diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/activitypub/outboxes_controller.rb | 9 | ||||
-rw-r--r-- | app/controllers/activitypub/replies_controller.rb | 7 | ||||
-rw-r--r-- | app/controllers/api/v1/statuses/pins_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/tags_controller.rb | 10 | ||||
-rw-r--r-- | app/models/status.rb | 7 |
5 files changed, 29 insertions, 6 deletions
diff --git a/app/controllers/activitypub/outboxes_controller.rb b/app/controllers/activitypub/outboxes_controller.rb index ec123dc5b..60f1c526b 100644 --- a/app/controllers/activitypub/outboxes_controller.rb +++ b/app/controllers/activitypub/outboxes_controller.rb @@ -49,7 +49,12 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController def set_statuses return unless page_requested? - @statuses = @account.statuses.permitted_for(@account, signed_request_account, user_signed_in: known_visitor?) + @statuses = if known_visitor? + @account.statuses.without_semiprivate.permitted_for(@account, signed_request_account) + else + @account.statuses.permitted_for(@account, signed_request_account, user_signed_in: true) + end + @statuses = @statuses.paginate_by_id(LIMIT, params_slice(:max_id, :min_id, :since_id)) @statuses = cache_collection(@statuses, Status) end @@ -63,6 +68,6 @@ class ActivityPub::OutboxesController < ActivityPub::BaseController end def known_visitor? - user_signed_in? || (signed_request_account.present? && signed_request_account.following?(@account)) + @known_visitor ||= user_signed_in? || (signed_request_account.present? && signed_request_account.following?(@account)) end end diff --git a/app/controllers/activitypub/replies_controller.rb b/app/controllers/activitypub/replies_controller.rb index 43bf4e657..cec571e8a 100644 --- a/app/controllers/activitypub/replies_controller.rb +++ b/app/controllers/activitypub/replies_controller.rb @@ -14,7 +14,7 @@ class ActivityPub::RepliesController < ActivityPub::BaseController def index expires_in 0, public: public_fetch_mode? - render json: replies_collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json', skip_activities: true + render json: replies_collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json', skip_activities: true, target_domain: signed_request_account&.domain end private @@ -33,6 +33,7 @@ class ActivityPub::RepliesController < ActivityPub::BaseController def set_replies @replies = only_other_accounts? ? Status.where.not(account_id: @account.id) : @account.statuses @replies = @replies.where(in_reply_to_id: @status.id, visibility: [:public, :unlisted]) + @replies = @replies.without_semiprivate unless known_visitor? @replies = @replies.paginate_by_min_id(DESCENDANTS_LIMIT, params[:min_id]) end @@ -77,4 +78,8 @@ class ActivityPub::RepliesController < ActivityPub::BaseController def page_params params_slice(:only_other_accounts, :min_id).merge(page: true) end + + def known_visitor? + @known_visitor ||= user_signed_in? || (signed_request_account.present? && signed_request_account.following?(@account)) + end end diff --git a/app/controllers/api/v1/statuses/pins_controller.rb b/app/controllers/api/v1/statuses/pins_controller.rb index 51b1621b6..187b6145c 100644 --- a/app/controllers/api/v1/statuses/pins_controller.rb +++ b/app/controllers/api/v1/statuses/pins_controller.rb @@ -9,7 +9,7 @@ class Api::V1::Statuses::PinsController < Api::BaseController def create StatusPin.create!(account: current_account, status: @status) - distribute_add_activity! + distribute_add_activity! unless @status.semiprivate? render json: @status, serializer: REST::StatusSerializer end diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb index 0b8ac7c6d..9cba38771 100644 --- a/app/controllers/tags_controller.rb +++ b/app/controllers/tags_controller.rb @@ -37,10 +37,12 @@ class TagsController < ApplicationController format.json do expires_in 3.minutes, public: public_fetch_mode? - @statuses = HashtagQueryService.new.call(@tag, filter_params, current_account, @local).paginate_by_max_id(PAGE_SIZE, params[:max_id]) + @statuses = HashtagQueryService.new.call(@tag, filter_params, current_account, @local) + @statuses = @statuses.without_semiprivate unless known_visitor? + @statuses = @statuses.paginate_by_max_id(PAGE_SIZE, params[:max_id]) @statuses = cache_collection(@statuses, Status) - render json: collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json' + render json: collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json', target_domain: signed_request_account&.domain end end end @@ -75,4 +77,8 @@ class TagsController < ApplicationController def filter_params params.slice(:any, :all, :none).permit(:any, :all, :none) end + + def known_visitor? + @known_visitor ||= user_signed_in? || (signed_request_account.present? && signed_request_account.following?(@account)) + end end diff --git a/app/models/status.rb b/app/models/status.rb index 4806f81f4..8bb830c9d 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -29,6 +29,7 @@ # nest_level :integer default(0), not null # published :boolean default(TRUE), not null # title :text +# semiprivate :boolean default(FALSE), not null # # rubocop:disable Metrics/ClassLength @@ -126,6 +127,7 @@ class Status < ApplicationRecord scope :including_unpublished, -> { unscope(where: :published) } scope :unpublished, -> { rewhere(published: false) } scope :published, -> { where(published: true) } + scope :without_semiprivate, -> { where(semiprivate: false) } scope :not_hidden_by_account, ->(account) do left_outer_joins(:mutes, :conversation_mute).where('(status_mutes.account_id IS NULL OR status_mutes.account_id != ?) AND (conversation_mutes.account_id IS NULL OR (conversation_mutes.account_id != ? AND conversation_mutes.hidden = TRUE))', account.id, account.id) @@ -314,6 +316,7 @@ class Status < ApplicationRecord before_validation :set_reblog before_validation :set_conversation_perms before_validation :set_local + before_validation :set_semiprivate, if: :local? after_create :set_poll_id @@ -607,6 +610,10 @@ class Status < ApplicationRecord end end + def set_semiprivate + self.semiprivate = domain_permissions.exists? || account.followers.where(domain: account.domain_permissions.select(:domain)).exists? + end + def update_statistics return unless distributable? |