Browse Source

Update StatusController

Daniel Supernault 5 years ago
parent
commit
98ad593654
1 changed files with 7 additions and 1 deletions
  1. 7 1
      app/Http/Controllers/StatusController.php

+ 7 - 1
app/Http/Controllers/StatusController.php

@@ -51,6 +51,12 @@ class StatusController extends Controller
             }
         }
 
+        if($status->type == 'archived') {
+            if(Auth::user()->profile_id !== $status->profile_id) {
+                abort(404);
+            }
+        }
+
         if ($request->wantsJson() && config('federation.activitypub.enabled')) {
             return $this->showActivityPub($request, $status);
         }
@@ -72,7 +78,7 @@ class StatusController extends Controller
     {
         abort(404);
         $profile = Profile::whereNull('status')->whereUsername($username)->first();
-        $status = Status::whereScope('private')->find($id);
+        $status = Status::whereProfileId($profile->id)->whereScope('public')->find($id);
         if(!$profile || !$status) {
             return view('status.embed-removed');
         }