diff --git a/app/models/admin/status_batch_action.rb b/app/models/admin/status_batch_action.rb index 7bf6fa6dafe79f6cee5c1aded4c2c17c96f8f5ae..0ec4fef82a3e7a1af96bca41e2f26fcd31651494 100644 --- a/app/models/admin/status_batch_action.rb +++ b/app/models/admin/status_batch_action.rb @@ -40,7 +40,7 @@ class Admin::StatusBatchAction end def handle_delete! - statuses.each { |status| authorize(status, :destroy?) } + statuses.each { |status| authorize([:admin, status], :destroy?) } ApplicationRecord.transaction do statuses.each do |status| @@ -75,7 +75,7 @@ class Admin::StatusBatchAction statuses.includes(:media_attachments, :preview_cards).find_each do |status| next unless status.with_media? || status.with_preview_card? - authorize(status, :update?) + authorize([:admin, status], :update?) if target_account.local? UpdateStatusService.new.call(status, representative_account.id, sensitive: true) diff --git a/app/models/trends/status_batch.rb b/app/models/trends/status_batch.rb index 78d93bed44524ba01dc43b24276837b49e151652..f9b97b2244b6d509848827dae4ddee12f2a1f797 100644 --- a/app/models/trends/status_batch.rb +++ b/app/models/trends/status_batch.rb @@ -30,7 +30,7 @@ class Trends::StatusBatch end def approve! - statuses.each { |status| authorize(status, :review?) } + statuses.each { |status| authorize([:admin, status], :review?) } statuses.update_all(trendable: true) end @@ -45,7 +45,7 @@ class Trends::StatusBatch end def reject! - statuses.each { |status| authorize(status, :review?) } + statuses.each { |status| authorize([:admin, status], :review?) } statuses.update_all(trendable: false) end