From b65eb00c53af939444e0e891c0a3a4563f4897ac Mon Sep 17 00:00:00 2001
From: Alda Marteau-Hardi <github@ltch.fr>
Date: Sat, 7 Apr 2018 21:33:01 +0200
Subject: [PATCH] Prevent admins and moderators eavesdropping in private and
 direct toots (#7067)

Fix #6986
---
 app/controllers/admin/statuses_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/admin/statuses_controller.rb b/app/controllers/admin/statuses_controller.rb
index 5d4325f57..d5787acfb 100644
--- a/app/controllers/admin/statuses_controller.rb
+++ b/app/controllers/admin/statuses_controller.rb
@@ -12,7 +12,7 @@ module Admin
     def index
       authorize :status, :index?
 
-      @statuses = @account.statuses
+      @statuses = @account.statuses.where(visibility: [:public, :unlisted])
 
       if params[:media]
         account_media_status_ids = @account.media_attachments.attached.reorder(nil).select(:status_id).distinct