mirror of
https://framagit.org/tykayn/mastodon.git
synced 2023-08-25 08:33:12 +02:00
Fix URL search not returning private toots user has access to (#12742)
This commit is contained in:
parent
6a8c8dc6fb
commit
e4d75f238b
@ -12,6 +12,8 @@ class ResolveURLService < BaseService
|
||||
process_local_url
|
||||
elsif !fetched_resource.nil?
|
||||
process_url
|
||||
elsif @on_behalf_of.present?
|
||||
process_url_from_db
|
||||
end
|
||||
end
|
||||
|
||||
@ -24,15 +26,19 @@ class ResolveURLService < BaseService
|
||||
status = FetchRemoteStatusService.new.call(resource_url, body)
|
||||
authorize_with @on_behalf_of, status, :show? unless status.nil?
|
||||
status
|
||||
elsif fetched_resource.nil? && @on_behalf_of.present?
|
||||
# It may happen that the resource is a private toot, and thus not fetchable,
|
||||
# but we can return the toot if we already know about it.
|
||||
status = Status.find_by(uri: @url) || Status.find_by(url: @url)
|
||||
authorize_with @on_behalf_of, status, :show? unless status.nil?
|
||||
status
|
||||
end
|
||||
end
|
||||
|
||||
def process_url_from_db
|
||||
# It may happen that the resource is a private toot, and thus not fetchable,
|
||||
# but we can return the toot if we already know about it.
|
||||
status = Status.find_by(uri: @url) || Status.find_by(url: @url)
|
||||
authorize_with @on_behalf_of, status, :show? unless status.nil?
|
||||
status
|
||||
rescue Mastodon::NotPermittedError
|
||||
nil
|
||||
end
|
||||
|
||||
def fetched_resource
|
||||
@fetched_resource ||= FetchResourceService.new.call(@url)
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user