Update StatusPolicy to check current_account for local_only? toots.
StatusPolicy#account was renamed to StatusPolicy#current_account in upstream. This commit renames the local-only changes to match and augments the #show? policy spec with what we expect for local-only toots.
This commit is contained in:
parent
2a386ad88d
commit
f6355f6ffb
|
@ -6,7 +6,7 @@ class StatusPolicy < ApplicationPolicy
|
||||||
end
|
end
|
||||||
|
|
||||||
def show?
|
def show?
|
||||||
return false if local_only? && account.nil?
|
return false if local_only? && current_account.nil?
|
||||||
|
|
||||||
if direct?
|
if direct?
|
||||||
owned? || record.mentions.where(account: current_account).exists?
|
owned? || record.mentions.where(account: current_account).exists?
|
||||||
|
|
|
@ -71,6 +71,12 @@ RSpec.describe StatusPolicy, type: :model do
|
||||||
|
|
||||||
expect(subject).to_not permit(viewer, status)
|
expect(subject).to_not permit(viewer, status)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'denies access when local-only and the viewer is not logged in' do
|
||||||
|
allow(status).to receive(:local_only?) { true }
|
||||||
|
|
||||||
|
expect(subject).to_not permit(nil, status)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
permissions :reblog? do
|
permissions :reblog? do
|
||||||
|
|
Loading…
Reference in New Issue