Add test and fix

app/controllers/statuses_controller.rb

@@ -29,7 +29,7 @@ class StatusesController < ApplicationController
       end
 
       format.json do
-        expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode? && !misskey_software?
+        expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode? && !misskey_software? && !@status.expires?
         render_with_cache json: @status, content_type: 'application/activity+json', serializer: status_activity_serializer, adapter: ActivityPub::Adapter, cancel_cache: misskey_software?
       end
     end
@@ -65,7 +65,7 @@ class StatusesController < ApplicationController
     if request.authorization.present? && request.authorization.match(/^Bearer /i)
       raise Mastodon::NotPermittedError unless @status.capability_tokens.find_by(token: request.authorization.gsub(/^Bearer /i, ''))
     elsif request.format == :json && @status.expires?
-      raise Mastodon::NotPermittedError unless StatusPolicy.new(signed_request_account, status).show_activity?
+      raise Mastodon::NotPermittedError unless StatusPolicy.new(signed_request_account, @status).show_activity?
     else
       authorize @status, :show?
     end

app/models/concerns/account/interactions.rb

@@ -211,11 +211,13 @@ module Account::Interactions
     other_account.following?(self)
   end
 
-  def followed_by_domain?(other_domain)
+  def followed_by_domain?(other_domain, since = nil)
     return true if other_domain.blank?
-    return true if local? || domain == other_domain
+    return false unless local?
 
-    followers.exists?(domain: other_domain)
+    scope = followers
+    scope = scope.where("follows.created_at < '#{since}'") if since.present?
+    scope.exists?(domain: other_domain)
   end
 
   def mutual?(other_account)

app/policies/status_policy.rb

@@ -125,7 +125,7 @@ class StatusPolicy < ApplicationPolicy
   def following_author_domain?
     return false if current_account.nil?
 
-    author.followed_by_domain?(current_account.domain)
+    author.followed_by_domain?(current_account.domain, record.created_at)
   end
 
   def author

spec/models/concerns/account/interactions_spec.rb

@@ -381,6 +381,43 @@ describe Account::Interactions do
     end
   end
 
+  describe '#followed_by_domain?' do
+    subject { account.followed_by_domain?('example.com') }
+
+    let(:target_account) { Fabricate(:account, domain: 'example.com', uri: 'https://example.com/actor') }
+
+    context 'when followed by target_account' do
+      it 'returns true' do
+        account.passive_relationships.create(account: target_account)
+        expect(subject).to be true
+      end
+    end
+
+    context 'when not followed by target_account' do
+      it 'returns false' do
+        expect(subject).to be false
+      end
+    end
+
+    context 'with status' do
+      subject { account.followed_by_domain?('example.com', '2022/12/24 10:00:00') }
+
+      context 'when followed by target_account since the time' do
+        it 'returns true' do
+          account.passive_relationships.create(account: target_account, created_at: '2022/12/22 10:00:00')
+          expect(subject).to be true
+        end
+      end
+
+      context 'when followed by target_account after the time' do
+        it 'returns false' do
+          account.passive_relationships.create(account: target_account, created_at: '2022/12/26 10:00:00')
+          expect(subject).to be false
+        end
+      end
+    end
+  end
+
   describe '#blocking?' do
     subject { account.blocking?(target_account) }