From 9e2250783c14a045be96396d4563cfa5d9562d7e Mon Sep 17 00:00:00 2001
From: Paul <paulmakles@gmail.com>
Date: Wed, 7 Apr 2021 19:21:25 +0100
Subject: [PATCH] Allow people with mutual connections to see profile / status;
fix username check.
---
Cargo.lock | 2 +-
Cargo.toml | 2 +-
src/database/entities/user.rs | 2 +-
src/database/permissions/mod.rs | 6 +++---
src/database/permissions/user.rs | 5 +++--
src/routes/root.rs | 2 +-
6 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index 91ad0db..908f390 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2475,7 +2475,7 @@ dependencies = [
[[package]]
name = "revolt"
-version = "0.4.0-alpha.5"
+version = "0.4.0-alpha.6"
dependencies = [
"async-std",
"async-tungstenite",
diff --git a/Cargo.toml b/Cargo.toml
index 40d9685..c51af08 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
[package]
name = "revolt"
-version = "0.4.0-alpha.5"
+version = "0.4.0-alpha.6"
authors = ["Paul Makles <paulmakles@gmail.com>"]
edition = "2018"
diff --git a/src/database/entities/user.rs b/src/database/entities/user.rs
index c3b7b2c..a89b023 100644
--- a/src/database/entities/user.rs
+++ b/src/database/entities/user.rs
@@ -110,7 +110,7 @@ impl User {
/// Utility function for checking claimed usernames.
pub async fn is_username_taken(username: &str) -> Result<bool> {
- if username == "revolt" && username == "admin" {
+ if username.to_lowercase() == "revolt" && username.to_lowercase() == "admin" {
return Ok(true);
}
diff --git a/src/database/permissions/mod.rs b/src/database/permissions/mod.rs
index c29427e..7fc9b26 100644
--- a/src/database/permissions/mod.rs
+++ b/src/database/permissions/mod.rs
@@ -11,7 +11,7 @@ pub struct PermissionCalculator<'a> {
user: Option<&'a User>,
channel: Option<&'a Channel>,
- has_mutual_conncetion: bool,
+ has_mutual_connection: bool,
}
impl<'a> PermissionCalculator<'a> {
@@ -22,7 +22,7 @@ impl<'a> PermissionCalculator<'a> {
user: None,
channel: None,
- has_mutual_conncetion: false,
+ has_mutual_connection: false,
}
}
@@ -42,7 +42,7 @@ impl<'a> PermissionCalculator<'a> {
pub fn with_mutual_connection(self) -> PermissionCalculator<'a> {
PermissionCalculator {
- has_mutual_conncetion: true,
+ has_mutual_connection: true,
..self
}
}
diff --git a/src/database/permissions/user.rs b/src/database/permissions/user.rs
index 4ff42bf..7d516ee 100644
--- a/src/database/permissions/user.rs
+++ b/src/database/permissions/user.rs
@@ -64,7 +64,7 @@ impl<'a> PermissionCalculator<'a> {
_ => {}
}
- if self.has_mutual_conncetion
+ if self.has_mutual_connection
|| get_collection("channels")
.find_one(
doc! {
@@ -84,7 +84,8 @@ impl<'a> PermissionCalculator<'a> {
})?
.is_some()
{
- return Ok(UserPermission::Access as u32);
+ // ! FIXME: add privacy settings
+ return Ok(UserPermission::Access + UserPermission::ViewProfile);
}
Ok(permissions)
diff --git a/src/routes/root.rs b/src/routes/root.rs
index 719af3d..c18ec1e 100644
--- a/src/routes/root.rs
+++ b/src/routes/root.rs
@@ -9,7 +9,7 @@ use rocket_contrib::json::JsonValue;
#[get("/")]
pub async fn root() -> JsonValue {
json!({
- "revolt": "0.4.0-alpha.5",
+ "revolt": "0.4.0-alpha.6",
"features": {
"registration": !*DISABLE_REGISTRATION,
"captcha": {
--
GitLab