From 78d33622a5b53a983e8d37777e8e56b9e3f3c29c Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Thu, 16 Jul 2020 15:07:20 -0500
Subject: [Privacy] Federate references to objects than embedding them so that
 their permissions can be enforced on request

---
 app/presenters/activitypub/activity_presenter.rb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'app/presenters/activitypub/activity_presenter.rb')

diff --git a/app/presenters/activitypub/activity_presenter.rb b/app/presenters/activitypub/activity_presenter.rb
index 41ce01474..471071efc 100644
--- a/app/presenters/activitypub/activity_presenter.rb
+++ b/app/presenters/activitypub/activity_presenter.rb
@@ -4,7 +4,7 @@ class ActivityPub::ActivityPresenter < ActiveModelSerializers::Model
   attributes :id, :type, :actor, :published, :to, :cc, :virtual_object
 
   class << self
-    def from_status(status, update: false)
+    def from_status(status, update: false, embed: true)
       new.tap do |presenter|
         default_activity    = update && status.edited.positive? ? 'Update' : 'Create'
         presenter.id        = ActivityPub::TagManager.instance.activity_uri_for(status)
@@ -14,6 +14,11 @@ class ActivityPub::ActivityPresenter < ActiveModelSerializers::Model
         presenter.to        = ActivityPub::TagManager.instance.to(status)
         presenter.cc        = ActivityPub::TagManager.instance.cc(status)
 
+        unless embed
+          presenter.virtual_object = ActivityPub::TagManager.instance.uri_for(status.proper)
+          next
+        end
+
         presenter.virtual_object = begin
           if status.reblog?
             if status.account == status.proper.account && status.proper.private_visibility? && status.local?
-- 
cgit