djsundog/tootlab-mastodon
1
0
Fork 0
mirror of https://github.com/glitch-soc/mastodon.git synced 2024-11-24 00:54:02 -05:00
Code Issues Packages Projects Releases Wiki Activity

Disallow remote users from viewing local-only toots

Browse Source
This commit is contained in:
Thibaut Girka 2018-07-31 15:00:08 +02:00 committed by ThibG
parent 9f2945ef80
commit c4bec9263c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/policies/status_policy.rb
View File

@ -12,7 +12,7 @@ class StatusPolicy < ApplicationPolicy
end end
def show? def show?
return false if local_only? && current_account.nil? return false if local_only? && (current_account.nil? || !current_account.local?)
if direct? if direct?
owned? || mention_exists? owned? || mention_exists?