From ef56f92c3d77e9bafaa70c08b7c04d5a61b8d454 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Thu, 19 Jan 2023 06:37:24 -0700 Subject: [PATCH] Update BookmarkController --- app/Http/Controllers/BookmarkController.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/app/Http/Controllers/BookmarkController.php b/app/Http/Controllers/BookmarkController.php index a340460b..59ffeab3 100644 --- a/app/Http/Controllers/BookmarkController.php +++ b/app/Http/Controllers/BookmarkController.php @@ -7,6 +7,7 @@ use App\Status; use Auth; use Illuminate\Http\Request; use App\Services\BookmarkService; +use App\Services\FollowerService; class BookmarkController extends Controller { @@ -24,6 +25,16 @@ class BookmarkController extends Controller $profile = Auth::user()->profile; $status = Status::findOrFail($request->input('item')); + abort_if(!in_array($status->scope, ['public', 'unlisted', 'private']), 404); + + if($status->scope == 'private') { + abort_if( + $profile->id !== $status->profile_id && !FollowerService::follows($profile->id, $status->profile_id), + 404, + 'Error: Cannot bookmark private posts from accounts you do not follow.' + ); + } + $bookmark = Bookmark::firstOrCreate( ['status_id' => $status->id], ['profile_id' => $profile->id] );