Add filters for suspended accounts

f406e01f · Eugen Rochko · 24881627 · f406e01f · f406e01f · f406e01f
Commit f406e01f authored 8 years ago by Eugen Rochko
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -5,6 +5,8 @@ class AccountsController < ApplicationController

  before_action :set_account
  before_action :set_link_headers
+  before_action :authenticate_user!, only: [:follow, :unfollow]
+  before_action :check_account_suspension

  def show
    respond_to do |format|
@@ -50,4 +52,8 @@ class AccountsController < ApplicationController
  def webfinger_account_url
    webfinger_url(resource: "acct:#{@account.acct}@#{Rails.configuration.x.local_domain}")
  end
+
+  def check_account_suspension
+    head 410 if @account.suspended?
+  end
 end
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -15,6 +15,7 @@ class ApplicationController < ActionController::Base
  before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
  before_action :set_locale
  before_action :set_user_activity
+  before_action :check_suspension, if: :user_signed_in?

  def raise_not_found
    raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}"
@@ -40,6 +41,10 @@ class ApplicationController < ActionController::Base
    current_user.touch(:current_sign_in_at) if !current_user.nil? && (current_user.current_sign_in_at.nil? || current_user.current_sign_in_at < 24.hours.ago)
  end

+  def check_suspension
+    head 403 if current_user.account.suspended?
+  end
+
  protected

  def not_found

--- a/app/controllers/settings/preferences_controller.rb
+++ b/app/controllers/settings/preferences_controller.rb
@@ -5,8 +5,7 @@ class Settings::PreferencesController < ApplicationController

  before_action :authenticate_user!

-  def show
-  end
+  def show; end

  def update
    current_user.settings(:notification_emails).follow    = user_params[:notification_emails][:follow]    == '1'

--- a/app/controllers/settings/profiles_controller.rb
+++ b/app/controllers/settings/profiles_controller.rb
@@ -10,8 +10,7 @@ class Settings::ProfilesController < ApplicationController
  obfuscate_filename [:account, :avatar]
  obfuscate_filename [:account, :header]

-  def show
-  end
+  def show; end

  def update
    if @account.update(account_params)

--- a/app/controllers/stream_entries_controller.rb
+++ b/app/controllers/stream_entries_controller.rb
@@ -6,6 +6,7 @@ class StreamEntriesController < ApplicationController
  before_action :set_account
  before_action :set_stream_entry
  before_action :set_link_headers
+  before_action :check_account_suspension

  def show
    @type = @stream_entry.activity_type.downcase
@@ -37,4 +38,8 @@ class StreamEntriesController < ApplicationController
  def set_stream_entry
    @stream_entry = @account.stream_entries.find(params[:id])
  end
+
+  def check_account_suspension
+    head 410 if @account.suspended?
+  end
 end
--- a/app/services/follow_service.rb
+++ b/app/services/follow_service.rb
@@ -7,7 +7,7 @@ class FollowService < BaseService
  def call(source_account, uri)
    target_account = follow_remote_account_service.call(uri)

-    raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id
+    raise ActiveRecord::RecordNotFound if target_account.nil? || target_account.id == source_account.id || target_account.suspended?

    follow = source_account.follow!(target_account)


--- a/app/services/notify_service.rb
+++ b/app/services/notify_service.rb
@@ -33,13 +33,13 @@ class NotifyService < BaseService
  end

  def blocked?
-    blocked   = false
-    blocked ||= @recipient.id == @notification.from_account.id
-    blocked ||= @recipient.blocking?(@notification.from_account)
-    blocked ||= (@notification.from_account.silenced? && !@recipient.following?(@notification.from_account))
-    blocked ||= (@recipient.user.settings(:interactions).must_be_follower  && !@notification.from_account.following?(@recipient))
-    blocked ||= (@recipient.user.settings(:interactions).must_be_following && !@recipient.following?(@notification.from_account))
-    blocked ||= send("blocked_#{@notification.type}?")
+    blocked   = @recipient.suspended?                                                                                             # Skip if the recipient account is suspended anyway
+    blocked ||= @recipient.id == @notification.from_account.id                                                                    # Skip for interactions with self
+    blocked ||= @recipient.blocking?(@notification.from_account)                                                                  # Skip for blocked accounts
+    blocked ||= (@notification.from_account.silenced? && !@recipient.following?(@notification.from_account))                      # Hellban
+    blocked ||= (@recipient.user.settings(:interactions).must_be_follower  && !@notification.from_account.following?(@recipient)) # Options
+    blocked ||= (@recipient.user.settings(:interactions).must_be_following && !@recipient.following?(@notification.from_account)) # Options
+    blocked ||= send("blocked_#{@notification.type}?")                                                                            # Type-dependent filters
    blocked
  end


--- a/app/workers/admin/suspension_worker.rb
+++ b/app/workers/admin/suspension_worker.rb
+# frozen_string_literal: true
+
+class Admin::SuspensionWorker
+  include Sidekiq::Worker
+
+  def perform(account_id)
+    SuspendAccountService.new.call(Account.find(account_id))
+  end
+end