From 3ac7d9e2b080e46fdc9008d5a9d4aec5c16e9b0a Mon Sep 17 00:00:00 2001 From: Echo Date: Sat, 31 May 2025 22:46:40 -0400 Subject: [PATCH] allow users to hide stats from public lookup --- app/controllers/api/v1/stats_controller.rb | 4 ++++ app/controllers/users_controller.rb | 2 +- app/models/user.rb | 2 ++ app/views/users/edit.html.erb | 15 +++++++++++++++ ...0000_add_allow_public_stats_lookup_to_users.rb | 5 +++++ db/schema.rb | 3 ++- 6 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 db/migrate/20250531120000_add_allow_public_stats_lookup_to_users.rb diff --git a/app/controllers/api/v1/stats_controller.rb b/app/controllers/api/v1/stats_controller.rb index 1fe63d0..1db9262 100644 --- a/app/controllers/api/v1/stats_controller.rb +++ b/app/controllers/api/v1/stats_controller.rb @@ -34,6 +34,10 @@ class Api::V1::StatsController < ApplicationController return render plain: "User not found", status: :not_found unless @user.present? + if !@user.allow_public_stats_lookup && (!current_user || current_user != @user) + return render json: { error: "user has disabled public stats" }, status: :forbidden + end + start_date = params[:start_date].to_datetime if params[:start_date].present? start_date ||= 10.years.ago end_date = params[:end_date].to_datetime if params[:end_date].present? diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index d6f375a..9dd0fe9 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -100,6 +100,6 @@ class UsersController < ApplicationController end def user_params - params.require(:user).permit(:uses_slack_status, :hackatime_extension_text_type, :timezone) + params.require(:user).permit(:uses_slack_status, :hackatime_extension_text_type, :timezone, :allow_public_stats_lookup) end end diff --git a/app/models/user.rb b/app/models/user.rb index 3446e5e..189aebc 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -7,6 +7,8 @@ class User < ApplicationRecord validates :timezone, inclusion: { in: TZInfo::Timezone.all_identifiers }, allow_nil: false validates :country_code, inclusion: { in: ISO3166::Country.codes }, allow_nil: true + attribute :allow_public_stats_lookup, :boolean, default: true + def country_name ISO3166::Country.new(country_code).common_name end diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb index 29b7d17..781d67f 100644 --- a/app/views/users/edit.html.erb +++ b/app/views/users/edit.html.erb @@ -212,6 +212,21 @@

+
+

Privacy

+ <%= form_with model: @user, + url: @is_own_settings ? my_settings_path : settings_user_path(@user), + method: :patch do |f| %> +
+ +
+ <%= f.submit "Save Settings" %> + <% end %> +
+ <% admin_tool do %>

WakaTime Mirror

diff --git a/db/migrate/20250531120000_add_allow_public_stats_lookup_to_users.rb b/db/migrate/20250531120000_add_allow_public_stats_lookup_to_users.rb new file mode 100644 index 0000000..f9e7731 --- /dev/null +++ b/db/migrate/20250531120000_add_allow_public_stats_lookup_to_users.rb @@ -0,0 +1,5 @@ +class AddAllowPublicStatsLookupToUsers < ActiveRecord::Migration[7.0] + def change + add_column :users, :allow_public_stats_lookup, :boolean, default: true, null: false + end +end diff --git a/db/schema.rb b/db/schema.rb index 2cc1732..22b8c7c 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[8.0].define(version: 2025_05_30_135145) do +ActiveRecord::Schema[8.0].define(version: 2025_05_31_120000) do create_schema "pganalyze" # These are extensions that must be enabled in order to support this database @@ -426,6 +426,7 @@ ActiveRecord::Schema[8.0].define(version: 2025_05_30_135145) do t.integer "trust_level", default: 0, null: false t.string "country_code" t.string "mailing_address_otc" + t.boolean "allow_public_stats_lookup", default: true, null: false t.index ["slack_uid"], name: "index_users_on_slack_uid", unique: true t.index ["timezone"], name: "index_users_on_timezone" end