From 05b13c38b54b7d29ea4368999100c27cb7deb29e Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Thu, 22 Dec 2016 23:17:57 +0100
Subject: Re-enable Webfinger for locked accounts but don't handle "follow"
 events coming in via Salmon.

Currently no way to prevent remote follows, but they will only receive public
and unlisted posts
---
 app/controllers/xrd_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/controllers/xrd_controller.rb')

diff --git a/app/controllers/xrd_controller.rb b/app/controllers/xrd_controller.rb
index c3c38063c..9e0277860 100644
--- a/app/controllers/xrd_controller.rb
+++ b/app/controllers/xrd_controller.rb
@@ -13,7 +13,7 @@ class XrdController < ApplicationController
   end
 
   def webfinger
-    @account = Account.where(locked: false).find_local!(username_from_resource)
+    @account = Account.find_local!(username_from_resource)
     @canonical_account_uri = "acct:#{@account.username}@#{Rails.configuration.x.local_domain}"
     @magic_key = pem_to_magic_key(@account.keypair.public_key)
 
-- 
cgit