Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remake-remodel-dms

author: lain <lain@soykaf.club> 2020-05-18 18:38:32 +0200
committer: lain <lain@soykaf.club> 2020-05-18 18:38:32 +0200
commit: 0d417e005d5ef89f982866ee09559aef24e36a85 (patch)
tree: 1381e8f6dbe63ab3a0f61562672a3cf2d69d7f65 /lib/pleroma/object.ex
parent: baf051a59e8bfcb2e55b5e28e46e80d6961b9bb4 (diff)
parent: 8e9c939e42b7d649d58ce91465086751031b13c8 (diff)
download: pleroma-0d417e005d5ef89f982866ee09559aef24e36a85.tar.gz
1 files changed, 10 insertions, 5 deletions
diff --git a/lib/pleroma/object.ex b/lib/pleroma/object.ex
index e678fd415..ab16bf2db 100644
--- a/lib/pleroma/object.ex
+++ b/lib/pleroma/object.ex
@@ -138,12 +138,17 @@ defmodule Pleroma.Object do
 
   def normalize(_, _, _), do: nil
 
-  # Owned objects can only be mutated by their owner
-  def authorize_mutation(%Object{data: %{"actor" => actor}}, %User{ap_id: ap_id}),
-    do: actor == ap_id
+  # Owned objects can only be accessed by their owner
+  def authorize_access(%Object{data: %{"actor" => actor}}, %User{ap_id: ap_id}) do
+    if actor == ap_id do
+      :ok
+    else
+      {:error, :forbidden}
+    end
+  end
 
-  # Legacy objects can be mutated by anybody
-  def authorize_mutation(%Object{}, %User{}), do: true
+  # Legacy objects can be accessed by anybody
+  def authorize_access(%Object{}, %User{}), do: :ok
 
   @spec get_cached_by_ap_id(String.t()) :: Object.t() | nil
   def get_cached_by_ap_id(ap_id) do
author	lain <lain@soykaf.club>	2020-05-18 18:38:32 +0200
committer	lain <lain@soykaf.club>	2020-05-18 18:38:32 +0200
commit	0d417e005d5ef89f982866ee09559aef24e36a85 (patch)
tree	1381e8f6dbe63ab3a0f61562672a3cf2d69d7f65 /lib/pleroma/object.ex
parent	baf051a59e8bfcb2e55b5e28e46e80d6961b9bb4 (diff)
parent	8e9c939e42b7d649d58ce91465086751031b13c8 (diff)
download	pleroma-0d417e005d5ef89f982866ee09559aef24e36a85.tar.gz