CommonAPI: Forbid disallowed status (un)muting and unpinning

When a user tried to unpin a status not belonging to them, a full
MastoAPI response was sent back even if status was not visible to them.

Ditto with (un)mutting except ownership.

lib/pleroma/web/common_api.ex

@@ -554,6 +554,7 @@ defmodule Pleroma.Web.CommonAPI do
   @spec unpin(String.t(), User.t()) :: {:ok, Activity.t()} | Pipeline.errors()
   def unpin(id, user) do
     with %Activity{} = activity <- create_activity_by_id(id),
+         true <- activity_belongs_to_actor(activity, user.ap_id),
          {:ok, unpin_data, _} <- Builder.unpin(user, activity.object),
          {:ok, _unpin, _} <-
            Pipeline.common_pipeline(unpin_data,
@@ -570,7 +571,8 @@ defmodule Pleroma.Web.CommonAPI do
   def add_mute(activity, user, params \\ %{}) do
     expires_in = Map.get(params, :expires_in, 0)
 
-    with {:ok, _} <- ThreadMute.add_mute(user.id, activity.data["context"]),
+    with true <- Visibility.visible_for_user?(activity, user),
+         {:ok, _} <- ThreadMute.add_mute(user.id, activity.data["context"]),
          _ <- Pleroma.Notification.mark_context_as_read(user, activity.data["context"]) do
       if expires_in > 0 do
         Pleroma.Workers.MuteExpireWorker.new(
@@ -583,13 +585,18 @@ defmodule Pleroma.Web.CommonAPI do
       {:ok, activity}
     else
       {:error, _} -> {:error, dgettext("errors", "conversation is already muted")}
+      false -> {:error, :visibility_error}
     end
   end
 
   @spec remove_mute(Activity.t(), User.t()) :: {:ok, Activity.t()} | {:error, any()}
   def remove_mute(%Activity{} = activity, %User{} = user) do
-    ThreadMute.remove_mute(user.id, activity.data["context"])
-    {:ok, activity}
+    if Visibility.visible_for_user?(activity, user) do
+      ThreadMute.remove_mute(user.id, activity.data["context"])
+      {:ok, activity}
+    else
+      {:error, :visibility_error}
+    end
   end
 
   @spec remove_mute(String.t(), String.t()) :: {:ok, Activity.t()} | {:error, any()}