Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow anonymous profile view #1304

Open
wants to merge 10 commits into
base: hometown-dev
Choose a base branch
from

Commits on Apr 10, 2023

  1. Exempt Emoji API endpoint from auth

    When viewing a profile anonymously, the request for custom emoji will show a 401 Unauthorized error to the user. Exempt this endpoint from the authentication requirement.
    ironiridis committed Apr 10, 2023
    Configuration menu
    Copy the full SHA
    1c4948d View commit details
    Browse the repository at this point in the history
  2. Move unless criteria into boolean method

    It's helpful to be able to ask the parent class whether we would disallow API access based on the current request (and hence whether we know the requesting user) rather than simply based on configuration. This doesn't appear to regress any existing functionality.
    ironiridis committed Apr 10, 2023
    Configuration menu
    Copy the full SHA
    9fbcfe7 View commit details
    Browse the repository at this point in the history
  3. Add user-oriented helper methods

    This centralizes the core check for the user's preferences into a single helper method, and gives us one place to change the user preference flag if it turns out user_prefers_noindex isn't appropriate. Also adds a convenience error response specific to the user visibility situation.
    ironiridis committed Apr 10, 2023
    Configuration menu
    Copy the full SHA
    0c9c7b8 View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    135b9f5 View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    86ba692 View commit details
    Browse the repository at this point in the history
  6. Configuration menu
    Copy the full SHA
    744f500 View commit details
    Browse the repository at this point in the history
  7. Configuration menu
    Copy the full SHA
    7d7e61d View commit details
    Browse the repository at this point in the history

Commits on May 7, 2023

  1. Review fix: Use only directive for all auth skips

    IanWhitney's review pointed out that it is more consistent and a safer default to include the "only:" directive for all cases where we skip the user authentication requirement. In particular: if a future public method is added to this controller, it should not be implicitly available pre-auth.
    ironiridis committed May 7, 2023
    Configuration menu
    Copy the full SHA
    e6f8a67 View commit details
    Browse the repository at this point in the history
  2. Review fix: Avoid ternary expressions

    It seems I let my inner C programmer get the better of me. Per IanWhitney's review, Ruby's if structures are expressions and return values, which make them more suitable than a ternary expression in terms of readability.
    ironiridis committed May 7, 2023
    Configuration menu
    Copy the full SHA
    3897eaa View commit details
    Browse the repository at this point in the history
  3. Review fix: Restructure for early return

    Per IanWhitney's review, the complex logic with the unless clause is pretty clumsy. We can check this condition first and return false immediately, and leave the remaining logic as a simpler statement on its own.
    ironiridis committed May 7, 2023
    Configuration menu
    Copy the full SHA
    641b071 View commit details
    Browse the repository at this point in the history