return :visible instead of boolean
This commit is contained in:
parent
b1aa402229
commit
1671864d88
|
@ -272,7 +272,7 @@ def account_status(%User{confirmation_pending: true}) do
|
||||||
def account_status(%User{}), do: :active
|
def account_status(%User{}), do: :active
|
||||||
|
|
||||||
@spec visible_for(User.t(), User.t() | nil) ::
|
@spec visible_for(User.t(), User.t() | nil) ::
|
||||||
boolean()
|
:visible
|
||||||
| :invisible
|
| :invisible
|
||||||
| :restricted_unauthenticated
|
| :restricted_unauthenticated
|
||||||
| :deactivated
|
| :deactivated
|
||||||
|
@ -281,7 +281,7 @@ def visible_for(user, for_user \\ nil)
|
||||||
|
|
||||||
def visible_for(%User{invisible: true}, _), do: :invisible
|
def visible_for(%User{invisible: true}, _), do: :invisible
|
||||||
|
|
||||||
def visible_for(%User{id: user_id}, %User{id: user_id}), do: true
|
def visible_for(%User{id: user_id}, %User{id: user_id}), do: :visible
|
||||||
|
|
||||||
def visible_for(%User{} = user, nil) do
|
def visible_for(%User{} = user, nil) do
|
||||||
if restrict_unauthenticated?(user) do
|
if restrict_unauthenticated?(user) do
|
||||||
|
@ -292,10 +292,14 @@ def visible_for(%User{} = user, nil) do
|
||||||
end
|
end
|
||||||
|
|
||||||
def visible_for(%User{} = user, for_user) do
|
def visible_for(%User{} = user, for_user) do
|
||||||
superuser?(for_user) || visible_account_status(user)
|
if superuser?(for_user) do
|
||||||
|
:visible
|
||||||
|
else
|
||||||
|
visible_account_status(user)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def visible_for(_, _), do: false
|
def visible_for(_, _), do: :invisible
|
||||||
|
|
||||||
defp restrict_unauthenticated?(%User{local: local}) do
|
defp restrict_unauthenticated?(%User{local: local}) do
|
||||||
config_key = if local, do: :local, else: :remote
|
config_key = if local, do: :local, else: :remote
|
||||||
|
@ -305,7 +309,12 @@ defp restrict_unauthenticated?(%User{local: local}) do
|
||||||
|
|
||||||
defp visible_account_status(user) do
|
defp visible_account_status(user) do
|
||||||
status = account_status(user)
|
status = account_status(user)
|
||||||
status in [:active, :password_reset_pending] || status
|
|
||||||
|
if status in [:active, :password_reset_pending] do
|
||||||
|
:visible
|
||||||
|
else
|
||||||
|
status
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
@spec superuser?(User.t()) :: boolean()
|
@spec superuser?(User.t()) :: boolean()
|
||||||
|
|
|
@ -221,7 +221,7 @@ def relationships(%{assigns: %{user: _user}} = conn, _), do: json(conn, [])
|
||||||
@doc "GET /api/v1/accounts/:id"
|
@doc "GET /api/v1/accounts/:id"
|
||||||
def show(%{assigns: %{user: for_user}} = conn, %{id: nickname_or_id}) do
|
def show(%{assigns: %{user: for_user}} = conn, %{id: nickname_or_id}) do
|
||||||
with %User{} = user <- User.get_cached_by_nickname_or_id(nickname_or_id, for: for_user),
|
with %User{} = user <- User.get_cached_by_nickname_or_id(nickname_or_id, for: for_user),
|
||||||
true <- User.visible_for(user, for_user) do
|
:visible <- User.visible_for(user, for_user) do
|
||||||
render(conn, "show.json", user: user, for: for_user)
|
render(conn, "show.json", user: user, for: for_user)
|
||||||
else
|
else
|
||||||
error -> user_visibility_error(conn, error)
|
error -> user_visibility_error(conn, error)
|
||||||
|
@ -231,7 +231,7 @@ def show(%{assigns: %{user: for_user}} = conn, %{id: nickname_or_id}) do
|
||||||
@doc "GET /api/v1/accounts/:id/statuses"
|
@doc "GET /api/v1/accounts/:id/statuses"
|
||||||
def statuses(%{assigns: %{user: reading_user}} = conn, params) do
|
def statuses(%{assigns: %{user: reading_user}} = conn, params) do
|
||||||
with %User{} = user <- User.get_cached_by_nickname_or_id(params.id, for: reading_user),
|
with %User{} = user <- User.get_cached_by_nickname_or_id(params.id, for: reading_user),
|
||||||
true <- User.visible_for(user, reading_user) do
|
:visible <- User.visible_for(user, reading_user) do
|
||||||
params =
|
params =
|
||||||
params
|
params
|
||||||
|> Map.delete(:tagged)
|
|> Map.delete(:tagged)
|
||||||
|
|
|
@ -35,7 +35,7 @@ def render("index.json", %{users: users} = opts) do
|
||||||
end
|
end
|
||||||
|
|
||||||
def render("show.json", %{user: user} = opts) do
|
def render("show.json", %{user: user} = opts) do
|
||||||
if User.visible_for(user, opts[:for]) == true do
|
if User.visible_for(user, opts[:for]) == :visible do
|
||||||
do_render("show.json", opts)
|
do_render("show.json", opts)
|
||||||
else
|
else
|
||||||
%{}
|
%{}
|
||||||
|
|
|
@ -1293,7 +1293,7 @@ test "returns false for a non-invisible user" do
|
||||||
test "returns true when the account is itself" do
|
test "returns true when the account is itself" do
|
||||||
user = insert(:user, local: true)
|
user = insert(:user, local: true)
|
||||||
|
|
||||||
assert User.visible_for(user, user)
|
assert User.visible_for(user, user) == :visible
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns false when the account is unauthenticated and auth is required" do
|
test "returns false when the account is unauthenticated and auth is required" do
|
||||||
|
@ -1302,14 +1302,14 @@ test "returns false when the account is unauthenticated and auth is required" do
|
||||||
user = insert(:user, local: true, confirmation_pending: true)
|
user = insert(:user, local: true, confirmation_pending: true)
|
||||||
other_user = insert(:user, local: true)
|
other_user = insert(:user, local: true)
|
||||||
|
|
||||||
refute User.visible_for(user, other_user) == true
|
refute User.visible_for(user, other_user) == :visible
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns true when the account is unauthenticated and auth is not required" do
|
test "returns true when the account is unauthenticated and auth is not required" do
|
||||||
user = insert(:user, local: true, confirmation_pending: true)
|
user = insert(:user, local: true, confirmation_pending: true)
|
||||||
other_user = insert(:user, local: true)
|
other_user = insert(:user, local: true)
|
||||||
|
|
||||||
assert User.visible_for(user, other_user)
|
assert User.visible_for(user, other_user) == :visible
|
||||||
end
|
end
|
||||||
|
|
||||||
test "returns true when the account is unauthenticated and being viewed by a privileged account (auth required)" do
|
test "returns true when the account is unauthenticated and being viewed by a privileged account (auth required)" do
|
||||||
|
@ -1318,7 +1318,7 @@ test "returns true when the account is unauthenticated and being viewed by a pri
|
||||||
user = insert(:user, local: true, confirmation_pending: true)
|
user = insert(:user, local: true, confirmation_pending: true)
|
||||||
other_user = insert(:user, local: true, is_admin: true)
|
other_user = insert(:user, local: true, is_admin: true)
|
||||||
|
|
||||||
assert User.visible_for(user, other_user)
|
assert User.visible_for(user, other_user) == :visible
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue