From 3f79c75942de0098d582916af3d12f506394d97d Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Tue, 21 Jul 2020 14:53:41 -0500
Subject: [Privacy] Limit visibility of replies to private threads and branches

---
 app/policies/status_policy.rb | 27 +++++++++++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

(limited to 'app/policies')

diff --git a/app/policies/status_policy.rb b/app/policies/status_policy.rb
index 9c98b0688..22e985b03 100644
--- a/app/policies/status_policy.rb
+++ b/app/policies/status_policy.rb
@@ -18,9 +18,9 @@ class StatusPolicy < ApplicationPolicy
     if requires_mention?
       owned? || mention_exists?
     elsif private?
-      owned? || following_author? || mention_exists?
+      owned? || (following_author? && following_parent_author?) || mention_exists?
     else
-      current_account.nil? || (!author_blocking? && !author_blocking_domain?)
+      current_account.nil? || !(author_blocking? || parent_author_blocking? || author_blocking_domain? || parent_author_blocking_domain?)
     end
   end
 
@@ -72,6 +72,12 @@ class StatusPolicy < ApplicationPolicy
     author.domain_blocking?(current_account.domain)
   end
 
+  def parent_author_blocking_domain?
+    return false if current_account.nil? || current_account.domain.nil? || parent_author.nil?
+
+    parent_author.domain_blocking?(current_account.domain)
+  end
+
   def blocking_author?
     return false if current_account.nil?
 
@@ -84,15 +90,32 @@ class StatusPolicy < ApplicationPolicy
     @preloaded_relations[:blocked_by] ? @preloaded_relations[:blocked_by][author.id] : author.blocking?(current_account)
   end
 
+  def parent_author_blocking?
+    return false if current_account.nil? || parent_author.nil?
+
+    @preloaded_relations[:blocked_by] ? @preloaded_relations[:blocked_by][parent_author.id] : parent_author.blocking?(current_account)
+  end
+
   def following_author?
     return false if current_account.nil?
 
     @preloaded_relations[:following] ? @preloaded_relations[:following][author.id] : current_account.following?(author)
   end
 
+  def following_parent_author?
+    return false if current_account.nil?
+    return true if parent_author.nil?
+
+    @preloaded_relations[:following] ? @preloaded_relations[:following][parent_author.id] : current_account.following?(parent_author)
+  end
+
   def author
     record.account
   end
+
+  def parent_author
+    record.in_reply_to_account
+  end
   
   def local_only?
     record.local_only?
-- 
cgit