From 7376af90f79b1de0c4cdd294f3f4d1481eedf0d7 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Mon, 26 Dec 2016 19:13:56 +0100 Subject: [PATCH] Don't show statuses to blocked users --- .eslintrc | 34 +++++++++++++++++-- app/models/status.rb | 13 +++++-- app/services/process_interaction_service.rb | 2 +- .../api/v1/statuses_controller_spec.rb | 1 - 4 files changed, 44 insertions(+), 6 deletions(-) diff --git a/.eslintrc b/.eslintrc index 10bf70546..f91385cec 100644 --- a/.eslintrc +++ b/.eslintrc @@ -15,7 +15,37 @@ "sourceType": "module", "ecmaFeatures": { - "jsx": true - }, + "arrowFunctions": true, + "jsx": true, + "destructuring": true, + "modules": true, + "spread": true + } }, + + "rules": { + "no-cond-assign": 2, + "no-console": 1, + "no-irregular-whitespace": 2, + "no-unreachable": 2, + "valid-typeof": 2, + "consistent-return": 2, + "dot-notation": 2, + "eqeqeq": 2, + "no-fallthrough": 2, + "no-unused-expressions": 2, + "strict": 0, + "no-catch-shadow": 2, + "indent": [1, 2], + "brace-style": 1, + "comma-spacing": [1, {"before": false, "after": true}], + "comma-style": [1, "last"], + "no-mixed-spaces-and-tabs": 1, + "no-nested-ternary": 1, + "no-trailing-spaces": 1, + "react/wrap-multilines": 2, + "react/self-closing-comp": 2, + "react/prop-types": 2, + "react/no-multi-comp": 0 + } } diff --git a/app/models/status.rb b/app/models/status.rb index dc7fc60d7..1720d754a 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -31,7 +31,6 @@ class Status < ApplicationRecord scope :remote, -> { where.not(uri: nil) } scope :local, -> { where(uri: nil) } - scope :permitted_for, ->(target_account, account) { account&.id == target_account.id || account&.following?(target_account) ? where('1=1') : where.not(visibility: :private) } cache_associated :account, :media_attachments, :tags, :stream_entry, mentions: :account, reblog: [:account, :stream_entry, :tags, :media_attachments, mentions: :account], thread: :account @@ -72,7 +71,7 @@ class Status < ApplicationRecord end def permitted?(other_account = nil) - private_visibility? ? (account.id == other_account&.id || other_account&.following?(account)) : true + private_visibility? ? (account.id == other_account&.id || other_account&.following?(account)) : other_account.nil? || !account.blocking?(other_account) end def ancestors(account = nil) @@ -145,6 +144,16 @@ class Status < ApplicationRecord end end + def permitted_for(target_account, account) + if account&.id == target_account.id || account&.following?(target_account) + where('1 = 1') + elsif !account.nil? && target_account.blocking?(account) + where('1 = 0') + else + where.not(visibility: :private) + end + end + private def filter_timeline(query, account) diff --git a/app/services/process_interaction_service.rb b/app/services/process_interaction_service.rb index 3d3cccb6a..450b0c5cc 100644 --- a/app/services/process_interaction_service.rb +++ b/app/services/process_interaction_service.rb @@ -30,7 +30,7 @@ class ProcessInteractionService < BaseService case verb(xml) when :follow - follow!(account, target_account) unless target_account.locked? + follow!(account, target_account) unless target_account.locked? || target_account.blocking?(account) when :unfollow unfollow!(account, target_account) when :favorite diff --git a/spec/controllers/api/v1/statuses_controller_spec.rb b/spec/controllers/api/v1/statuses_controller_spec.rb index ab918fe50..d9c73f952 100644 --- a/spec/controllers/api/v1/statuses_controller_spec.rb +++ b/spec/controllers/api/v1/statuses_controller_spec.rb @@ -7,7 +7,6 @@ RSpec.describe Api::V1::StatusesController, type: :controller do let(:token) { double acceptable?: true, resource_owner_id: user.id } before do - stub_request(:post, "https://pubsubhubbub.superfeedr.com/").to_return(:status => 200, :body => "", :headers => {}) allow(controller).to receive(:doorkeeper_token) { token } end