From 3a2003ba863252f305fb32098bcd3f095b10e2ff Mon Sep 17 00:00:00 2001
From: Jack Jennings <jack@standard-library.com>
Date: Mon, 29 May 2017 09:22:22 -0700
Subject: Extract authorization policy for viewing statuses (#3150)

---
 app/policies/status_policy.rb | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 app/policies/status_policy.rb

(limited to 'app/policies')

diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb
new file mode 100644
index 000000000..658ba6d12
--- /dev/null
+++ b/app/policies/status_policy.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+class StatusPolicy
+  attr_reader :account, :status
+
+  def initialize(account, status)
+    @account = account
+    @status = status
+  end
+
+  def show?
+    if status.direct_visibility?
+      status.account.id == account&.id || status.mentions.where(account: account).exists?
+    elsif status.private_visibility?
+      status.account.id == account&.id || account&.following?(status.account) || status.mentions.where(account: account).exists?
+    else
+      account.nil? || !status.account.blocking?(account)
+    end
+  end
+end
-- 
cgit