Don't show statuses to blocked users

pull/386/head
Eugen Rochko 2016-12-26 19:13:56 +01:00
parent 3282448878
commit 7376af90f7
4 changed files with 44 additions and 6 deletions

View File

@ -15,7 +15,37 @@
"sourceType": "module",
"ecmaFeatures": {
"jsx": true
},
"arrowFunctions": true,
"jsx": true,
"destructuring": true,
"modules": true,
"spread": true
}
},
"rules": {
"no-cond-assign": 2,
"no-console": 1,
"no-irregular-whitespace": 2,
"no-unreachable": 2,
"valid-typeof": 2,
"consistent-return": 2,
"dot-notation": 2,
"eqeqeq": 2,
"no-fallthrough": 2,
"no-unused-expressions": 2,
"strict": 0,
"no-catch-shadow": 2,
"indent": [1, 2],
"brace-style": 1,
"comma-spacing": [1, {"before": false, "after": true}],
"comma-style": [1, "last"],
"no-mixed-spaces-and-tabs": 1,
"no-nested-ternary": 1,
"no-trailing-spaces": 1,
"react/wrap-multilines": 2,
"react/self-closing-comp": 2,
"react/prop-types": 2,
"react/no-multi-comp": 0
}
}

View File

@ -31,7 +31,6 @@ class Status < ApplicationRecord
scope :remote, -> { where.not(uri: nil) }
scope :local, -> { where(uri: nil) }
scope :permitted_for, ->(target_account, account) { account&.id == target_account.id || account&.following?(target_account) ? where('1=1') : where.not(visibility: :private) }
cache_associated :account, :media_attachments, :tags, :stream_entry, mentions: :account, reblog: [:account, :stream_entry, :tags, :media_attachments, mentions: :account], thread: :account
@ -72,7 +71,7 @@ class Status < ApplicationRecord
end
def permitted?(other_account = nil)
private_visibility? ? (account.id == other_account&.id || other_account&.following?(account)) : true
private_visibility? ? (account.id == other_account&.id || other_account&.following?(account)) : other_account.nil? || !account.blocking?(other_account)
end
def ancestors(account = nil)
@ -145,6 +144,16 @@ class Status < ApplicationRecord
end
end
def permitted_for(target_account, account)
if account&.id == target_account.id || account&.following?(target_account)
where('1 = 1')
elsif !account.nil? && target_account.blocking?(account)
where('1 = 0')
else
where.not(visibility: :private)
end
end
private
def filter_timeline(query, account)

View File

@ -30,7 +30,7 @@ class ProcessInteractionService < BaseService
case verb(xml)
when :follow
follow!(account, target_account) unless target_account.locked?
follow!(account, target_account) unless target_account.locked? || target_account.blocking?(account)
when :unfollow
unfollow!(account, target_account)
when :favorite

View File

@ -7,7 +7,6 @@ RSpec.describe Api::V1::StatusesController, type: :controller do
let(:token) { double acceptable?: true, resource_owner_id: user.id }
before do
stub_request(:post, "https://pubsubhubbub.superfeedr.com/").to_return(:status => 200, :body => "", :headers => {})
allow(controller).to receive(:doorkeeper_token) { token }
end