gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix(api): filter private properties from public user api (#17653)

Browse Source
This commit is contained in:
Stuart Taylor
2018-06-20 15:19:39 +01:00
committed by mrugesh mohapatra
parent ec63a2fff0
commit c9155092b0
3 changed files with 100 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
common/app/routes/Profile/components/CamperHOC.jsx
View File

@ -54,11 +54,11 @@ function CamperHOC({
return ( return (
<div> <div>
<Camper <Camper
about={ showAbout && about } about={ showAbout ? about : '' }
location={ showLocation && location } location={ showLocation ? location : '' }
name={ showName && name } name={ showName ? name : '' }
picture={ picture } picture={ picture }
points={ showPoints ? points : 0 } points={ showPoints ? points : null }
username={ username } username={ username }
/> />
<hr /> <hr />

47
common/app/routes/Settings/components/Privacy-Settings.jsx
View File

@ -27,6 +27,7 @@ const propTypes = {
isLocked: PropTypes.bool, isLocked: PropTypes.bool,
showAbout: PropTypes.bool, showAbout: PropTypes.bool,
showCerts: PropTypes.bool, showCerts: PropTypes.bool,
showDonation: PropTypes.bool,
showHeatMap: PropTypes.bool, showHeatMap: PropTypes.bool,
showLocation: PropTypes.bool, showLocation: PropTypes.bool,
showName: PropTypes.bool, showName: PropTypes.bool,
@ -39,15 +40,16 @@ const propTypes = {
function PrivacySettings(props) { function PrivacySettings(props) {
const { const {
isLocked, isLocked = true,
showAbout, showAbout = false,
showCerts, showCerts = false,
showHeatMap, showDonation = false,
showLocation, showHeatMap = false,
showName, showLocation = false,
showPoints, showName = false,
showPortfolio, showPoints = false,
showTimeLine, showPortfolio = false,
showTimeLine = false,
updateMyProfileUI, updateMyProfileUI,
user user
} = props; } = props;
@ -63,7 +65,7 @@ function PrivacySettings(props) {
</p> </p>
<p>There is also a button to see what data we hold on your account</p> <p>There is also a button to see what data we hold on your account</p>
<ToggleSetting <ToggleSetting
action='Make my profile completely private' action='My profile'
explain={ explain={
'While your profile is completely private, no one will be able to ' + 'While your profile is completely private, no one will be able to ' +
'see your certifications' 'see your certifications'
@ -75,7 +77,7 @@ function PrivacySettings(props) {
toggleFlag={ toggleFlag('isLocked') } toggleFlag={ toggleFlag('isLocked') }
/> />
<ToggleSetting <ToggleSetting
action='Make my name completely private' action='My name'
flag={ !showName } flag={ !showName }
flagName='name' flagName='name'
offLabel='Public' offLabel='Public'
@ -83,7 +85,7 @@ function PrivacySettings(props) {
toggleFlag={ toggleFlag('showName') } toggleFlag={ toggleFlag('showName') }
/> />
<ToggleSetting <ToggleSetting
action='Make my location completely private' action='My location'
flag={ !showLocation } flag={ !showLocation }
flagName='showLocation' flagName='showLocation'
offLabel='Public' offLabel='Public'
@ -91,7 +93,7 @@ function PrivacySettings(props) {
toggleFlag={ toggleFlag('showLocation') } toggleFlag={ toggleFlag('showLocation') }
/> />
<ToggleSetting <ToggleSetting
action='Make my "about me" completely private' action='My "about me"'
flag={ !showAbout } flag={ !showAbout }
flagName='showAbout' flagName='showAbout'
offLabel='Public' offLabel='Public'
@ -99,7 +101,7 @@ function PrivacySettings(props) {
toggleFlag={ toggleFlag('showAbout') } toggleFlag={ toggleFlag('showAbout') }
/> />
<ToggleSetting <ToggleSetting
action='Make my points completely private' action='My points'
flag={ !showPoints } flag={ !showPoints }
flagName='showPoints' flagName='showPoints'
offLabel='Public' offLabel='Public'
@ -107,7 +109,7 @@ function PrivacySettings(props) {
toggleFlag={ toggleFlag('showPoints') } toggleFlag={ toggleFlag('showPoints') }
/> />
<ToggleSetting <ToggleSetting
action='Make my heat map completely private' action='My heat map'
flag={ !showHeatMap } flag={ !showHeatMap }
flagName='showHeatMap' flagName='showHeatMap'
offLabel='Public' offLabel='Public'
@ -115,7 +117,7 @@ function PrivacySettings(props) {
toggleFlag={ toggleFlag('showHeatMap') } toggleFlag={ toggleFlag('showHeatMap') }
/> />
<ToggleSetting <ToggleSetting
action='Make my certifications completely private' action='My certifications'
explain='Your certifications will be disabled' explain='Your certifications will be disabled'
flag={ !showCerts } flag={ !showCerts }
flagName='showCerts' flagName='showCerts'
@ -124,7 +126,7 @@ function PrivacySettings(props) {
toggleFlag={ toggleFlag('showCerts') } toggleFlag={ toggleFlag('showCerts') }
/> />
<ToggleSetting <ToggleSetting
action='Make my portfolio completely private' action='My portfolio'
flag={ !showPortfolio } flag={ !showPortfolio }
flagName='showPortfolio' flagName='showPortfolio'
offLabel='Public' offLabel='Public'
@ -132,13 +134,22 @@ function PrivacySettings(props) {
toggleFlag={ toggleFlag('showPortfolio') } toggleFlag={ toggleFlag('showPortfolio') }
/> />
<ToggleSetting <ToggleSetting
action='Make my time line completely private' action='My time line'
explain='Your certifications will be disabled'
flag={ !showTimeLine } flag={ !showTimeLine }
flagName='showTimeLine' flagName='showTimeLine'
offLabel='Public' offLabel='Public'
onLabel='Private' onLabel='Private'
toggleFlag={ toggleFlag('showTimeLine') } toggleFlag={ toggleFlag('showTimeLine') }
/> />
<ToggleSetting
action='My donations'
flag={ !showDonation }
flagName='showPortfolio'
offLabel='Public'
onLabel='Private'
toggleFlag={ toggleFlag('showDonation') }
/>
</FullWidthRow> </FullWidthRow>
<FullWidthRow> <FullWidthRow>
<Spacer /> <Spacer />

77
common/models/user.js
View File

@ -841,26 +841,83 @@ module.exports = function(User) {
}); });
}; };
function prepUserForPublish(user, profileUI) {
const {
about,
calendar,
completedChallenges,
isDonating,
location,
name,
points,
portfolio,
streak,
username
} = user;
const {
isLocked = true,
showAbout = false,
showCerts = false,
showDonation = false,
showHeatMap = false,
showLocation = false,
showName = false,
showPoints = false,
showPortfolio = false,
showTimeLine = false
} = profileUI;
if (isLocked) {
return {
isLocked,
username
};
}
return {
...user,
about: showAbout ? about : '',
calendar: showHeatMap ? calendar : {},
completedChallenges: showCerts && showTimeLine ? completedChallenges : [],
isDonating: showDonation ? isDonating : null,
location: showLocation ? location : '',
name: showName ? name : '',
points: showPoints ? points : null,
portfolio: showPortfolio ? portfolio : [],
streak: showHeatMap ? streak : {}
};
}
User.getPublicProfile = function getPublicProfile(username, cb) { User.getPublicProfile = function getPublicProfile(username, cb) {
return User.findOne$({ where: { username }}) return User.findOne$({ where: { username }})
.flatMap(user => { .flatMap(user => {
if (!user) { if (!user) {
return Observable.of({}); return Observable.of({});
} }
const { completedChallenges, progressTimestamps, timezone } = user; const {
completedChallenges,
progressTimestamps,
timezone,
profileUI
} = user;
const allUser = {
..._.pick(user, publicUserProps),
isGithub: !!user.githubProfile,
isLinkedIn: !!user.linkedIn,
isTwitter: !!user.twitter,
isWebsite: !!user.website,
points: progressTimestamps.length,
completedChallenges,
...getProgress(progressTimestamps, timezone),
...normaliseUserFields(user)
};
const publicUser = prepUserForPublish(allUser, profileUI);
return Observable.of({ return Observable.of({
entities: { entities: {
user: { user: {
[user.username]: { [user.username]: {
..._.pick(user, publicUserProps), ...publicUser
isGithub: !!user.githubProfile,
isLinkedIn: !!user.linkedIn,
isTwitter: !!user.twitter,
isWebsite: !!user.website,
points: progressTimestamps.length,
completedChallenges,
...getProgress(progressTimestamps, timezone),
...normaliseUserFields(user)
} }
} }
}, },