Hide profile information from anonymous users
Review Request #9887 — Created April 23, 2018 and submitted
Previously, public profile information was available to anonymous users.
Now we limit public profile information to authenticated users only. If
a user marks their profile as private nothing has changed and it will
still not be visible to authenticated users (except for themselves and
staff). User infoboxes now use the updated logic so the same information
is visible.While I was here I cleaned up the other profile test docstrings.
To make things consistent for LocalSites, LocalSite admins can now view
private profiles of their LocalSite members.
Ran unit tests.
Viewed a public profile while logged out and saw no profile information
aside from username.Viewed a userbox for a user with a public profile and only saw their
username.
Description | From | Last Updated |
---|---|---|
Also needs the following tests: None user Local Site team member with public profile Local Site team member with private … |
chipx86 | |
"Otherwise" doesn't sound right here. I'd say "For authenticated users, ..." |
chipx86 | |
If we can check not_private first, that'll save us a possible query. |
chipx86 | |
"Testing" and "LocalSite" |
chipx86 | |
"Testing" and "LocalSite" |
chipx86 | |
"LocalSite" |
chipx86 | |
"LocalSite" |
chipx86 | |
Let's also assert the values from each of these. |
chipx86 |
Change Summary:
Post all the changes!
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 2 (+48 -7) |
Checks run (2 succeeded)
-
-
Also needs the following tests:
None
user- Local Site team member with public profile
- Local Site team member with private profile
- Local Site admin with public profile
- Local Site admin with private profile
-
reviewboard/accounts/models.py (Diff revision 2) "Otherwise" doesn't sound right here. I'd say "For authenticated users, ..."
Change Summary:
Addressed Christian's feedback.
Description: |
|
|||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Commit: |
|
|||||||||||||||||||||||||||||||||
Diff: |
Revision 3 (+122 -9) |
Checks run (2 succeeded)
-
-
reviewboard/accounts/models.py (Diff revision 3) If we can check
not_private
first, that'll save us a possible query. -
-
Change Summary:
Addressed Christian's issues.
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 4 (+122 -9) |
Checks run (2 succeeded)
Change Summary:
Addressed feedback.
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 5 (+122 -9) |
Checks run (2 succeeded)
Change Summary:
Fix failing unit test, add another
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 6 (+160 -14) |
Checks run (2 succeeded)
Change Summary:
Remove debug code.
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 7 (+155 -14) |
Checks run (2 succeeded)
Change Summary:
For real tho.
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 8 (+149 -14) |
Checks run (2 succeeded)
-
-
reviewboard/webapi/tests/test_user.py (Diff revision 8) Let's also assert the values from each of these.
Change Summary:
Addressed Christian's feedback.
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 9 (+150 -14) |