From 8b1c0b1e87773aefde810da98bd5dd84274e42b1 Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Thu, 6 Aug 2020 21:29:58 -0500
Subject: [Federation] Allow users to access ActivityPub representation of
 their own account without a signature

---
 app/controllers/accounts_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index ebc472087..e26b6395f 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -156,7 +156,7 @@ class AccountsController < ApplicationController
   end
 
   def restrict_fields_to
-    if signed_request_account.present? && !blocked?
+    if current_account&.id == @account.id || (signed_request_account.present? && !blocked?)
       # Return all fields
     else
       %i(id type preferred_username inbox public_key endpoints)
-- 
cgit