From 74bb8ffdfd368e518ef18dcb1bdb56121c0d4cc4 Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Tue, 24 Nov 2020 12:33:24 -0600
Subject: Add missing sensitization checks

---
 app/lib/activitypub/activity/create.rb | 6 +++---
 app/models/status.rb                   | 2 +-
 app/services/update_status_service.rb  | 1 +
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb
index 3053b1bb3..c9bb1b2f7 100644
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@@ -151,7 +151,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
         language: detected_language,
         spoiler_text: converted_object_type? ? '' : (text_from_summary || ''),
         title: text_from_title,
-        sensitive: @object['sensitive'] || false,
+        sensitive: @account.sensitized? || @object['sensitive'] || false,
         visibility: visibility_from_audience,
         expires_at: @object['expires'],
         media_attachment_ids: process_attachments.take(4).map(&:id),
@@ -173,7 +173,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
         created_at: @object['published'],
         override_timestamps: @options[:override_timestamps],
         reply: @object['inReplyTo'].present?,
-        sensitive: @object['sensitive'] || false,
+        sensitive: @account.sensitized? || @object['sensitive'] || false,
         visibility: visibility_from_audience,
         thread: replied_to_status,
       }
@@ -187,7 +187,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
         language: detected_language,
         spoiler_text: converted_object_type? ? '' : (text_from_summary || ''),
         title: text_from_title,
-        sensitive: @object['sensitive'] || false,
+        sensitive: @account.sensitized? || @object['sensitive'] || false,
         visibility: visibility_from_audience,
       }
     end
diff --git a/app/models/status.rb b/app/models/status.rb
index f20e7710d..67b975813 100644
--- a/app/models/status.rb
+++ b/app/models/status.rb
@@ -655,7 +655,7 @@ class Status < ApplicationRecord
     self.visibility = reblog.visibility if reblog? && visibility.nil?
     self.visibility = (account.locked? ? :private : :public) if visibility.nil?
     self.visibility = thread.visibility if should_limit_visibility?
-    self.sensitive  = false if sensitive.nil?
+    self.sensitive  = account.sensitized? if sensitive.nil?
 
     if reply? && !thread.nil?
       self.in_reply_to_account_id = carried_over_reply_to_account_id
diff --git a/app/services/update_status_service.rb b/app/services/update_status_service.rb
index cedd534ea..1765f95cc 100644
--- a/app/services/update_status_service.rb
+++ b/app/services/update_status_service.rb
@@ -41,6 +41,7 @@ class UpdateStatusService < BaseService
     @params[:published]     = true if @status.published?
     @params[:edited]      ||= 1 + @status.edited if @params[:published].presence || @status.published?
     @params[:expires_at]  ||= Time.now.utc + (@status.expires_at - @status.created_at) if @status.expires_at.present?
+    @params[:sensitive]     = true if @account.sensitized?
 
     @params[:originally_local_only] = @params[:local_only] unless @status.published?
 
-- 
cgit