From af9b9777af9601bb2de857e6e4fea0b07d699108 Mon Sep 17 00:00:00 2001
From: multiple creatures <dev@multiple-creature.party>
Date: Sun, 27 Oct 2019 14:02:05 -0500
Subject: add profile option to (locally) block anonymous views of public posts

---
 app/controllers/settings/profiles_controller.rb | 2 +-
 app/controllers/statuses_controller.rb          | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

(limited to 'app/controllers')

diff --git a/app/controllers/settings/profiles_controller.rb b/app/controllers/settings/profiles_controller.rb
index aa593a016..afd525cc0 100644
--- a/app/controllers/settings/profiles_controller.rb
+++ b/app/controllers/settings/profiles_controller.rb
@@ -25,7 +25,7 @@ class Settings::ProfilesController < Settings::BaseController
   private
 
   def account_params
-    params.require(:account).permit(:display_name, :note, :avatar, :header, :replies, :locked, :hidden, :unlisted, :gently, :kobold, :adult_content, :bot, :discoverable, fields_attributes: [:name, :value])
+    params.require(:account).permit(:display_name, :note, :avatar, :header, :replies, :locked, :hidden, :unlisted, :block_anon, :gently, :kobold, :adult_content, :bot, :discoverable, fields_attributes: [:name, :value])
   end
 
   def set_account
diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb
index bb6f0fd8c..d082d514d 100644
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@@ -201,6 +201,8 @@ class StatusesController < ApplicationController
 
     if @status.sharekey.present? && @sharekey == @status.sharekey
       skip_authorization
+    elsif @account.block_anon && !user_signed_in?
+      raise ActiveRecord::RecordNotFound
     else
       authorize @status, :show?
     end
-- 
cgit