alias Pleroma.Conversation.Participation
alias Pleroma.Delivery
alias Pleroma.FollowingRelationship
+ alias Pleroma.HTML
alias Pleroma.Keys
alias Pleroma.Notification
alias Pleroma.Object
def visible_for?(%User{invisible: true}, _), do: false
- def visible_for?(%User{id: user_id}, %User{id: for_id}) when user_id == for_id, do: true
+ def visible_for?(%User{id: user_id}, %User{id: user_id}), do: true
+
+ def visible_for?(%User{local: local} = user, nil) do
+ cfg_key =
+ if local,
+ do: :local,
+ else: :remote
+
+ if Config.get([:restrict_unauthenticated, :profiles, cfg_key]),
+ do: false,
+ else: account_status(user) == :active
+ end
def visible_for?(%User{} = user, for_user) do
account_status(user) == :active || superuser?(for_user)
|> validate_required([:invisible])
|> update_and_set_cache()
end
+
+ def sanitize_html(%User{} = user) do
+ sanitize_html(user, nil)
+ end
+
+ # User data that mastodon isn't filtering (treated as plaintext):
+ # - field name
+ # - display name
+ def sanitize_html(%User{} = user, filter) do
+ fields =
+ user
+ |> User.fields()
+ |> Enum.map(fn %{"name" => name, "value" => value} ->
+ %{
+ "name" => name,
+ "value" => HTML.filter_tags(value, Pleroma.HTML.Scrubber.LinksOnly)
+ }
+ end)
+
+ user
+ |> Map.put(:bio, HTML.filter_tags(user.bio, filter))
+ |> Map.put(:fields, fields)
+ end
end