Implement basic privacy settings (#392)

* Add ability for clients to submit and retrieve privacy settings data

* Make slot pages and user pages respect user's privacy settings

* Prevent webhook from publishing new levels if user's privacy settings disallow it

* Hide levels/profiles from respective pages depending on privacy settings

* Apply suggestions from review
This commit is contained in:
Jayden 2022-08-02 18:22:56 -04:00 committed by GitHub
commit 2ab1e72037
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 210 additions and 12 deletions

View file

@ -31,6 +31,29 @@ public class SlotPage : BaseLayout
.Where(s => s.Type == SlotType.User)
.FirstOrDefaultAsync(s => s.SlotId == id);
if (slot == null) return this.NotFound();
System.Diagnostics.Debug.Assert(slot.Creator != null);
// Determine if user can view slot according to creator's privacy settings
if (this.User == null || !this.User.IsAdmin)
{
switch (slot.Creator.ProfileVisibility)
{
case PrivacyType.PSN:
{
if (this.User != null) return this.NotFound();
break;
}
case PrivacyType.Game:
{
if (slot.Creator != this.User) return this.NotFound();
break;
}
case PrivacyType.All: break;
default: throw new ArgumentOutOfRangeException();
}
}
this.Slot = slot;

View file

@ -3,6 +3,7 @@ using System.Text;
using LBPUnion.ProjectLighthouse.Configuration;
using LBPUnion.ProjectLighthouse.Levels;
using LBPUnion.ProjectLighthouse.PlayerData;
using LBPUnion.ProjectLighthouse.PlayerData.Profiles;
using LBPUnion.ProjectLighthouse.Servers.Website.Pages.Layouts;
using LBPUnion.ProjectLighthouse.Types;
using Microsoft.AspNetCore.Mvc;
@ -70,6 +71,7 @@ public class SlotsPage : BaseLayout
.Where(p => p.Type == SlotType.User)
.Where(p => p.Name.Contains(finalSearch.ToString()))
.Where(p => p.Creator != null && (targetAuthor == null || string.Equals(p.Creator.Username.ToLower(), targetAuthor.ToLower())))
.Where(p => p.Creator!.LevelVisibility == PrivacyType.All) // TODO: change check for when user is logged in
.Where(p => targetGame == null || p.GameVersion == targetGame)
.OrderByDescending(p => p.FirstUploaded)
.Skip(pageNumber * ServerStatics.PageSize)

View file

@ -28,6 +28,28 @@ public class UserPage : BaseLayout
this.ProfileUser = await this.Database.Users.FirstOrDefaultAsync(u => u.UserId == userId);
if (this.ProfileUser == null) return this.NotFound();
// Determine if user can view profile according to profileUser's privacy settings
if (this.User == null || !this.User.IsAdmin)
{
switch (this.ProfileUser.ProfileVisibility)
{
case PrivacyType.PSN:
{
if (this.User != null) return this.NotFound();
break;
}
case PrivacyType.Game:
{
if (this.ProfileUser != this.User) return this.NotFound();
break;
}
case PrivacyType.All: break;
default: throw new ArgumentOutOfRangeException();
}
}
this.Photos = await this.Database.Photos.Include(p => p.Slot).OrderByDescending(p => p.Timestamp).Where(p => p.CreatorId == userId).Take(6).ToListAsync();
if (this.CommentsEnabled)
{

View file

@ -37,6 +37,7 @@ public class UsersPage : BaseLayout
if (this.PageNumber < 0 || this.PageNumber >= this.PageAmount) return this.Redirect($"/users/{Math.Clamp(this.PageNumber, 0, this.PageAmount - 1)}");
this.Users = await this.Database.Users.Where(u => !u.Banned && u.Username.Contains(this.SearchValue))
.Where(u => u.ProfileVisibility == PrivacyType.All) // TODO: change check for when user is logged in
.OrderByDescending(b => b.UserId)
.Skip(pageNumber * ServerStatics.PageSize)
.Take(ServerStatics.PageSize)