Use backend from glitch-soc for instance-only toots

app/controllers/accounts_controller.rb

@@ -35,7 +35,7 @@ class AccountsController < ApplicationController
       end
 
       format.rss do
-        @statuses = cache_collection(default_statuses.without_reblogs.without_replies.limit(PAGE_SIZE), Status)
+        @statuses = cache_collection(default_statuses.without_local_only.without_reblogs.without_replies.limit(PAGE_SIZE), Status)
         render xml: RSS::AccountSerializer.render(@account, @statuses)
       end
 

app/controllers/stream_entries_controller.rb

@@ -19,7 +19,7 @@ class StreamEntriesController < ApplicationController
       end
 
       format.atom do
-        unless @stream_entry.hidden?
+        unless @stream_entry.hidden? || @stream_entry.local_only?
           skip_session!
           expires_in 3.minutes, public: true
         end
@@ -53,7 +53,7 @@ class StreamEntriesController < ApplicationController
     @type         = @stream_entry.activity_type.downcase
 
     raise ActiveRecord::RecordNotFound if @stream_entry.activity.nil?
-    authorize @stream_entry.activity, :show? if @stream_entry.hidden?
+    authorize @stream_entry.activity, :show? if @stream_entry.hidden? || @stream_entry.local_only?
   rescue Mastodon::NotPermittedError
     # Reraise in order to get a 404
     raise ActiveRecord::RecordNotFound

app/models/status.rb

@@ -21,6 +21,7 @@
 #  account_id             :bigint(8)        not null
 #  application_id         :bigint(8)
 #  in_reply_to_account_id :bigint(8)
+#  local_only             :boolean
 #
 
 class Status < ApplicationRecord
@@ -73,6 +74,7 @@ class Status < ApplicationRecord
 
   scope :without_replies, -> { where('statuses.reply = FALSE OR statuses.in_reply_to_account_id = statuses.account_id') }
   scope :without_reblogs, -> { where('statuses.reblog_of_id IS NULL') }
+  scope :without_local_only, -> { where(local_only: [false, nil]) }
   scope :with_public_visibility, -> { where(visibility: :public) }
   scope :tagged_with, ->(tag) { joins(:statuses_tags).where(statuses_tags: { tag_id: tag }) }
   scope :excluding_silenced_accounts, -> { left_outer_joins(:account).where(accounts: { silenced: false }) }
@@ -336,7 +338,7 @@ class Status < ApplicationRecord
       visibility = [:public, :unlisted]
 
       if account.nil?
-        where(visibility: visibility)
+        where(visibility: visibility).without_local_only
       elsif target_account.blocking?(account) # get rid of blocked peeps
         none
       elsif account.id == target_account.id # author can see own stuff
@@ -379,7 +381,7 @@ class Status < ApplicationRecord
     end
 
     def filter_timeline_default(query)
-      query.excluding_silenced_accounts
+      query.without_local_only.excluding_silenced_accounts
     end
 
     def account_silencing_filter(account)

app/models/stream_entry.rb

@@ -27,7 +27,7 @@ class StreamEntry < ApplicationRecord
   scope :recent, -> { reorder(id: :desc) }
   scope :with_includes, -> { includes(:account, status: STATUS_INCLUDES) }
 
-  delegate :target, :title, :content, :thread,
+  delegate :target, :title, :content, :thread, :local_only?,
            to: :status,
            allow_nil: true
 

app/policies/status_policy.rb

@@ -12,6 +12,8 @@ class StatusPolicy < ApplicationPolicy
   end
 
   def show?
+    return false if local_only? && (current_account.nil? || !current_account.local?)
+
     if direct?
       owned? || mention_exists?
     elsif private?
@@ -84,4 +86,8 @@ class StatusPolicy < ApplicationPolicy
   def author
     record.account
   end
+
+  def local_only?
+    record.local_only?
+  end
 end

app/services/post_status_service.rb

@@ -39,9 +39,12 @@ class PostStatusService < BaseService
 
     LinkCrawlWorker.perform_async(status.id) unless status.spoiler_text?
     DistributionWorker.perform_async(status.id)
+
+    unless status.local_only?
       Pubsubhubbub::DistributionWorker.perform_async(status.stream_entry.id)
       ActivityPub::DistributionWorker.perform_async(status.id)
       ActivityPub::ReplyDistributionWorker.perform_async(status.id) if status.reply? && status.thread.account.local?
+    end
 
     if options[:idempotency].present?
       redis.setex("idempotency:status:#{account.id}:#{options[:idempotency]}", 3_600, status.id)

app/services/reblog_service.rb

@@ -20,8 +20,11 @@ class ReblogService < BaseService
     reblog = account.statuses.create!(reblog: reblogged_status, text: '')
 
     DistributionWorker.perform_async(reblog.id)
+
+    unless reblogged_status.local_only?
       Pubsubhubbub::DistributionWorker.perform_async(reblog.stream_entry.id)
       ActivityPub::DistributionWorker.perform_async(reblog.id)
+    end
 
     create_notification(reblog)
     bump_potential_friendship(account, reblog)

db/migrate/20171210213213_add_local_only_flag_to_statuses.rb

@@ -0,0 +1,5 @@
+class AddLocalOnlyFlagToStatuses < ActiveRecord::Migration[5.1]
+  def change
+    add_column :statuses, :local_only, :boolean
+  end
+end

db/schema.rb

@@ -492,6 +492,7 @@ ActiveRecord::Schema.define(version: 2018_08_20_232245) do
     t.bigint "account_id", null: false
     t.bigint "application_id"
     t.bigint "in_reply_to_account_id"
+    t.boolean "local_only"
     t.index ["account_id", "id", "visibility", "updated_at"], name: "index_statuses_20180106", order: { id: :desc }
     t.index ["in_reply_to_account_id"], name: "index_statuses_on_in_reply_to_account_id"
     t.index ["in_reply_to_id"], name: "index_statuses_on_in_reply_to_id"

spec/models/status_spec.rb

@@ -574,6 +574,32 @@ RSpec.describe Status, type: :model do
         end
       end
     end
+
+    context 'with local-only statuses' do
+      let(:status) { Fabricate(:status, local_only: true) }
+
+      subject { Status.as_public_timeline(viewer) }
+
+      context 'without a viewer' do
+        let(:viewer) { nil }
+
+        it 'excludes local-only statuses' do
+          expect(subject).to_not include(status)
+        end
+      end
+
+      context 'with a viewer' do
+        let(:viewer) { Fabricate(:account, username: 'viewer') }
+
+        it 'includes local-only statuses' do
+          expect(subject).to include(status)
+        end
+      end
+
+      # TODO: What happens if the viewer is remote?
+      # Can the viewer be remote?
+      # What prevents the viewer from being remote?
+    end
   end
 
   describe '.as_tag_timeline' do
@@ -595,6 +621,27 @@ RSpec.describe Status, type: :model do
       results = Status.as_tag_timeline(tag)
       expect(results).to include(status)
     end
+
+    context 'on a local-only status' do
+      let(:tag) { Fabricate(:tag) }
+      let(:status) { Fabricate(:status, local_only: true, tags: [tag]) }
+
+      context 'without a viewer' do
+        let(:viewer) { nil }
+
+        it 'filters the local-only status out of the result set' do
+          expect(Status.as_tag_timeline(tag, viewer)).not_to include(status)
+        end
+      end
+
+      context 'with a viewer' do
+        let(:viewer) { Fabricate(:account, username: 'viewer', domain: nil) }
+
+        it 'keeps the local-only status in the result set' do
+          expect(Status.as_tag_timeline(tag, viewer)).to include(status)
+        end
+      end
+    end
   end
 
   describe '.permitted_for' do

spec/policies/status_policy_spec.rb

@@ -71,6 +71,18 @@ RSpec.describe StatusPolicy, type: :model do
 
       expect(subject).to_not permit(viewer, status)
     end
+
+    it 'denies access when local-only and the viewer is not logged in' do
+      allow(status).to receive(:local_only?) { true }
+
+      expect(subject).to_not permit(nil, status)
+    end
+
+    it 'denies access when local-only and the viewer is from another domain' do
+      viewer = Fabricate(:account, domain: 'remote-domain')
+      allow(status).to receive(:local_only?) { true }
+      expect(subject).to_not permit(viewer, status)
+    end
   end
 
   permissions :reblog? do