Fix double render error when authorizing interaction (#18203)

This commit is contained in:
Eugen Rochko 2022-05-01 00:56:34 +02:00 committed by GitHub
parent 6e4d932da5
commit 33f3818d66
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 4 deletions

View file

@ -13,7 +13,7 @@ class AuthorizeInteractionsController < ApplicationController
if @resource.is_a?(Account) if @resource.is_a?(Account)
render :show render :show
elsif @resource.is_a?(Status) elsif @resource.is_a?(Status)
redirect_to web_url("statuses/#{@resource.id}") redirect_to web_url("@#{@resource.account.pretty_acct}/#{@resource.id}")
else else
render :error render :error
end end
@ -25,15 +25,17 @@ class AuthorizeInteractionsController < ApplicationController
else else
render :error render :error
end end
rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError rescue ActiveRecord::RecordNotFound
render :error render :error
end end
private private
def set_resource def set_resource
@resource = located_resource || render(:error) @resource = located_resource
authorize(@resource, :show?) if @resource.is_a?(Status) authorize(@resource, :show?) if @resource.is_a?(Status)
rescue Mastodon::NotPermittedError
not_found
end end
def located_resource def located_resource

View file

@ -21,7 +21,10 @@ class FollowingAccountsController < ApplicationController
end end
format.json do format.json do
raise Mastodon::NotPermittedError if page_requested? && @account.hide_collections? if page_requested? && @account.hide_collections?
forbidden
next
end
expires_in(page_requested? ? 0 : 3.minutes, public: public_fetch_mode?) expires_in(page_requested? ? 0 : 3.minutes, public: public_fetch_mode?)