_account.local?) + return false if local_only? && !current_account&.local? + return false unless published? || owned? if requires_mention? owned? || mention_exists? @@ -25,7 +26,7 @@ class StatusPolicy < ApplicationPolicy end def reblog? - !requires_mention? && (!private? || owned?) && show? && !blocking_author? + published? && !requires_mention? && (!private? || owned?) && show? && !blocking_author? end def favourite? @@ -45,7 +46,7 @@ class StatusPolicy < ApplicationPolicy private def requires_mention? - record.direct_visibility? || record.limited_visibility? + %w(direct limited).include?(visibility_for_remote_domain) end def owned? @@ -53,7 +54,7 @@ class StatusPolicy < ApplicationPolicy end def private? - record.private_visibility? + visibility_for_remote_domain == 'private' end def mention_exists? @@ -79,7 +80,7 @@ class StatusPolicy < ApplicationPolicy end def author_blocking? - return false if current_account.nil? + return author.require_auth? if current_account.nil? @preloaded_relations[:blocked_by] ? @preloaded_relations[:blocked_by][author.id] : author.blocking?(current_account) end @@ -97,4 +98,12 @@ class StatusPolicy < ApplicationPolicy def local_only? record.local_only? end + + def published? + record.published? + end + + def visibility_for_remote_domain + @visibility_for_domain ||= record.visibility_for_domain(current_account&.domain) + end end |