From 2d2154ba75279186b064c887452b7d6ee70b8ba2 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Thu, 22 Dec 2016 21:34:19 +0100
Subject: Add "locked" flag to accounts, prevent blocked users from following,
 force-unfollow blocked users

---
 app/controllers/api_controller.rb | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'app/controllers/api_controller.rb')

diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index d2d3bc4a4..8f1c8ac8a 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -30,6 +30,10 @@ class ApiController < ApplicationController
     render json: { error: 'Remote SSL certificate could not be verified' }, status: 503
   end
 
+  rescue_from Mastodon::NotPermitted do
+    render json: { error: 'This action is not allowed' }, status: 403
+  end
+
   def doorkeeper_unauthorized_render_options(error: nil)
     { json: { error: (error.try(:description) || 'Not authorized') } }
   end
-- 
cgit