From e35a6b12e1972b24f457d592b1be21b20ad43f4b Mon Sep 17 00:00:00 2001 From: heikkari Date: Mon, 16 Aug 2021 00:40:33 +0300 Subject: [PATCH] Fix: User's invisibility status is exposed --- src/routes/users/fetch_user.rs | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/routes/users/fetch_user.rs b/src/routes/users/fetch_user.rs index 831735f3..387c0cf7 100644 --- a/src/routes/users/fetch_user.rs +++ b/src/routes/users/fetch_user.rs @@ -5,7 +5,7 @@ use rocket::serde::json::Value; #[get("/")] pub async fn req(user: User, target: Ref) -> Result { - let target = target.fetch_user().await?; + let mut target = target.fetch_user().await?; let perm = permissions::PermissionCalculator::new(&user) .with_user(&target) @@ -16,5 +16,15 @@ pub async fn req(user: User, target: Ref) -> Result { Err(Error::MissingPermission)? } + // If the user's status is `Presence::Invisible`, return it as `Presence::Offline` + if let Some(mut status) = target.status { + if let Some(presence) = status.presence { + if presence == Presence::Invisible { + status.presence = Some(Presence::Offline); + target.status = Some(status); + } + } + } + Ok(json!(target.from(&user).with(perm))) }