X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fobject.ex;h=ab16bf2db9e335dab605838a01f9703ed037a32b;hb=a66da971ff2dcd5f1fe82d3826998a282f1448f3;hp=e7b45f633a9e84badc0202b716c281e69603d172;hpb=ba87ed733510ecc9808ca3ef570b0fd0958493f7;p=akkoma
diff --git a/lib/pleroma/object.ex b/lib/pleroma/object.ex
index e7b45f633..ab16bf2db 100644
--- a/lib/pleroma/object.ex
+++ b/lib/pleroma/object.ex
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Object do
@@ -138,12 +138,17 @@ defmodule Pleroma.Object do
def normalize(_, _, _), do: nil
- # Owned objects can only be mutated by their owner
- def authorize_mutation(%Object{data: %{"actor" => actor}}, %User{ap_id: ap_id}),
- do: actor == ap_id
+ # Owned objects can only be accessed by their owner
+ def authorize_access(%Object{data: %{"actor" => actor}}, %User{ap_id: ap_id}) do
+ if actor == ap_id do
+ :ok
+ else
+ {:error, :forbidden}
+ end
+ end
- # Legacy objects can be mutated by anybody
- def authorize_mutation(%Object{}, %User{}), do: true
+ # Legacy objects can be accessed by anybody
+ def authorize_access(%Object{}, %User{}), do: :ok
@spec get_cached_by_ap_id(String.t()) :: Object.t() | nil
def get_cached_by_ap_id(ap_id) do
@@ -261,7 +266,7 @@ defmodule Pleroma.Object do
end
end
- def increase_vote_count(ap_id, name) do
+ def increase_vote_count(ap_id, name, actor) do
with %Object{} = object <- Object.normalize(ap_id),
"Question" <- object.data["type"] do
multiple = Map.has_key?(object.data, "anyOf")
@@ -276,12 +281,15 @@ defmodule Pleroma.Object do
option
end)
+ voters = [actor | object.data["voters"] || []] |> Enum.uniq()
+
data =
if multiple do
Map.put(object.data, "anyOf", options)
else
Map.put(object.data, "oneOf", options)
end
+ |> Map.put("voters", voters)
object
|> Object.change(%{data: data})