diff options
| author | Johann150 <johann.galle@protonmail.com> | 2022-06-11 09:14:44 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-06-11 16:14:44 +0900 |
| commit | 7db09103e76218f6c867f4a9f1cbc2dd25512e3d (patch) | |
| tree | 755a9b534816938d94bd2fd67976c1b410b193e3 /packages/backend/src/server | |
| parent | New Crowdin updates (#8669) (diff) | |
| download | sharkey-7db09103e76218f6c867f4a9f1cbc2dd25512e3d.tar.gz sharkey-7db09103e76218f6c867f4a9f1cbc2dd25512e3d.tar.bz2 sharkey-7db09103e76218f6c867f4a9f1cbc2dd25512e3d.zip | |
chore: synchronize visibility checks (#8687)
* reuse single meId parameter
* unify code style
Use template string to avoid having to use escaped quote marks.
* fix: follower only notes are visible to mentioned users
This synchronizes the visibility rules with the Notes.isVisibleForMe
method from packages/backend/src/models/repositories/note.ts
* add comment
Diffstat (limited to 'packages/backend/src/server')
| -rw-r--r-- | packages/backend/src/server/api/common/generate-visibility-query.ts | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/packages/backend/src/server/api/common/generate-visibility-query.ts b/packages/backend/src/server/api/common/generate-visibility-query.ts index 715982934c..b50b6812f4 100644 --- a/packages/backend/src/server/api/common/generate-visibility-query.ts +++ b/packages/backend/src/server/api/common/generate-visibility-query.ts @@ -3,6 +3,7 @@ import { Followings } from '@/models/index.js'; import { Brackets, SelectQueryBuilder } from 'typeorm'; export function generateVisibilityQuery(q: SelectQueryBuilder<any>, me?: { id: User['id'] } | null) { + // This code must always be synchronized with the checks in Notes.isVisibleForMe. if (me == null) { q.andWhere(new Brackets(qb => { qb .where(`note.visibility = 'public'`) @@ -11,7 +12,7 @@ export function generateVisibilityQuery(q: SelectQueryBuilder<any>, me?: { id: U } else { const followingQuery = Followings.createQueryBuilder('following') .select('following.followeeId') - .where('following.followerId = :followerId', { followerId: me.id }); + .where('following.followerId = :meId'); q.andWhere(new Brackets(qb => { qb // 公開投稿である @@ -20,21 +21,22 @@ export function generateVisibilityQuery(q: SelectQueryBuilder<any>, me?: { id: U .orWhere(`note.visibility = 'home'`); })) // または 自分自身 - .orWhere('note.userId = :userId1', { userId1: me.id }) + .orWhere('note.userId = :meId') // または 自分宛て - .orWhere(`'{"${me.id}"}' <@ note.visibleUserIds`) + .orWhere(':meId = ANY(note.visibleUserIds)') + .orWhere(':meId = ANY(note.mentions)') .orWhere(new Brackets(qb => { qb // または フォロワー宛ての投稿であり、 - .where('note.visibility = \'followers\'') + .where(`note.visibility = 'followers'`) .andWhere(new Brackets(qb => { qb // 自分がフォロワーである .where(`note.userId IN (${ followingQuery.getQuery() })`) // または 自分の投稿へのリプライ - .orWhere('note.replyUserId = :userId3', { userId3: me.id }); + .orWhere('note.replyUserId = :meId'); })); })); })); - q.setParameters(followingQuery.getParameters()); + q.setParameters({ meId: me.id }); } } |