From 285bd4854bb83e7e7b8010d759bdb03ff64a446c Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Tue, 28 Apr 2020 00:12:49 -0600
Subject: [PATCH] Update ApiV1Controller, enforce public timeline setting

---
 app/Http/Controllers/Api/ApiV1Controller.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/Http/Controllers/Api/ApiV1Controller.php b/app/Http/Controllers/Api/ApiV1Controller.php
index 1a9e4220f..83cc2af05 100644
--- a/app/Http/Controllers/Api/ApiV1Controller.php
+++ b/app/Http/Controllers/Api/ApiV1Controller.php
@@ -1397,6 +1397,8 @@ class ApiV1Controller extends Controller
      */
     public function timelinePublic(Request $request)
     {
+        abort_if(!config('instance.timeline.local.is_public') && !$request->user(), 403);
+        
         $this->validate($request,[
           'page'        => 'nullable|integer|max:40',
           'min_id'      => 'nullable|integer|min:0|max:' . PHP_INT_MAX,