From 7654205408f538240c12a63e2446dcfbde1adeee Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Sun, 5 Jan 2020 21:52:40 -0700
Subject: [PATCH] Update ProfileController

---
 app/Http/Controllers/ProfileController.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php
index e004a4d4b..20e4d08ec 100644
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -237,10 +237,12 @@ class ProfileController extends Controller
         abort_if(!config('instance.stories.enabled') || !$request->user(), 404);
         $profile = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
         $pid = $profile->id;
+        $authed = Auth::user()->profile;
+        abort_if($pid != $authed->id && $profile->followedBy($authed) == false, 404);
         $exists = Story::whereProfileId($pid)
             ->where('expires_at', '>', now())
             ->count();
-        abort_unless($exists > 1, 404);
+        abort_unless($exists > 0, 404);
         return view('profile.story', compact('pid'));
     }
 }