From 73226360fc0b91d40e09142f4d323ea25c89e4a7 Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Fri, 28 Jan 2022 20:04:02 -0700
Subject: [PATCH] Update ApiV1Controller, fix private status replies returning
 404

---
 app/Http/Controllers/Api/ApiV1Controller.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/Api/ApiV1Controller.php b/app/Http/Controllers/Api/ApiV1Controller.php
index 9236c9086..35cc3231f 100644
--- a/app/Http/Controllers/Api/ApiV1Controller.php
+++ b/app/Http/Controllers/Api/ApiV1Controller.php
@@ -2514,9 +2514,15 @@ class ApiV1Controller extends Controller
 
 		$limit = $request->input('limit', 3);
 		$pid = $request->user()->profile_id;
-		$status = StatusService::getMastodon($id);
+		$status = StatusService::getMastodon($id, false);
 
-		abort_if(!$status || !in_array($status['visibility'], ['public', 'unlisted']), 404);
+		abort_if(!$status, 404);
+
+		if($status['visibility'] == 'private') {
+			if($pid != $status['account']['id']) {
+				abort_unless(FollowerService::follows($pid, $status['account']['id']), 404);
+			}
+		}
 
 		$sortBy = $request->input('sort', 'all');