Sanitize remote html in atom feeds, API (not just UI), use cached mention

relations on Status#mentions

app/helpers/application_helper.rb

@@ -12,6 +12,14 @@ module ApplicationHelper
     id.start_with?("tag:#{Rails.configuration.x.local_domain}")
   end
 
+  def content_for_status(actual_status)
+    if actual_status.local?
+      linkify(actual_status)
+    else
+      sanitize(actual_status.content, tags: %w(a br p), attributes: %w(href rel))
+    end
+  end
+
   def linkify(status)
     mention_hash = {}
     status.mentions.each { |m| mention_hash[m.acct] = m }

app/helpers/atom_builder_helper.rb

@@ -137,13 +137,7 @@ module AtomBuilderHelper
 
   def conditionally_formatted(activity)
     if activity.is_a?(Status)
-      if activity.reblog? && activity.reblog.local?
-        linkify(activity.reblog)
-      elsif !activity.reblog? && activity.local?
-        linkify(activity)
-      else
-        activity.content
-      end
+      content_for_status(activity.reblog? ? activity.reblog : activity)
     elsif activity.nil?
       nil
     else

app/helpers/stream_entries_helper.rb

@@ -27,12 +27,4 @@ module StreamEntriesHelper
   def favourited_by_me_class(status)
     user_signed_in? && current_user.account.favourited?(status) ? 'favourited' : ''
   end
-
-  def content_for_status(actual_status)
-    if actual_status.local?
-      linkify(actual_status)
-    else
-      sanitize(actual_status.content, tags: %w(a br p), attributes: %w(href rel))
-    end
-  end
 end

app/models/status.rb

@@ -60,22 +60,15 @@ class Status < ActiveRecord::Base
   end
 
   def mentions
-    m = []
-
-    m << thread.account if reply?
-    m << reblog.account if reblog?
-
-    unless reblog?
-      self.text.scan(Account::MENTION_RE).each do |match|
-        uri = match.first
-        username, domain = uri.split('@')
-        account = Account.find_by(username: username, domain: domain)
-
-        m << account unless account.nil?
-      end
+    if @mentions.nil?
+      @mentions = []
+      @mentions << thread.account if reply?
+      @mentions << reblog.account if reblog?
+      self.mentioned_accounts.each { |mention| @mentions << mention.account } unless reblog?
+      @mentions = @mentions.uniq
     end
 
-    m.uniq
+    @mentions
   end
 
   def ancestors

app/views/api/statuses/show.rabl

@@ -2,7 +2,7 @@ object @status
 attributes :id, :created_at, :in_reply_to_id
 
 node(:uri)              { |status| uri_for_target(status) }
-node(:content)          { |status| status.local? ? linkify(status) : status.content }
+node(:content)          { |status| content_for_status(status) }
 node(:url)              { |status| url_for_target(status) }
 node(:reblogs_count)    { |status| status.reblogs_count }
 node(:favourites_count) { |status| status.favourites_count }

spec/models/status_spec.rb

@@ -50,7 +50,7 @@ RSpec.describe Status, type: :model do
     end
 
     it 'returns mentioned accounts' do
-      subject.text = 'Hello @bob!'
+      subject.mentioned_accounts.create!(account: bob)
       expect(subject.mentions).to include bob
     end