From 9a74443a4b8f6e4cf34e47d253ccecd546ddbd03 Mon Sep 17 00:00:00 2001
From: Israel Barreto Sant'Anna <ibsa14@inf.ufpr.br>
Date: Thu, 19 Oct 2017 11:09:10 -0200
Subject: [PATCH] Fixed LO drafts activities privacy

---
 app/controllers/v1/feed_controller.rb | 16 +++++++---------
 app/models/concerns/trackable.rb      |  3 ++-
 app/policies/activity_policy.rb       |  2 +-
 3 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/app/controllers/v1/feed_controller.rb b/app/controllers/v1/feed_controller.rb
index 98892dbb3..e33e03b62 100644
--- a/app/controllers/v1/feed_controller.rb
+++ b/app/controllers/v1/feed_controller.rb
@@ -33,24 +33,22 @@ class V1::FeedController < ApplicationController
   private
 
   def activities_followed
-    query = ""
+    query = "privacy = 'public' and ("
     values = [""]
 
     # builds a query string to find all relevant activities
     current_user.watching.each do |watching|
-        if !watching.respond_to?(:state) || watching.state == "published"
-          # Activities that are made by, owned by, or change the object you follow should be found
-          query += " (trackable_type = ? and trackable_id = ?) or (owner_type = ? and owner_id = ?) or (recipient_type = ? and recipient_id = ?) or"
-          values << watching.class.to_s
-          values << watching.id
-          values << watching.class.to_s
-          values << watching.id
+      if !watching.respond_to?(:state) || watching.state == "published"
+        # Activities that are made by, owned by, or change the object you follow should be found
+        query += " (trackable_type = ? and trackable_id = ?) or (owner_type = ? and owner_id = ?) or (recipient_type = ? and recipient_id = ?) or"
+        3.times do
           values << watching.class.to_s
           values << watching.id
         end
+      end
     end
 
-    values[0] = query[0..-3] # remove trailing "or" on the query
+    values[0] = query[0..-3]+")" # remove trailing "or" on the query
     return PublicActivity::Activity.where(key: activities_filter).where(values).order(created_at: :desc)
   end
 
diff --git a/app/models/concerns/trackable.rb b/app/models/concerns/trackable.rb
index 44289aee7..346e46a7e 100644
--- a/app/models/concerns/trackable.rb
+++ b/app/models/concerns/trackable.rb
@@ -69,6 +69,7 @@ module Trackable
   end
 
   def activity_privacy
-    proc { |_controller, model| model.try(:privacy) || 'public' }
+    proc { |_controller, model| model.try(:privacy) || model.try(:recipient).try(:privacy) || 'public' }
   end
+
 end
diff --git a/app/policies/activity_policy.rb b/app/policies/activity_policy.rb
index 8d98a493f..2d1b16d69 100644
--- a/app/policies/activity_policy.rb
+++ b/app/policies/activity_policy.rb
@@ -31,7 +31,7 @@ class ActivityPolicy < ApplicationPolicy
       if user_can_edit?
         scope.includes(:owner,:recipient).order('created_at DESC').all
       else
-        scope.includes(:owner,:recipient).where("privacy = 'public'").where(key: activities_filter).order('created_at DESC').all
+        scope.includes(:owner,:recipient).where(privacy: 'public').where(key: activities_filter).order('created_at DESC').all
       end
     end
 
-- 
GitLab