From 9207a4f1640e95f32f1ace3f7146f157310d339c Mon Sep 17 00:00:00 2001 From: LittleSheep Date: Tue, 3 Sep 2024 20:07:20 +0800 Subject: [PATCH] :sparkles: Prevent blocked user see friend visible level posts --- pkg/internal/services/accounts.go | 28 ++++++++++++++++++++++++++++ pkg/internal/services/posts.go | 7 ++++++- 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/pkg/internal/services/accounts.go b/pkg/internal/services/accounts.go index b7a083b..cc7674b 100644 --- a/pkg/internal/services/accounts.go +++ b/pkg/internal/services/accounts.go @@ -41,6 +41,34 @@ func ListAccountFriends(user models.Account) ([]models.Account, error) { return accounts, nil } +func ListAccountBlockedUsers(user models.Account) ([]models.Account, error) { + ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) + defer cancel() + + pc, err := gap.H.GetServiceGrpcConn(hyper.ServiceTypeAuthProvider) + if err != nil { + return nil, fmt.Errorf("failed to listing account blocked users: %v", err) + } + result, err := proto.NewAuthClient(pc).ListUserBlocklist(ctx, &proto.ListUserRelativeRequest{ + UserId: uint64(user.ID), + IsRelated: true, + }) + if err != nil { + return nil, fmt.Errorf("failed to listing account blocked users: %v", err) + } + + out := lo.Map(result.Data, func(item *proto.SimpleUserInfo, index int) uint { + return uint(item.Id) + }) + + var accounts []models.Account + if err = database.C.Where("id IN ?", out).Find(&accounts).Error; err != nil { + return nil, fmt.Errorf("failed to linking listed blocked users: %v", err) + } + + return accounts, nil +} + func ModifyPosterVoteCount(user models.Account, isUpvote bool, delta int) error { if isUpvote { user.TotalUpvote += delta diff --git a/pkg/internal/services/posts.go b/pkg/internal/services/posts.go index 41bb0d3..372887e 100644 --- a/pkg/internal/services/posts.go +++ b/pkg/internal/services/posts.go @@ -32,12 +32,17 @@ func FilterPostWithUserContext(tx *gorm.DB, user *models.Account) *gorm.DB { friendAllowList := lo.Map(friends, func(item models.Account, index int) uint { return item.ID }) + blocked, _ := ListAccountBlockedUsers(*user) + blockedDisallowList := lo.Map(blocked, func(item models.Account, index int) uint { + return item.ID + }) tx = tx.Where( - "(visibility != ? OR (visibility != ? AND author_id IN ?) OR (visibility = ? AND ?) OR (visibility = ? AND NOT ?) OR author_id = ?)", + "(visibility != ? OR (visibility != ? AND author_id IN ? AND author_id NOT IN ?) OR (visibility = ? AND ?) OR (visibility = ? AND NOT ?) OR author_id = ?)", NoneVisibility, FriendsVisibility, friendAllowList, + blockedDisallowList, SelectedVisibility, datatypes.JSONQuery("visible_users").HasKey(strconv.Itoa(int(user.ID))), FilteredVisibility,