Only search in public data for now.

This should be the data the user is allowed to see later, but this
will stop accidental private message leaks.

lib/pleroma/web/mastodon_api/mastodon_api_controller.ex

@@ -507,6 +507,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
       from(
         a in Activity,
         where: fragment("?->>'type' = 'Create'", a.data),
+        where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients,
         where:
           fragment(
             "to_tsvector('english', ?->'object'->>'content') @@ plainto_tsquery('english', ?)",

lib/pleroma/web/twitter_api/twitter_api.ex

@@ -193,6 +193,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
       from(
         a in Activity,
         where: fragment("?->>'type' = 'Create'", a.data),
+        where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients,
         where:
           fragment(
             "to_tsvector('english', ?->'object'->>'content') @@ plainto_tsquery('english', ?)",

test/web/mastodon_api/mastodon_api_controller_test.exs

@@ -564,6 +564,13 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
     user_three = insert(:user, %{nickname: "shp@heldscal.la", name: "I love 2hu"})
 
     {:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})
+
+    {:ok, _activity} =
+      CommonAPI.post(user, %{
+        "status" => "This is about 2hu, but private",
+        "visibility" => "private"
+      })
+
     {:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})
 
     conn =