Add privacy control to user profiles

2023-08-25 14:43:12 -07:00 · 2023-08-25 14:43:12 -07:00 · 549589728e
commit 549589728e
parent 5562c92d46
1 changed files with 10 additions and 3 deletions
--- a/app/controllers/api/v1/users_controller.rb
+++ b/app/controllers/api/v1/users_controller.rb
@ -63,6 +63,7 @@ module Api
                    .where(name_quality)
                    .where(user_quality)
                    .where(original)
+                    .where(privacy)
                    .order(created_at: :desc)
                    .paginate(page: request.params[:page], per_page: COLLECTION_PER_PAGE)
                    .each do |party|
@ -117,15 +118,15 @@ module Api
          # Advanced filters: Team parameters
          unless params['full_auto'].blank? || params['full_auto'].to_i == -1
            hash[:full_auto] =
-params['full_auto'].to_i
+              params['full_auto'].to_i
          end
          unless params['auto_guard'].blank? || params['auto_guard'].to_i == -1
            hash[:auto_guard] =
-params['auto_guard'].to_i
+              params['auto_guard'].to_i
          end
          unless params['charge_attack'].blank? || params['charge_attack'].to_i == -1
            hash[:charge_attack] =
-params['charge_attack'].to_i
+              params['charge_attack'].to_i
          end

          # Turn count of 0 will not be displayed, so disallow on the frontend or set default to 1
@ -176,6 +177,12 @@ params['charge_attack'].to_i
        "name NOT IN (#{joined_names})"
      end

+      def privacy
+        return if admin_mode
+
+        'visibility = 1' if current_user != @user
+      end
+
      # Specify whitelisted properties that can be modified.
      def set
        @user = User.find_by('lower(username) = ?', params[:id].downcase)