Extend AUTHORIZED_FETCH mode to user blocks as well (#11332)

* Extend AUTHORIZED_FETCH mode to user blocks as well

* Move decision to deny access to StatusPolicy
master
ThibG 5 years ago committed by Eugen Rochko
parent 15ddabf95a
commit 5599caef49
  1. 8
      app/policies/status_policy.rb

@ -17,7 +17,7 @@ class StatusPolicy < ApplicationPolicy
elsif private? elsif private?
owned? || following_author? || mention_exists? owned? || following_author? || mention_exists?
else else
current_account.nil? || !author_blocking? current_account.nil? || (!author_blocking? && !author_blocking_domain?)
end end
end end
@ -63,6 +63,12 @@ class StatusPolicy < ApplicationPolicy
end end
end end
def author_blocking_domain?
return false if current_account.nil? || current_account.domain.nil?
author.blocking_domain?(current_account.domain)
end
def blocking_author? def blocking_author?
return false if current_account.nil? return false if current_account.nil?

Loading…
Cancel
Save