FIX: Never allow custom emoji to be marked secure (PR #8965)

  • Because custom emoji count as post “uploads” we were marking them as secure when updating the secure status for post uploads.
  • We were also giving them an access control post id, which meant broken image previews from 403 errors in the admin custom emoji list.
  • We now check if an upload is used as a custom emoji and do not assign the access control post + never mark as secure.


You’ve signed the CLA, martin-brennan. Thank you! This pull request is ready for review.