From aa9d09215480d2376d6425b8518092dd4644f5ae Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Tue, 28 Jul 2020 10:03:00 -0500
Subject: [Privacy] Add support for matching unmatched domains with * glob in
 per-domain permissions

---
 app/lib/command_tag/commands/account_tools.rb | 4 ++--
 app/lib/command_tag/commands/status_tools.rb  | 4 ++--
 app/models/account.rb                         | 3 ++-
 app/models/account_domain_permission.rb       | 2 ++
 app/models/status.rb                          | 4 +++-
 app/models/status_domain_permission.rb        | 2 ++
 6 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/app/lib/command_tag/commands/account_tools.rb b/app/lib/command_tag/commands/account_tools.rb
index 3d9fb6d4e..dd7fd0229 100644
--- a/app/lib/command_tag/commands/account_tools.rb
+++ b/app/lib/command_tag/commands/account_tools.rb
@@ -24,11 +24,11 @@ module CommandTag::Commands::AccountTools
       if args[2].blank?
         @account.user.settings.default_privacy = args[1]
       elsif args[1] == 'public'
-        domains = args[2..-1].map { |domain| normalize_domain(domain) }.uniq.compact
+        domains = args[2..-1].map { |domain| normalize_domain(domain) unless domain == '*' }.uniq.compact
         @account.domain_permissions.where(domain: domains).destroy_all if domains.present?
       else
         args[2..-1].flat_map(&:split).uniq.each do |domain|
-          domain = normalize_domain(domain)
+          domain = normalize_domain(domain) unless domain == '*'
           @account.domain_permissions.create_or_update(domain: domain, visibility: args[1]) if domain.present?
         end
       end
diff --git a/app/lib/command_tag/commands/status_tools.rb b/app/lib/command_tag/commands/status_tools.rb
index 23bdcbfc3..7eaeddbea 100644
--- a/app/lib/command_tag/commands/status_tools.rb
+++ b/app/lib/command_tag/commands/status_tools.rb
@@ -15,11 +15,11 @@ module CommandTag::Commands::StatusTools
     if args[1].blank?
       @status.visibility = args[0].to_sym
     elsif args[0] == @status.visibility.to_s
-      domains = args[1..-1].map { |domain| normalize_domain(domain) }.uniq.compact
+      domains = args[1..-1].map { |domain| normalize_domain(domain) unless domain == '*' }.uniq.compact
       @status.domain_permissions.where(domain: domains).destroy_all if domains.present?
     else
       args[1..-1].flat_map(&:split).uniq.each do |domain|
-        domain = normalize_domain(domain)
+        domain = normalize_domain(domain) unless domain == '*'
         @status.domain_permissions.create_or_update(domain: domain, visibility: args[0]) if domain.present?
       end
     end
diff --git a/app/models/account.rb b/app/models/account.rb
index f7de58776..860f93f03 100644
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -363,11 +363,12 @@ class Account < ApplicationRecord
   def max_visibility_for_domain(domain)
     return 'public' if domain.blank?
 
-    domain_permissions.find_by(domain: domain)&.visibility || 'public'
+    domain_permissions.find_by(domain: [domain, '*'])&.visibility || 'public'
   end
 
   def visibility_for_domain(domain)
     v = visibility.to_s
+    return v if domain.blank?
 
     case max_visibility_for_domain(domain)
     when 'public'
diff --git a/app/models/account_domain_permission.rb b/app/models/account_domain_permission.rb
index ffa9cbbec..8048c2d4a 100644
--- a/app/models/account_domain_permission.rb
+++ b/app/models/account_domain_permission.rb
@@ -15,6 +15,8 @@ class AccountDomainPermission < ApplicationRecord
   belongs_to :account, inverse_of: :domain_permissions
   enum visibility: [:public, :unlisted, :private, :direct, :limited], _suffix: :visibility
 
+  default_scope { order(domain: :desc) }
+
   class << self
     def create_by_domains(permissions_list)
       Array(permissions_list).map(&method(:normalize)).map do |permissions|
diff --git a/app/models/status.rb b/app/models/status.rb
index edddffcc6..33e566737 100644
--- a/app/models/status.rb
+++ b/app/models/status.rb
@@ -305,7 +305,9 @@ class Status < ApplicationRecord
   end
 
   def visibility_for_domain(domain)
-    v = domain_permissions.find_by(domain: domain)&.visibility || visibility.to_s
+    return visibility.to_s if domain.blank?
+
+    v = domain_permissions.find_by(domain: [domain, '*'])&.visibility || visibility.to_s
 
     case max_visibility_for_domain(domain)
     when 'public'
diff --git a/app/models/status_domain_permission.rb b/app/models/status_domain_permission.rb
index f9e5dc55e..ad38dbd52 100644
--- a/app/models/status_domain_permission.rb
+++ b/app/models/status_domain_permission.rb
@@ -15,6 +15,8 @@ class StatusDomainPermission < ApplicationRecord
   belongs_to :status, inverse_of: :domain_permissions
   enum visibility: [:public, :unlisted, :private, :direct, :limited], _suffix: :visibility
 
+  default_scope { order(domain: :desc) }
+
   class << self
     def create_by_domains(permissions_list)
       Array(permissions_list).map(&method(:normalize)).map do |permissions|
-- 
cgit