From 2d95c85c8b8b5f349232d2bada89dfd85c421a73 Mon Sep 17 00:00:00 2001
From: Matt Jankowski <matt@jankowski.online>
Date: Wed, 30 Jul 2025 16:06:27 -0400
Subject: [PATCH] Avoid `return not_found...` in api/web/embeds

---
 app/controllers/api/web/embeds_controller.rb | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/app/controllers/api/web/embeds_controller.rb b/app/controllers/api/web/embeds_controller.rb
index f82c1c50d79..64375b25314 100644
--- a/app/controllers/api/web/embeds_controller.rb
+++ b/app/controllers/api/web/embeds_controller.rb
@@ -4,10 +4,9 @@ class Api::Web::EmbedsController < Api::Web::BaseController
   include Authorization
 
   before_action :set_status
+  before_action :verify_embed_allowed
 
   def show
-    return not_found if @status.hidden?
-
     if @status.local?
       render json: @status, serializer: OEmbedSerializer
     else
@@ -27,6 +26,12 @@ class Api::Web::EmbedsController < Api::Web::BaseController
     end
   end
 
+  private
+
+  def verify_embed_allowed
+    not_found if @status.hidden?
+  end
+
   def set_status
     @status = Status.find(params[:id])
     authorize @status, :show?