Add disabled setting for live and topic feeds, as well as user permission to bypass that (#36563)

app/models/form/admin_settings.rb

@@ -87,7 +87,7 @@ class Form::AdminSettings
   DESCRIPTION_LIMIT = 200
   DOMAIN_BLOCK_AUDIENCES = %w(disabled users all).freeze
   REGISTRATION_MODES = %w(open approved none).freeze
-  FEED_ACCESS_MODES = %w(public authenticated).freeze
+  FEED_ACCESS_MODES = %w(public authenticated disabled).freeze
 
   attr_accessor(*KEYS)
 

app/models/link_feed.rb

@@ -15,18 +15,30 @@ class LinkFeed < PublicFeed
   # @param [Integer] min_id
   # @return [Array<Status>]
   def get(limit, max_id = nil, since_id = nil, min_id = nil)
+    return [] if incompatible_feed_settings?
+
     scope = public_scope
 
     scope.merge!(discoverable)
     scope.merge!(attached_to_preview_card)
     scope.merge!(account_filters_scope) if account?
     scope.merge!(language_scope) if account&.chosen_languages.present?
+    scope.merge!(local_only_scope) if local_only?
+    scope.merge!(remote_only_scope) if remote_only?
 
     scope.to_a_paginated_by_id(limit, max_id: max_id, since_id: since_id, min_id: min_id)
   end
 
   private
 
+  def local_feed_setting
+    Setting.local_topic_feed_access
+  end
+
+  def remote_feed_setting
+    Setting.remote_topic_feed_access
+  end
+
   def attached_to_preview_card
     Status.joins(:preview_cards_status).where(preview_cards_status: { preview_card_id: @preview_card.id })
   end

app/models/public_feed.rb

@@ -19,6 +19,8 @@ class PublicFeed
   # @param [Integer] min_id
   # @return [Array<Status>]
   def get(limit, max_id = nil, since_id = nil, min_id = nil)
+    return [] if incompatible_feed_settings?
+
     scope = public_scope
 
     scope.merge!(without_replies_scope) unless with_replies?
@@ -36,6 +38,21 @@ class PublicFeed
 
   attr_reader :account, :options
 
+  def incompatible_feed_settings?
+    (local_only? && !user_has_access_to_feed?(local_feed_setting)) || (remote_only? && !user_has_access_to_feed?(remote_feed_setting))
+  end
+
+  def user_has_access_to_feed?(setting)
+    case setting
+    when 'public'
+      true
+    when 'authenticated'
+      @account&.user&.functional?
+    when 'disabled'
+      @account&.user&.can?(:view_feeds)
+    end
+  end
+
   def with_reblogs?
     options[:with_reblogs]
   end
@@ -44,12 +61,20 @@ class PublicFeed
     options[:with_replies]
   end
 
+  def local_feed_setting
+    Setting.local_live_feed_access
+  end
+
+  def remote_feed_setting
+    Setting.remote_live_feed_access
+  end
+
   def local_only?
-    options[:local] && !options[:remote]
+    (options[:local] && !options[:remote]) || !user_has_access_to_feed?(remote_feed_setting)
   end
 
   def remote_only?
-    options[:remote] && !options[:local]
+    (options[:remote] && !options[:local]) || !user_has_access_to_feed?(local_feed_setting)
   end
 
   def account?

app/models/tag_feed.rb

@@ -23,6 +23,8 @@ class TagFeed < PublicFeed
   # @param [Integer] min_id
   # @return [Array<Status>]
   def get(limit, max_id = nil, since_id = nil, min_id = nil)
+    return [] if incompatible_feed_settings?
+
     scope = public_scope
 
     scope.merge!(tagged_with_any_scope)
@@ -38,6 +40,14 @@ class TagFeed < PublicFeed
 
   private
 
+  def local_feed_setting
+    Setting.local_topic_feed_access
+  end
+
+  def remote_feed_setting
+    Setting.remote_topic_feed_access
+  end
+
   def tagged_with_any_scope
     Status.group(:id).tagged_with(tags_for(Array(@tag.name) | Array(options[:any])))
   end

app/models/user_role.rb

@@ -36,6 +36,7 @@ class UserRole < ApplicationRecord
     manage_roles: (1 << 17),
     manage_user_access: (1 << 18),
     delete_user_data: (1 << 19),
+    view_feeds: (1 << 20),
   }.freeze
 
   EVERYONE_ROLE_ID = -99
@@ -67,6 +68,7 @@ class UserRole < ApplicationRecord
         manage_blocks
         manage_taxonomies
         manage_invites
+        view_feeds
       ).freeze,
 
       administration: %i(