mastofe

commit: 58bca7b1e43b4ceef58dae719071d76ca41582aa
parent: 1c25853842075f88e3b6ed28decba3907d548f2e
Author: ThibG <thib@sitedethib.com>
Date:   Wed, 15 Nov 2017 01:53:33 +0100

Filter searched toots to be consistent with blocking behaviors (#5383)


Diffstat:
M
app/controllers/api/v1/search_controller.rb
16
+++++++++++++++-

1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/app/controllers/api/v1/search_controller.rb b/app/controllers/api/v1/search_controller.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class Api::V1::SearchController < Api::BaseController
+  include Authorization
+
   RESULTS_LIMIT = 5
 
   before_action -> { doorkeeper_authorize! :read }
@@ -9,12 +11,24 @@ class Api::V1::SearchController < Api::BaseController
   respond_to :json
 
   def index
-    @search = Search.new(search_results)
+    @search = Search.new(search)
     render json: @search, serializer: REST::SearchSerializer
   end
 
   private
 
+  def search
+    search_results.tap do |search|
+      search[:statuses].keep_if do |status|
+        begin
+          authorize status, :show?
+        rescue Mastodon::NotPermittedError
+          false
+        end
+      end
+    end
+  end
+
   def search_results
     SearchService.new.call(
       params[:q],