Add privacy control to user profiles

2023-08-25 14:43:12 -07:00 · 2023-08-25 14:43:12 -07:00 · 549589728e
commit 549589728e
parent 5562c92d46
1 changed files with 10 additions and 3 deletions
--- a/app/controllers/api/v1/users_controller.rb
+++ b/app/controllers/api/v1/users_controller.rb
@ -63,6 +63,7 @@ module Api
                    .where(name_quality)
                    .where(user_quality)
                    .where(original)
+                    .where(privacy)
                    .order(created_at: :desc)
                    .paginate(page: request.params[:page], per_page: COLLECTION_PER_PAGE)
                    .each do |party|
@ -176,6 +177,12 @@ params['charge_attack'].to_i
        "name NOT IN (#{joined_names})"
      end

+      def privacy
+        return if admin_mode
+
+        'visibility = 1' if current_user != @user
+      end
+
      # Specify whitelisted properties that can be modified.
      def set
        @user = User.find_by('lower(username) = ?', params[:id].downcase)