Extract authorization policy for viewing statuses (#3150)

app/services/reblog_service.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 class ReblogService < BaseService
+  include Authorization
   include StreamEntryRenderer
 
   # Reblog a status and notify its remote author
@@ -10,7 +11,8 @@ class ReblogService < BaseService
   def call(account, reblogged_status)
     reblogged_status = reblogged_status.reblog if reblogged_status.reblog?
 
-    raise Mastodon::NotPermittedError if reblogged_status.direct_visibility? || reblogged_status.private_visibility? || !reblogged_status.permitted?(account)
+    authorize_with account, reblogged_status, :show?
+    raise Mastodon::NotPermittedError if reblogged_status.direct_visibility? || reblogged_status.private_visibility?
 
     reblog = account.statuses.create!(reblog: reblogged_status, text: '')