6 Commits (cecd8b25c4bee503bb9c6ba7668beb1b374d4460)

Author	SHA1	Message	Date
Thibaut Girka	517b7a028d	Add test to disallow remote users from fetching local-only toots	6 years ago
David Yip	bcdd0f8b9d	Update StatusPolicy to check current_account for local_only? toots. ... StatusPolicy#account was renamed to StatusPolicy#current_account in upstream. This commit renames the local-only changes to match and augments the #show? policy spec with what we expect for local-only toots.	7 years ago
Jack Jennings	4e75c71b3e	Add status destroy authorization to policy (#3453) ... * Add status destroy authorization to policy * Create explicit unreblog status authorization	7 years ago
Jack Jennings	c4bf180a77	Fix incorrect visibility setter in StatusPolicySpec (#3456)	7 years ago
Jack Jennings	877b82f63e	Move status reblog authorization into policy (#3425)	7 years ago
Jack Jennings	faf53a5a3e	Extract authorization policy for viewing statuses (#3150)	7 years ago