From: Alda Marteau-Hardi <github@ltch.fr>
Date: Sat, 7 Apr 2018 19:33:01 +0000 (+0200)
Subject: Prevent admins and moderators eavesdropping in private and direct toots (#7067)
X-Git-Url: https://git.xn--scling-oua.cat.family/?a=commitdiff_plain;h=b65eb00c53af939444e0e891c0a3a4563f4897ac;p=mastodon.git

Prevent admins and moderators eavesdropping in private and direct toots (#7067)

Fix #6986
---

diff --git a/app/controllers/admin/statuses_controller.rb b/app/controllers/admin/statuses_controller.rb
index 5d4325f57..d5787acfb 100644
--- a/app/controllers/admin/statuses_controller.rb
+++ b/app/controllers/admin/statuses_controller.rb
@@ -12,7 +12,7 @@ module Admin
     def index
       authorize :status, :index?
 
-      @statuses = @account.statuses
+      @statuses = @account.statuses.where(visibility: [:public, :unlisted])
 
       if params[:media]
         account_media_status_ids = @account.media_attachments.attached.reorder(nil).select(:status_id).distinct