Change: 時限投稿はフォロワー以外にはActivityを発行しない (#250)

* Change: 時限投稿はフォロワー以外にはActivityを発行しない * Fix: ドメイン単位の認証になるように * Add test and fix * Fix lint * Fix test * Fix test * Revert "Fix test" This reverts commit 22f1114b7f. * Revert "Fix lint" This reverts commit a828efa9be. * Revert "Revert "Fix lint"" This reverts commit 6a2d68f28a. * Revert "Revert "Fix test"" This reverts commit a21c0b9d3e.
2023-12-21 11:21:33 +09:00 · 2023-12-21 11:21:33 +09:00 · 789afccf9b
commit 789afccf9b
parent faf791c602
5 changed files with 66 additions and 1 deletions
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@ -29,7 +29,7 @@ class StatusesController < ApplicationController
      end

      format.json do
-        expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode? && !misskey_software?
+        expires_in 3.minutes, public: true if @status.distributable? && public_fetch_mode? && !misskey_software? && !@status.expires?
        render_with_cache json: @status, content_type: 'application/activity+json', serializer: status_activity_serializer, adapter: ActivityPub::Adapter, cancel_cache: misskey_software?
      end
    end
@ -64,6 +64,8 @@ class StatusesController < ApplicationController

    if request.authorization.present? && request.authorization.match(/^Bearer /i)
      raise Mastodon::NotPermittedError unless @status.capability_tokens.find_by(token: request.authorization.gsub(/^Bearer /i, ''))
+    elsif request.format == :json && @status.expires?
+      raise Mastodon::NotPermittedError unless StatusPolicy.new(signed_request_account, @status).show_activity?
    else
      authorize @status, :show?
    end