user_view: add fn to return sanitized fields

This commit is contained in:
eiknat 2020-08-07 22:43:33 -04:00
parent 1d8183fe5f
commit 492e8ad655
2 changed files with 30 additions and 1 deletions

View file

@ -223,4 +223,33 @@ impl UserView {
.filter(banned.eq(true))
.load::<Self>(conn)
}
pub fn get_user_secure(conn: &PgConnection, user_id: i32) -> Result<Self, Error> {
use super::user_view::user_fast::dsl::*;
use diesel::sql_types::{Nullable, Text};
user_fast
.select((
id,
actor_id,
name,
preferred_username,
avatar,
banner,
"".into_sql::<Nullable<Text>>(),
matrix_user_id,
bio,
local,
admin,
banned,
show_avatars,
send_notifications_to_email,
published,
number_of_posts,
post_score,
number_of_comments,
comment_score,
))
.find(user_id)
.first::<Self>(conn)
}
}

View file

@ -857,7 +857,7 @@ impl Perform for Oper<BanUser> {
blocking(pool, move |conn| ModBan::create(conn, &form)).await??;
let user_id = data.user_id;
let user_view = blocking(pool, move |conn| UserView::read(conn, user_id)).await??;
let user_view = blocking(pool, move |conn| UserView::get_user_secure(conn, user_id)).await??;
let res = BanUserResponse {
user: user_view,