Hide posts from the public web for accounts with 'private' == true.

2024-09-19 18:00:23 +03:00 · 2023-10-08 00:06:37 +02:00 · 2023-10-08 00:06:37 +02:00 · 8524ace23f
commit 8524ace23f
parent 8676d87299
3 changed files with 53 additions and 0 deletions
--- a/html.c
+++ b/html.c
@ -1567,6 +1567,25 @@ xs_str *html_timeline(snac *user, const xs_list *list, int local, int skip, int
        if (!valid_status(status))
            continue;

+        /* if it's an instance page, discard private users */
+        if (user == NULL) {
+            const char *atto = xs_dict_get(msg, "attributedTo");
+            xs *l = xs_split(atto, "/");
+            const char *uid = xs_list_get(l, -1);
+            snac user;
+            int skip = 1;
+
+            if (uid && user_open(&user, uid)) {
+                if (xs_type(xs_dict_get(user.config, "private")) != XSTYPE_TRUE)
+                    skip = 0;
+
+                user_free(&user);
+            }
+
+            if (skip)
+                continue;
+        }
+
        s = html_entry(user, s, msg, local, 0, v, user ? 0 : 1);
    }

@ -1940,6 +1959,9 @@ int html_get_handler(const xs_dict *req, const char *q_path,
        show = atoi(v), cache = 0, save = 0;

    if (p_path == NULL) { /** public timeline **/
+        if (xs_type(xs_dict_get(snac.config, "private")) == XSTYPE_TRUE)
+            return 403;
+
        xs *h = xs_str_localtime(0, "%Y-%m.html");

        if (cache && history_mtime(&snac, h) > timeline_mtime(&snac)) {
@ -2022,6 +2044,9 @@ int html_get_handler(const xs_dict *req, const char *q_path,
    }
    else
    if (xs_startswith(p_path, "p/")) { /** a timeline with just one entry **/
+        if (xs_type(xs_dict_get(snac.config, "private")) == XSTYPE_TRUE)
+            return 403;
+
        xs *id  = xs_fmt("%s/%s", snac.actor, p_path);
        xs *msg = NULL;

@ -2054,6 +2079,9 @@ int html_get_handler(const xs_dict *req, const char *q_path,
    }
    else
    if (xs_startswith(p_path, "h/")) { /** an entry from the history **/
+        if (xs_type(xs_dict_get(snac.config, "private")) == XSTYPE_TRUE)
+            return 403;
+
        xs *l    = xs_split(p_path, "/");
        char *id = xs_list_get(l, 1);

@ -2070,6 +2098,9 @@ int html_get_handler(const xs_dict *req, const char *q_path,
    }
    else
    if (strcmp(p_path, ".rss") == 0) { /** public timeline in RSS format **/
+        if (xs_type(xs_dict_get(snac.config, "private")) == XSTYPE_TRUE)
+            return 403;
+
        xs_str *rss;
        xs *elems = timeline_simple_list(&snac, "public", 0, 20);
        xs *bio   = not_really_markdown(xs_dict_get(snac.config, "bio"), NULL);
--- a/httpd.c
+++ b/httpd.c
@ -284,6 +284,9 @@ void httpd_connection(FILE *f)
        status = 404;
    }

+    if (status == 403)
+        body = xs_str_new("<h1>403 Forbidden</h1>");
+
    if (status == 404)
        body = xs_str_new("<h1>404 Not Found</h1>");

--- a/mastoapi.c
+++ b/mastoapi.c
@ -1377,6 +1377,25 @@ int mastoapi_get_handler(const xs_dict *req, const char *q_path,
            if (strcmp(type, "Note") != 0 && strcmp(type, "Question") != 0)
                continue;

+            /* discard private users */
+            {
+                const char *atto = xs_dict_get(msg, "attributedTo");
+                xs *l = xs_split(atto, "/");
+                const char *uid = xs_list_get(l, -1);
+                snac p_user;
+                int skip = 1;
+
+                if (uid && user_open(&p_user, uid)) {
+                    if (xs_type(xs_dict_get(p_user.config, "private")) != XSTYPE_TRUE)
+                        skip = 0;
+
+                    user_free(&p_user);
+                }
+
+                if (skip)
+                    continue;
+            }
+
            /* convert the Note into a Mastodon status */
            xs *st = mastoapi_status(user, msg);