From 389100dae260a6d340e9ddbf3a9f00f375f0096e Mon Sep 17 00:00:00 2001
From: "byte[]" <byteslice@airmail.cc>
Date: Tue, 8 Sep 2020 19:03:18 -0400
Subject: [PATCH] require tampering permission to see votes

---
 lib/philomena_web/controllers/image/favorite_controller.ex | 2 +-
 lib/philomena_web/controllers/image/tamper_controller.ex   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/philomena_web/controllers/image/favorite_controller.ex b/lib/philomena_web/controllers/image/favorite_controller.ex
index b0f67d1e..3893755e 100644
--- a/lib/philomena_web/controllers/image/favorite_controller.ex
+++ b/lib/philomena_web/controllers/image/favorite_controller.ex
@@ -17,7 +17,7 @@ defmodule PhilomenaWeb.Image.FavoriteController do
   end
 
   defp load_votes_if_authorized(conn, _opts) do
-    case Canada.Can.can?(conn.assigns.current_user, :hide, conn.assigns.image) do
+    case Canada.Can.can?(conn.assigns.current_user, :tamper, conn.assigns.image) do
       true ->
         image = Repo.preload(conn.assigns.image, upvotes: :user, downvotes: :user, hides: :user)
 
diff --git a/lib/philomena_web/controllers/image/tamper_controller.ex b/lib/philomena_web/controllers/image/tamper_controller.ex
index 93c259d9..7a08809f 100644
--- a/lib/philomena_web/controllers/image/tamper_controller.ex
+++ b/lib/philomena_web/controllers/image/tamper_controller.ex
@@ -8,7 +8,7 @@ defmodule PhilomenaWeb.Image.TamperController do
   alias Philomena.ImageVotes
   alias Philomena.Repo
 
-  plug PhilomenaWeb.CanaryMapPlug, create: :hide
+  plug PhilomenaWeb.CanaryMapPlug, create: :tamper
   plug :load_and_authorize_resource, model: Image, id_name: "image_id", persisted: true
   plug :load_resource, model: User, id_name: "user_id", persisted: true