From 6698901d57caefd6cefcd6abb2b6c19b0a9154f9 Mon Sep 17 00:00:00 2001
From: Claire <claire.github-309c@sitedethib.com>
Date: Mon, 19 Jan 2026 14:47:27 +0100
Subject: [PATCH] Fix potential duplicate handling of quote
 accept/reject/delete (#37537)

---
 app/lib/activitypub/activity/accept.rb | 2 +-
 app/lib/activitypub/activity/delete.rb | 2 +-
 app/models/quote.rb                    | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/lib/activitypub/activity/accept.rb b/app/lib/activitypub/activity/accept.rb
index 144ba9645..92a8190c0 100644
--- a/app/lib/activitypub/activity/accept.rb
+++ b/app/lib/activitypub/activity/accept.rb
@@ -46,7 +46,7 @@ class ActivityPub::Activity::Accept < ActivityPub::Activity
 
   def accept_quote!(quote)
     approval_uri = value_or_id(first_of_value(@json['result']))
-    return if unsupported_uri_scheme?(approval_uri) || quote.quoted_account != @account || !quote.status.local?
+    return if unsupported_uri_scheme?(approval_uri) || quote.quoted_account != @account || !quote.status.local? || !quote.pending?
 
     # NOTE: we are not going through `ActivityPub::VerifyQuoteService` as the `Accept` is as authoritative
     # as the stamp, but this means we are not checking the stamp, which may lead to inconsistencies
diff --git a/app/lib/activitypub/activity/delete.rb b/app/lib/activitypub/activity/delete.rb
index 3e77f9b95..f606d9520 100644
--- a/app/lib/activitypub/activity/delete.rb
+++ b/app/lib/activitypub/activity/delete.rb
@@ -56,7 +56,7 @@ class ActivityPub::Activity::Delete < ActivityPub::Activity
   end
 
   def revoke_quote
-    @quote = Quote.find_by(approval_uri: object_uri, quoted_account: @account)
+    @quote = Quote.find_by(approval_uri: object_uri, quoted_account: @account, state: [:pending, :accepted])
     return if @quote.nil?
 
     ActivityPub::Forwarder.new(@account, @json, @quote.status).forward! if @quote.status.present?
diff --git a/app/models/quote.rb b/app/models/quote.rb
index e81d42708..4ad393e3a 100644
--- a/app/models/quote.rb
+++ b/app/models/quote.rb
@@ -51,9 +51,9 @@ class Quote < ApplicationRecord
 
   def reject!
     if accepted?
-      update!(state: :revoked)
+      update!(state: :revoked, approval_uri: nil)
     elsif !revoked?
-      update!(state: :rejected)
+      update!(state: :rejected, approval_uri: nil)
     end
   end