From 292e6e18b15e8dded8411c4844282f36d0f5a6de Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Wed, 17 Apr 2019 23:56:33 -0600
Subject: [PATCH] Update PublicApiController

---
 app/Http/Controllers/PublicApiController.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/Http/Controllers/PublicApiController.php b/app/Http/Controllers/PublicApiController.php
index 2a9610a92..505973642 100644
--- a/app/Http/Controllers/PublicApiController.php
+++ b/app/Http/Controllers/PublicApiController.php
@@ -528,8 +528,8 @@ class PublicApiController extends Controller
     {
         abort_unless(Auth::check(), 403);
         $profile = Profile::with('user')->whereNull('status')->whereNull('domain')->findOrFail($id);
-        if($profile->is_private || !$profile->user->settings->show_profile_followers) {
-            return [];
+        if($profile->is_private || !$profile->user->settings->show_profile_followers && Auth::id() != $profile->user_id) {
+            return response()->json([]);
         }
         $followers = $profile->followers()->orderByDesc('followers.created_at')->paginate(10);
         $resource = new Fractal\Resource\Collection($followers, new AccountTransformer());
@@ -542,8 +542,8 @@ class PublicApiController extends Controller
     {
         abort_unless(Auth::check(), 403);
         $profile = Profile::with('user')->whereNull('status')->whereNull('domain')->findOrFail($id);
-        if($profile->is_private || !$profile->user->settings->show_profile_following) {
-            return [];
+        if($profile->is_private || !$profile->user->settings->show_profile_following && Auth::id() != $profile->user_id) {
+            return response()->json([]);
         }
         $following = $profile->following()->orderByDesc('followers.created_at')->paginate(10);
         $resource = new Fractal\Resource\Collection($following, new AccountTransformer());