fix: oops dont leak private posts on local tl
this too should get filtered depending on auth
This commit is contained in:
parent
9fce61ea78
commit
a5c28c83c7
1 changed files with 4 additions and 2 deletions
|
@ -1,5 +1,5 @@
|
||||||
use axum::{extract::{Query, State}, http::StatusCode, Json};
|
use axum::{extract::{Query, State}, http::StatusCode, Json};
|
||||||
use sea_orm::{sea_query::IntoCondition, ColumnTrait};
|
use sea_orm::{ColumnTrait, Condition};
|
||||||
use upub::Context;
|
use upub::Context;
|
||||||
|
|
||||||
use crate::{activitypub::{CreationResult, Pagination}, AuthIdentity, builders::JsonLD};
|
use crate::{activitypub::{CreationResult, Pagination}, AuthIdentity, builders::JsonLD};
|
||||||
|
@ -15,7 +15,9 @@ pub async fn page(
|
||||||
) -> crate::ApiResult<JsonLD<serde_json::Value>> {
|
) -> crate::ApiResult<JsonLD<serde_json::Value>> {
|
||||||
crate::builders::paginate_activities(
|
crate::builders::paginate_activities(
|
||||||
upub::url!(ctx, "/outbox/page"),
|
upub::url!(ctx, "/outbox/page"),
|
||||||
upub::model::actor::Column::Domain.eq(ctx.domain().to_string()).into_condition(),
|
Condition::all()
|
||||||
|
.add(auth.filter_activities())
|
||||||
|
.add(upub::model::actor::Column::Domain.eq(ctx.domain().to_string())),
|
||||||
ctx.db(),
|
ctx.db(),
|
||||||
page,
|
page,
|
||||||
auth.my_id(),
|
auth.my_id(),
|
||||||
|
|
Loading…
Reference in a new issue