tootlab-mastodon/app/policies/status_policy.rb
Jack Jennings 33f669a5f8 Add status destroy authorization to policy (#3453)
* Add status destroy authorization to policy

* Create explicit unreblog status authorization
2017-05-30 22:56:31 +02:00

49 lines
810 B
Ruby

# frozen_string_literal: true
class StatusPolicy
attr_reader :account, :status
def initialize(account, status)
@account = account
@status = status
end
def show?
if direct?
owned? || status.mentions.where(account: account).exists?
elsif private?
owned? || account&.following?(status.account) || status.mentions.where(account: account).exists?
else
account.nil? || !status.account.blocking?(account)
end
end
def reblog?
!direct? && !private? && show?
end
def destroy?
admin? || owned?
end
alias unreblog? destroy?
private
def admin?
account&.user&.admin?
end
def direct?
status.direct_visibility?
end
def owned?
status.account.id == account&.id
end
def private?
status.private_visibility?
end
end