Re-enable Webfinger for locked accounts but don't handle "follow" events

coming in via Salmon. Currently no way to prevent remote follows, but they will only receive public and unlisted posts
2016-12-22 23:17:57 +01:00 · 2016-12-22 23:17:57 +01:00 · 77cd58545d
commit 77cd58545d
parent 337c3d0ed8
3 changed files with 3 additions and 3 deletions
--- a/app/controllers/xrd_controller.rb
+++ b/app/controllers/xrd_controller.rb
@ -13,7 +13,7 @@ class XrdController < ApplicationController
  end

  def webfinger
-    @account = Account.where(locked: false).find_local!(username_from_resource)
+    @account = Account.find_local!(username_from_resource)
    @canonical_account_uri = "acct:#{@account.username}@#{Rails.configuration.x.local_domain}"
    @magic_key = pem_to_magic_key(@account.keypair.public_key)

--- a/app/services/process_interaction_service.rb
+++ b/app/services/process_interaction_service.rb
@ -30,7 +30,7 @@ class ProcessInteractionService < BaseService

      case verb(xml)
      when :follow
-        follow!(account, target_account)
+        follow!(account, target_account) unless target_account.locked?
      when :unfollow
        unfollow!(account, target_account)
      when :favorite
--- a/config/locales/simple_form.en.yml
+++ b/config/locales/simple_form.en.yml
@ -26,7 +26,7 @@ en:
        reblog: Send e-mail when someone reblogs your status
    hints:
      defaults:
-        locked: Requires you to approve followers, defaults post privacy to followers-only and disables federation
+        locked: Requires you to approve followers and defaults post privacy to followers-only
    'no': 'No'
    required:
      mark: "*"