user_status redirect: check visibility independent of token

2023-03-02 21:54:17 +01:00 · 2023-03-02 21:54:17 +01:00 · aa56023788
commit aa56023788
parent 6a734a094b
1 changed files with 19 additions and 24 deletions
--- a/lib/Travelynx/Controller/Traveling.pm
+++ b/lib/Travelynx/Controller/Traveling.pm
@ -528,32 +528,27 @@ sub user_status {
 			)
 		  )
 		{
-			my $token = $self->param('token');
-			if ($token) {
-				my $visibility = $self->compute_effective_visibility(
-					$user->{default_visibility_str},
-					$journey->{visibility_str}
-				);
-				if (
-					$visibility eq 'public'
-					or (    $visibility eq 'unlisted'
-						and $self->journey_token_ok( $journey, $ts ) )
-					or (
-						$visibility eq 'travelynx'
-						and (  $self->is_user_authenticated
-							or $self->journey_token_ok( $journey, $ts ) )
-					)
-				  )
-				{
-					$self->redirect_to(
-						"/p/${name}/j/$journey->{id}?token=${token}-${ts}");
-				}
-				else {
-					$self->render('not_found');
-				}
+			my $visibility
+			  = $self->compute_effective_visibility(
+				$user->{default_visibility_str},
+				$journey->{visibility_str} );
+			if (
+				$visibility eq 'public'
+				or (    $visibility eq 'unlisted'
+					and $self->journey_token_ok( $journey, $ts ) )
+				or (
+					$visibility eq 'travelynx'
+					and (  $self->is_user_authenticated
+						or $self->journey_token_ok( $journey, $ts ) )
+				)
+			  )
+			{
+				my $token = $self->param('token') // q{};
+				$self->redirect_to(
+					"/p/${name}/j/$journey->{id}?token=${token}-${ts}");
 			}
 			else {
-				$self->redirect_to("/p/${name}/j/$journey->{id}");
+				$self->render('not_found');
 			}
 			return;
 		}