14 files changed, 203 insertions, 139 deletions

diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex
index 8a827ca80..e2b5251bc 100644
--- a/lib/mix/tasks/pleroma/database.ex
+++ b/lib/mix/tasks/pleroma/database.ex
@@ -52,9 +52,9 @@ defmodule Mix.Tasks.Pleroma.Database do
   def run(["update_users_following_followers_counts"]) do
     start_pleroma()
 
-    users = Repo.all(User)
-    Enum.each(users, &User.remove_duplicated_following/1)
-    Enum.each(users, &User.update_follower_count/1)
+    User
+    |> Repo.all()
+    |> Enum.each(&User.update_follower_count/1)
   end
 
   def run(["prune_objects" | args]) do
diff --git a/lib/mix/tasks/pleroma/user.ex b/lib/mix/tasks/pleroma/user.ex
index d7bdc2310..4e3b80db3 100644
--- a/lib/mix/tasks/pleroma/user.ex
+++ b/lib/mix/tasks/pleroma/user.ex
@@ -163,7 +163,7 @@ defmodule Mix.Tasks.Pleroma.User do
 
       user = User.get_cached_by_id(user.id)
 
-      if Enum.empty?(user.following) do
+      if Enum.empty?(User.get_friends(user)) do
         shell_info("Successfully unsubscribed all followers from #{user.nickname}")
       end
     else
diff --git a/lib/pleroma/bbs/handler.ex b/lib/pleroma/bbs/handler.ex
index 386afee89..054d422b0 100644
--- a/lib/pleroma/bbs/handler.ex
+++ b/lib/pleroma/bbs/handler.ex
@@ -98,7 +98,7 @@ defmodule Pleroma.BBS.Handler do
       |> Map.put("user", user)
 
     activities =
-      [user.ap_id | user.following]
+      [user.ap_id | Pleroma.User.following(user)]
       |> ActivityPub.fetch_activities(params)
 
     Enum.each(activities, fn activity ->
diff --git a/lib/pleroma/following_relationship.ex b/lib/pleroma/following_relationship.ex
new file mode 100644
index 000000000..2ffac17ee
--- /dev/null
+++ b/lib/pleroma/following_relationship.ex
@@ -0,0 +1,110 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.FollowingRelationship do
+  use Ecto.Schema
+
+  import Ecto.Changeset
+  import Ecto.Query
+
+  alias FlakeId.Ecto.CompatType
+  alias Pleroma.Repo
+  alias Pleroma.User
+
+  schema "following_relationships" do
+    field(:state, :string, default: "accept")
+
+    belongs_to(:follower, User, type: CompatType)
+    belongs_to(:following, User, type: CompatType)
+
+    timestamps()
+  end
+
+  def changeset(%__MODULE__{} = following_relationship, attrs) do
+    following_relationship
+    |> cast(attrs, [:state])
+    |> put_assoc(:follower, attrs.follower)
+    |> put_assoc(:following, attrs.following)
+    |> validate_required([:state, :follower, :following])
+  end
+
+  def get(%User{} = follower, %User{} = following) do
+    __MODULE__
+    |> where(follower_id: ^follower.id, following_id: ^following.id)
+    |> Repo.one()
+  end
+
+  def update(follower, following, "reject"), do: unfollow(follower, following)
+
+  def update(%User{} = follower, %User{} = following, state) do
+    case get(follower, following) do
+      nil ->
+        follow(follower, following, state)
+
+      following_relationship ->
+        following_relationship
+        |> cast(%{state: state}, [:state])
+        |> validate_required([:state])
+        |> Repo.update()
+    end
+  end
+
+  def follow(%User{} = follower, %User{} = following, state \\ "accept") do
+    %__MODULE__{}
+    |> changeset(%{follower: follower, following: following, state: state})
+    |> Repo.insert(on_conflict: :nothing)
+  end
+
+  def unfollow(%User{} = follower, %User{} = following) do
+    case get(follower, following) do
+      nil -> {:ok, nil}
+      %__MODULE__{} = following_relationship -> Repo.delete(following_relationship)
+    end
+  end
+
+  def follower_count(%User{} = user) do
+    %{followers: user, deactivated: false}
+    |> User.Query.build()
+    |> Repo.aggregate(:count, :id)
+  end
+
+  def following_count(%User{id: nil}), do: 0
+
+  def following_count(%User{} = user) do
+    %{friends: user, deactivated: false}
+    |> User.Query.build()
+    |> Repo.aggregate(:count, :id)
+  end
+
+  def get_follow_requests(%User{id: id}) do
+    __MODULE__
+    |> join(:inner, [r], f in assoc(r, :follower))
+    |> where([r], r.state == "pending")
+    |> where([r], r.following_id == ^id)
+    |> select([r, f], f)
+    |> Repo.all()
+  end
+
+  def following?(%User{id: follower_id}, %User{id: followed_id}) do
+    __MODULE__
+    |> where(follower_id: ^follower_id, following_id: ^followed_id, state: "accept")
+    |> Repo.exists?()
+  end
+
+  def following(%User{} = user) do
+    following =
+      __MODULE__
+      |> join(:inner, [r], u in User, on: r.following_id == u.id)
+      |> where([r], r.follower_id == ^user.id)
+      |> where([r], r.state == "accept")
+      |> select([r, u], u.follower_address)
+      |> Repo.all()
+
+    if not user.local or user.nickname in [nil, "internal.fetch"] do
+      following
+    else
+      [user.follower_address | following]
+    end
+  end
+end
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index 5d3f55721..40171620e 100644
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -13,6 +13,7 @@ defmodule Pleroma.User do
   alias Pleroma.Activity
   alias Pleroma.Conversation.Participation
   alias Pleroma.Delivery
+  alias Pleroma.FollowingRelationship
   alias Pleroma.Keys
   alias Pleroma.Notification
   alias Pleroma.Object
@@ -50,7 +51,6 @@ defmodule Pleroma.User do
     field(:password, :string, virtual: true)
     field(:password_confirmation, :string, virtual: true)
     field(:keys, :string)
-    field(:following, {:array, :string}, default: [])
     field(:ap_id, :string)
     field(:avatar, :map)
     field(:local, :boolean, default: true)
@@ -216,13 +216,7 @@ defmodule Pleroma.User do
     from(u in query, where: u.deactivated != ^true)
   end
 
-  def following_count(%User{following: []}), do: 0
-
-  def following_count(%User{} = user) do
-    user
-    |> get_friends_query()
-    |> Repo.aggregate(:count, :id)
-  end
+  defdelegate following_count(user), to: FollowingRelationship
 
   defp truncate_fields_param(params) do
     if Map.has_key?(params, :fields) do
@@ -309,7 +303,6 @@ defmodule Pleroma.User do
         :bio,
         :name,
         :avatar,
-        :following,
         :locked,
         :no_rich_text,
         :default_scope,
@@ -454,7 +447,6 @@ defmodule Pleroma.User do
     followers = ap_followers(%User{nickname: get_field(changeset, :nickname)})
 
     changeset
-    |> put_change(:following, [followers])
     |> put_change(:follower_address, followers)
   end
 
@@ -508,8 +500,8 @@ defmodule Pleroma.User do
   def needs_update?(_), do: true
 
   @spec maybe_direct_follow(User.t(), User.t()) :: {:ok, User.t()} | {:error, String.t()}
-  def maybe_direct_follow(%User{} = follower, %User{local: true, locked: true}) do
-    {:ok, follower}
+  def maybe_direct_follow(%User{} = follower, %User{local: true, locked: true} = followed) do
+    follow(follower, followed, "pending")
   end
 
   def maybe_direct_follow(%User{} = follower, %User{local: true} = followed) do
@@ -527,37 +519,22 @@ defmodule Pleroma.User do
   @doc "A mass follow for local users. Respects blocks in both directions but does not create activities."
   @spec follow_all(User.t(), list(User.t())) :: {atom(), User.t()}
   def follow_all(follower, followeds) do
-    followed_addresses =
-      followeds
-      |> Enum.reject(fn followed -> blocks?(follower, followed) || blocks?(followed, follower) end)
-      |> Enum.map(fn %{follower_address: fa} -> fa end)
-
-    q =
-      from(u in User,
-        where: u.id == ^follower.id,
-        update: [
-          set: [
-            following:
-              fragment(
-                "array(select distinct unnest (array_cat(?, ?)))",
-                u.following,
-                ^followed_addresses
-              )
-          ]
-        ],
-        select: u
-      )
+    followeds =
+      Enum.reject(followeds, fn followed ->
+        blocks?(follower, followed) || blocks?(followed, follower)
+      end)
 
-    {1, [follower]} = Repo.update_all(q, [])
+    Enum.each(followeds, &follow(follower, &1, "accept"))
 
     Enum.each(followeds, &update_follower_count/1)
 
     set_cache(follower)
   end
 
-  def follow(%User{} = follower, %User{} = followed) do
+  defdelegate following(user), to: FollowingRelationship
+
+  def follow(%User{} = follower, %User{} = followed, state \\ "accept") do
     deny_follow_blocked = Pleroma.Config.get([:user, :deny_follow_blocked])
-    ap_followers = followed.follower_address
 
     cond do
       followed.deactivated ->
@@ -567,14 +544,7 @@ defmodule Pleroma.User do
         {:error, "Could not follow user: #{followed.nickname} blocked you."}
 
       true ->
-        q =
-          from(u in User,
-            where: u.id == ^follower.id,
-            update: [push: [following: ^ap_followers]],
-            select: u
-          )
-
-        {1, [follower]} = Repo.update_all(q, [])
+        FollowingRelationship.follow(follower, followed, state)
 
         follower = maybe_update_following_count(follower)
 
@@ -585,17 +555,8 @@ defmodule Pleroma.User do
   end
 
   def unfollow(%User{} = follower, %User{} = followed) do
-    ap_followers = followed.follower_address
-
     if following?(follower, followed) and follower.ap_id != followed.ap_id do
-      q =
-        from(u in User,
-          where: u.id == ^follower.id,
-          update: [pull: [following: ^ap_followers]],
-          select: u
-        )
-
-      {1, [follower]} = Repo.update_all(q, [])
+      FollowingRelationship.unfollow(follower, followed)
 
       follower = maybe_update_following_count(follower)
 
@@ -609,10 +570,7 @@ defmodule Pleroma.User do
     end
   end
 
-  @spec following?(User.t(), User.t()) :: boolean
-  def following?(%User{} = follower, %User{} = followed) do
-    Enum.member?(follower.following, followed.follower_address)
-  end
+  defdelegate following?(follower, followed), to: FollowingRelationship
 
   def locked?(%User{} = user) do
     user.locked || false
@@ -834,16 +792,7 @@ defmodule Pleroma.User do
     |> Repo.all()
   end
 
-  @spec get_follow_requests(User.t()) :: {:ok, [User.t()]}
-  def get_follow_requests(%User{} = user) do
-    user
-    |> Activity.follow_requests_for_actor()
-    |> join(:inner, [a], u in User, on: a.actor == u.ap_id)
-    |> where([a, u], not fragment("? @> ?", u.following, ^[user.follower_address]))
-    |> group_by([a, u], u.id)
-    |> select([a, u], u)
-    |> Repo.all()
-  end
+  defdelegate get_follow_requests(user), to: FollowingRelationship
 
   def increase_note_count(%User{} = user) do
     User
@@ -995,18 +944,6 @@ defmodule Pleroma.User do
 
   def increment_unread_conversation_count(_, user), do: {:ok, user}
 
-  def remove_duplicated_following(%User{following: following} = user) do
-    uniq_following = Enum.uniq(following)
-
-    if length(following) == length(uniq_following) do
-      {:ok, user}
-    else
-      user
-      |> update_changeset(%{following: uniq_following})
-      |> update_and_set_cache()
-    end
-  end
-
   @spec get_users_from_set([String.t()], boolean()) :: [User.t()]
   def get_users_from_set(ap_ids, local_only \\ true) do
     criteria = %{ap_id: ap_ids, deactivated: false}
diff --git a/lib/pleroma/user/query.ex b/lib/pleroma/user/query.ex
index 7f5273c4e..2eda454bc 100644
--- a/lib/pleroma/user/query.ex
+++ b/lib/pleroma/user/query.ex
@@ -28,6 +28,8 @@ defmodule Pleroma.User.Query do
   """
   import Ecto.Query
   import Pleroma.Web.AdminAPI.Search, only: [not_empty_string: 1]
+
+  alias Pleroma.FollowingRelationship
   alias Pleroma.User
 
   @type criteria ::
@@ -139,18 +141,40 @@ defmodule Pleroma.User.Query do
     |> where([u], not is_nil(u.nickname))
   end
 
-  defp compose_query({:followers, %User{id: id, follower_address: follower_address}}, query) do
-    where(query, [u], fragment("? <@ ?", ^[follower_address], u.following))
+  defp compose_query({:followers, %User{id: id}}, query) do
+    query
     |> where([u], u.id != ^id)
+    |> join(:inner, [u], r in FollowingRelationship,
+      as: :relationships,
+      on: r.following_id == ^id and r.follower_id == u.id
+    )
+    |> where([relationships: r], r.state == "accept")
   end
 
-  defp compose_query({:friends, %User{id: id, following: following}}, query) do
-    where(query, [u], u.follower_address in ^following)
+  defp compose_query({:friends, %User{id: id}}, query) do
+    query
     |> where([u], u.id != ^id)
+    |> join(:inner, [u], r in FollowingRelationship,
+      as: :relationships,
+      on: r.following_id == u.id and r.follower_id == ^id
+    )
+    |> where([relationships: r], r.state == "accept")
   end
 
   defp compose_query({:recipients_from_activity, to}, query) do
-    where(query, [u], u.ap_id in ^to or fragment("? && ?", u.following, ^to))
+    query
+    |> join(:left, [u], r in FollowingRelationship,
+      as: :relationships,
+      on: r.follower_id == u.id
+    )
+    |> join(:left, [relationships: r], f in User,
+      as: :following,
+      on: f.id == r.following_id
+    )
+    |> where(
+      [u, following: f, relationships: r],
+      u.ap_id in ^to or (f.follower_address in ^to and r.state == "accept")
+    )
   end
 
   defp compose_query({:order_by, key}, query) do
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
index 07dde3537..093ee8fcd 100644
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -518,7 +518,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
     public = [Pleroma.Constants.as_public()]
 
     recipients =
-      if opts["user"], do: [opts["user"].ap_id | opts["user"].following] ++ public, else: public
+      if opts["user"],
+        do: [opts["user"].ap_id | User.following(opts["user"])] ++ public,
+        else: public
 
     from(activity in Activity)
     |> maybe_preload_objects(opts)
@@ -712,7 +714,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
 
   defp user_activities_recipients(%{"reading_user" => reading_user}) do
     if reading_user do
-      [Pleroma.Constants.as_public()] ++ [reading_user.ap_id | reading_user.following]
+      [Pleroma.Constants.as_public()] ++ [reading_user.ap_id | User.following(reading_user)]
     else
       [Pleroma.Constants.as_public()]
     end
diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex
index 568623318..b2cd965fe 100644
--- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex
@@ -319,12 +319,12 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
       when page? in [true, "true"] do
     activities =
       if params["max_id"] do
-        ActivityPub.fetch_activities([user.ap_id | user.following], %{
+        ActivityPub.fetch_activities([user.ap_id | User.following(user)], %{
           "max_id" => params["max_id"],
           "limit" => 10
         })
       else
-        ActivityPub.fetch_activities([user.ap_id | user.following], %{"limit" => 10})
+        ActivityPub.fetch_activities([user.ap_id | User.following(user)], %{"limit" => 10})
       end
 
     conn
diff --git a/lib/pleroma/web/activity_pub/relay.ex b/lib/pleroma/web/activity_pub/relay.ex
index a9434d75c..f90d75a8a 100644
--- a/lib/pleroma/web/activity_pub/relay.ex
+++ b/lib/pleroma/web/activity_pub/relay.ex
@@ -57,9 +57,10 @@ defmodule Pleroma.Web.ActivityPub.Relay do
 
   @spec list() :: {:ok, [String.t()]} | {:error, any()}
   def list do
-    with %User{following: following} = _user <- get_actor() do
+    with %User{} = user <- get_actor() do
       list =
-        following
+        user
+        |> User.following()
         |> Enum.map(fn entry -> URI.parse(entry).host end)
         |> Enum.uniq()
 
diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex
index 9b3ee842b..91a164eff 100644
--- a/lib/pleroma/web/activity_pub/transmogrifier.ex
+++ b/lib/pleroma/web/activity_pub/transmogrifier.ex
@@ -7,6 +7,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
   A module to handle coding from internal to wire ActivityPub and back.
   """
   alias Pleroma.Activity
+  alias Pleroma.FollowingRelationship
   alias Pleroma.Object
   alias Pleroma.Object.Containment
   alias Pleroma.Repo
@@ -474,7 +475,8 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
            {_, false} <- {:user_locked, User.locked?(followed)},
            {_, {:ok, follower}} <- {:follow, User.follow(follower, followed)},
            {_, {:ok, _}} <-
-             {:follow_state_update, Utils.update_follow_state_for_all(activity, "accept")} do
+             {:follow_state_update, Utils.update_follow_state_for_all(activity, "accept")},
+           {:ok, _relationship} <- FollowingRelationship.update(follower, followed, "accept") do
         ActivityPub.accept(%{
           to: [follower.ap_id],
           actor: followed,
@@ -484,6 +486,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
       else
         {:user_blocked, true} ->
           {:ok, _} = Utils.update_follow_state_for_all(activity, "reject")
+          {:ok, _relationship} = FollowingRelationship.update(follower, followed, "reject")
 
           ActivityPub.reject(%{
             to: [follower.ap_id],
@@ -494,6 +497,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
 
         {:follow, {:error, _}} ->
           {:ok, _} = Utils.update_follow_state_for_all(activity, "reject")
+          {:ok, _relationship} = FollowingRelationship.update(follower, followed, "reject")
 
           ActivityPub.reject(%{
             to: [follower.ap_id],
@@ -503,6 +507,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
           })
 
         {:user_locked, true} ->
+          {:ok, _relationship} = FollowingRelationship.update(follower, followed, "pending")
           :noop
       end
 
@@ -522,7 +527,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
          {:ok, follow_activity} <- get_follow_activity(follow_object, followed),
          {:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "accept"),
          %User{local: true} = follower <- User.get_cached_by_ap_id(follow_activity.data["actor"]),
-         {:ok, _follower} = User.follow(follower, followed) do
+         {:ok, _relationship} <- FollowingRelationship.update(follower, followed, "accept") do
       ActivityPub.accept(%{
         to: follow_activity.data["to"],
         type: "Accept",
@@ -545,6 +550,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
          {:ok, follow_activity} <- get_follow_activity(follow_object, followed),
          {:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "reject"),
          %User{local: true} = follower <- User.get_cached_by_ap_id(follow_activity.data["actor"]),
+         {:ok, _relationship} <- FollowingRelationship.update(follower, followed, "reject"),
          {:ok, activity} <-
            ActivityPub.reject(%{
              to: follow_activity.data["to"],
@@ -554,8 +560,6 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
              local: false,
              activity_id: id
            }) do
-      User.unfollow(follower, followed)
-
       {:ok, activity}
     else
       _e -> :error
@@ -1061,43 +1065,22 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
     # we pass a fake user so that the followers collection is stripped away
     old_follower_address = User.ap_followers(%User{nickname: user.nickname})
 
-    q =
-      from(
-        u in User,
-        where: ^old_follower_address in u.following,
-        update: [
-          set: [
-            following:
-              fragment(
-                "array_replace(?,?,?)",
-                u.following,
-                ^old_follower_address,
-                ^user.follower_address
-              )
-          ]
+    from(
+      a in Activity,
+      where: ^old_follower_address in a.recipients,
+      update: [
+        set: [
+          recipients:
+            fragment(
+              "array_replace(?,?,?)",
+              a.recipients,
+              ^old_follower_address,
+              ^user.follower_address
+            )
         ]
-      )
-
-    Repo.update_all(q, [])
-
-    q =
-      from(
-        a in Activity,
-        where: ^old_follower_address in a.recipients,
-        update: [
-          set: [
-            recipients:
-              fragment(
-                "array_replace(?,?,?)",
-                a.recipients,
-                ^old_follower_address,
-                ^user.follower_address
-              )
-          ]
-        ]
-      )
-
-    Repo.update_all(q, [])
+      ]
+    )
+    |> Repo.update_all([])
   end
 
   def upgrade_user_from_ap_id(ap_id) do
diff --git a/lib/pleroma/web/activity_pub/visibility.ex b/lib/pleroma/web/activity_pub/visibility.ex
index f3ab48f7c..cd4097493 100644
--- a/lib/pleroma/web/activity_pub/visibility.ex
+++ b/lib/pleroma/web/activity_pub/visibility.ex
@@ -59,7 +59,7 @@ defmodule Pleroma.Web.ActivityPub.Visibility do
   end
 
   def visible_for_user?(activity, user) do
-    x = [user.ap_id | user.following]
+    x = [user.ap_id | User.following(user)]
     y = [activity.actor] ++ activity.data["to"] ++ (activity.data["cc"] || [])
     visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y))
   end
diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex
index 449b808b5..e57345621 100644
--- a/lib/pleroma/web/common_api/common_api.ex
+++ b/lib/pleroma/web/common_api/common_api.ex
@@ -6,6 +6,7 @@ defmodule Pleroma.Web.CommonAPI do
   alias Pleroma.Activity
   alias Pleroma.ActivityExpiration
   alias Pleroma.Conversation.Participation
+  alias Pleroma.FollowingRelationship
   alias Pleroma.Object
   alias Pleroma.ThreadMute
   alias Pleroma.User
@@ -40,6 +41,7 @@ defmodule Pleroma.Web.CommonAPI do
     with {:ok, follower} <- User.follow(follower, followed),
          %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed),
          {:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "accept"),
+         {:ok, _relationship} <- FollowingRelationship.update(follower, followed, "accept"),
          {:ok, _activity} <-
            ActivityPub.accept(%{
              to: [follower.ap_id],
@@ -54,6 +56,7 @@ defmodule Pleroma.Web.CommonAPI do
   def reject_follow_request(follower, followed) do
     with %Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed),
          {:ok, follow_activity} <- Utils.update_follow_state_for_all(follow_activity, "reject"),
+         {:ok, _relationship} <- FollowingRelationship.update(follower, followed, "reject"),
          {:ok, _activity} <-
            ActivityPub.reject(%{
              to: [follower.ap_id],
diff --git a/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex b/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex
index 9f086a8c2..f2d2d3ccb 100644
--- a/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/timeline_controller.ex
@@ -10,6 +10,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
 
   alias Pleroma.Pagination
   alias Pleroma.Plugs.OAuthScopesPlug
+  alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
 
   plug(OAuthScopesPlug, %{scopes: ["read:statuses"]} when action in [:home, :direct])
@@ -28,7 +29,7 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
       |> Map.put("muting_user", user)
       |> Map.put("user", user)
 
-    recipients = [user.ap_id | user.following]
+    recipients = [user.ap_id | User.following(user)]
 
     activities =
       recipients
@@ -128,9 +129,12 @@ defmodule Pleroma.Web.MastodonAPI.TimelineController do
 
       # we must filter the following list for the user to avoid leaking statuses the user
       # does not actually have permission to see (for more info, peruse security issue #270).
+
+      user_following = User.following(user)
+
       activities =
         following
-        |> Enum.filter(fn x -> x in user.following end)
+        |> Enum.filter(fn x -> x in user_following end)
         |> ActivityPub.fetch_activities_bounded(following, params)
         |> Enum.reverse()
 
diff --git a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
index ee40bbf33..db6faac83 100644
--- a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
@@ -126,7 +126,7 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
 
     recipients =
       if for_user do
-        [Pleroma.Constants.as_public()] ++ [for_user.ap_id | for_user.following]
+        [Pleroma.Constants.as_public()] ++ [for_user.ap_id | User.following(for_user)]
       else
         [Pleroma.Constants.as_public()]
       end