add privacy option to limit lifespan of public access to post & object urls beyond local followers, default to 90 days
parent
651c569c3f
commit
51bab85b07
|
@ -83,6 +83,7 @@ class Settings::PreferencesController < Settings::BaseController
|
|||
:setting_hide_public_profile,
|
||||
:setting_hide_public_outbox,
|
||||
:setting_max_public_history,
|
||||
:setting_max_public_access,
|
||||
:setting_roar_lifespan,
|
||||
:setting_delayed_roars,
|
||||
:setting_delayed_for,
|
||||
|
|
|
@ -186,8 +186,6 @@ class StatusesController < ApplicationController
|
|||
|
||||
if @status.sharekey.present? && @sharekey == @status.sharekey.key
|
||||
skip_authorization
|
||||
elsif @account.block_anon && !user_signed_in?
|
||||
raise ActiveRecord::RecordNotFound
|
||||
else
|
||||
authorize @status, :show?
|
||||
end
|
||||
|
|
|
@ -40,6 +40,7 @@ class UserSettingsDecorator
|
|||
user.settings['hide_public_outbox'] = hide_public_outbox_preference if change?('setting_hide_public_outbox')
|
||||
user.settings['larger_emoji'] = larger_emoji_preference if change?('setting_larger_emoji')
|
||||
user.settings['max_public_history'] = max_public_history_preference if change?('setting_max_public_history')
|
||||
user.settings['max_public_access'] = max_public_access_preference if change?('setting_max_public_access')
|
||||
user.settings['roar_lifespan'] = roar_lifespan_preference if change?('setting_roar_lifespan')
|
||||
user.settings['delayed_roars'] = delayed_roars_preference if change?('setting_delayed_roars')
|
||||
user.settings['delayed_for'] = delayed_for_preference if change?('setting_delayed_for')
|
||||
|
@ -151,6 +152,10 @@ class UserSettingsDecorator
|
|||
settings['setting_max_public_history']
|
||||
end
|
||||
|
||||
def max_public_access_preference
|
||||
settings['setting_max_public_access']
|
||||
end
|
||||
|
||||
def roar_lifespan_preference
|
||||
settings['setting_roar_lifespan']
|
||||
end
|
||||
|
|
|
@ -133,6 +133,7 @@ class Account < ApplicationRecord
|
|||
:defaults_to_local_only?,
|
||||
:always_local_only?,
|
||||
:max_public_history,
|
||||
:max_public_access,
|
||||
:roar_lifespan,
|
||||
:delayed_roars?,
|
||||
|
||||
|
|
|
@ -146,6 +146,7 @@ class User < ApplicationRecord
|
|||
:hide_public_profile,
|
||||
:hide_public_outbox,
|
||||
:max_public_history,
|
||||
:max_public_access,
|
||||
:roar_lifespan,
|
||||
:delayed_roars,
|
||||
:delayed_for,
|
||||
|
@ -331,6 +332,10 @@ class User < ApplicationRecord
|
|||
@_max_public_history ||= [1, (settings.max_public_history || 6).to_i].max
|
||||
end
|
||||
|
||||
def max_public_access
|
||||
@_max_public_access ||= [1, (settings.max_public_access || 90).to_i].max
|
||||
end
|
||||
|
||||
def roar_lifespan
|
||||
@_roar_lifespan ||= [0, (settings.roar_lifespan || 0).to_i].max
|
||||
end
|
||||
|
|
|
@ -13,13 +13,12 @@ class StatusPolicy < ApplicationPolicy
|
|||
|
||||
def show?
|
||||
return false if local_only? && (current_account.nil? || !current_account.local?)
|
||||
return true if owned? || mention_exists?
|
||||
|
||||
if direct?
|
||||
owned? || mention_exists?
|
||||
elsif private?
|
||||
owned? || following_author? || mention_exists?
|
||||
if private?
|
||||
following_author? && still_accessible?
|
||||
else
|
||||
current_account.nil? || !author_blocking?
|
||||
author_allows_anon? && still_accessible? && !author_blocking? && (author_not_invisible? || following_author?)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -90,4 +89,16 @@ class StatusPolicy < ApplicationPolicy
|
|||
def local_only?
|
||||
record.local_only?
|
||||
end
|
||||
|
||||
def still_accessible?
|
||||
record.created_at > record.account.user.max_public_access.to_i.days.ago
|
||||
end
|
||||
|
||||
def author_allows_anon?
|
||||
(!current_account.nil? && user_signed_in?) || !record.account.block_anon
|
||||
end
|
||||
|
||||
def author_not_invisible?
|
||||
!record.account.hidden?
|
||||
end
|
||||
end
|
||||
|
|
|
@ -18,6 +18,7 @@
|
|||
|
||||
.fields-group
|
||||
= f.input :setting_max_public_history, collection: [1, 3, 6, 7, 14, 30, 60, 90, 180, 365, 730, 1095, 2190], wrapper: :with_label, include_blank: false, label_method: lambda { |item| safe_join([t("simple_form.labels.lifespan.#{item}")]) }, selected: current_user.max_public_history
|
||||
= f.input :setting_max_public_access, collection: [1, 3, 6, 7, 14, 30, 60, 90, 180, 365, 730, 1095, 2190], wrapper: :with_label, include_blank: false, label_method: lambda { |item| safe_join([t("simple_form.labels.lifespan.#{item}")]) }, selected: current_user.max_public_access
|
||||
= f.input :setting_roar_lifespan, collection: [0, 1, 3, 6, 7, 14, 30, 60, 90, 180, 365, 730, 1095, 2190], wrapper: :with_label, include_blank: false, label_method: lambda { |item| safe_join([t("simple_form.labels.lifespan.#{item}")]) }, selected: current_user.roar_lifespan
|
||||
|
||||
.fields-group
|
||||
|
|
|
@ -176,6 +176,7 @@ en:
|
|||
setting_hide_public_profile: Hide your public profile from anonymous viewers
|
||||
setting_hide_public_outbox: Hide your public ActivityPub outbox (affects discoverability)
|
||||
setting_max_public_history: Limit history of roars on public profile to
|
||||
setting_max_public_access: Limit public access to roar URLs without a sharekey to
|
||||
setting_noindex: Opt-out of search engine indexing
|
||||
setting_reduce_motion: Reduce motion in animations
|
||||
setting_show_application: Disclose application used to send roars
|
||||
|
|
|
@ -403,15 +403,15 @@ const startWorker = (workerId) => {
|
|||
return;
|
||||
}
|
||||
|
||||
if (req.hideBoosts && (unpackedPayload.in_reply_to !== undefined || unpackedPayload.in_reply_to !== null)) {
|
||||
if (req.hideBoosts && unpackedPayload.in_reply_to) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (req.mediaOnly && (!unpackedPayload.media_attachments || unpackedPayload.media_attachments.length === 0)) {
|
||||
if (req.mediaOnly && !unpackedPayload.media_attachments) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (req.filterUndescribed && unpackedPayload.media_attachments && unpackedPayload.media_attachments.every(m => !m.description || m.description.length === 0)) {
|
||||
if (req.filterUndescribed && Array.isArray(unpackedPayload.media_attachments) && unpackedPayload.media_attachments.every(m => !m.description)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue