fix: hide metadata of private notes #8641
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
packages/backend
Johann150
force-pushed
the
hidden-notes
branch
2 times, most recently
from
533a765 to
7a76b5b
Compare
|
I discovered some issues with this, it needs more testing. |
|
Rebased to remove the changes that were already merged in #8838. |
Raise an error When a note is not visible to the requesting user.
If a note is not visible to the requesting user, an error will be raised.
Instead of just hiding specific fields, the entire note is hidden. This means that metadata of the note such as who is the author, when was it sent are completely hidden.
Instead of packing the note for public user before passing it to streams, the note is now either packed for the user the respective stream belongs to (`mainStream`) or not packed at all and then packed later (`notesStream`). Because this is a new common task between different channels, a shared implementation of packing a note from notesStream is created. This implementation will simply skip a note if it is not visible to the user that the channel belongs to.
The `isHidden` attribute is not being set any more and is thus removed. Handling in the client is no longer necessary.
Packing with detail can cause an error if the reply or renote are not visible to the user, even though the original note is visible to the user.
|
There are many merge conflicts and I do not have time or motivation to refactor to the new code layout. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What
getNotegetter is expanded to also check visibility as this is a common task across all API endpointsNotes.findor similar are replaced by uses ofgetNoteso the visibility is checked properlyNotes.packwill return an error if the note is not visible to the specified user instead of only hiding metadataNotes.packManyis modified to not throw an error, but only filters out notes that would have raised an errorNotes.packproperly handle the new errorWhy
fix #8317
Additional Info
The
hideNotefunction has been removed. This has the additional advantage that it removes duplicated code for checking the visibility of a note already inisVisibleForMe.Users will no longer be able to see notes that are not visible to them. The previous behaviour was to show the note just with the text replaced by a message that the note is not visible to the user. The new behaviour is that the server claims that the note does not exist at all if it is not visible to the user.
Users will no longer be able to reply to or renote notes that are not visible to them.