owlchester · ilestis · Jul 11, 2024 · Jul 11, 2024 · Jul 11, 2024 · Jul 11, 2024
diff --git a/app/Console/Commands/Cleanup/CleanupTrashedCampaigns.php b/app/Console/Commands/Cleanup/CleanupTrashedCampaigns.php
@@ -52,7 +52,7 @@ public function handle()
         Campaign::observe(CampaignObserver::class);
 
         $count = $this->service->purgeDeleted();
-        $log = 'Deleted ' . $count  . ' trashed campaigns.';
+        $log = 'Deleted ' . $count . ' trashed campaigns.';
         $this->info($log);
         $this->log($log);
 

diff --git a/app/Http/Controllers/Entity/MoveController.php b/app/Http/Controllers/Entity/MoveController.php
@@ -54,24 +54,24 @@ public function move(MoveEntityRequest $request, Campaign $campaign, Entity $ent
         }
 
         $copied = $request->filled('copy');
-//        try {
-            $this->service
-                ->entity($entity)
-                ->campaign($campaign)
-                ->user($request->user())
-                ->to($request->get('campaign'))
-                ->copy($copied)
-                ->validate()
-                ->process()
-            ;
+        //        try {
+        $this->service
+            ->entity($entity)
+            ->campaign($campaign)
+            ->user($request->user())
+            ->to($request->get('campaign'))
+            ->copy($copied)
+            ->validate()
+            ->process()
+        ;
 
-            return redirect()
-                ->route($entity->pluralType() . '.index', $campaign)
-                ->with('success_raw', __('entities/move.success' . ($copied ? '_copy' : null), ['name' => $entity->name, 'campaign' => $this->service->target()->name]));
-//        } catch (TranslatableException $ex) {
-//            return redirect()
-//                ->to($entity->url())
-//                ->with('error', __($ex->getMessage(), ['name' => $entity->name]));
-//        }
+        return redirect()
+            ->route($entity->pluralType() . '.index', $campaign)
+            ->with('success_raw', __('entities/move.success' . ($copied ? '_copy' : null), ['name' => $entity->name, 'campaign' => $this->service->target()->name]));
+        //        } catch (TranslatableException $ex) {
+        //            return redirect()
+        //                ->to($entity->url())
+        //                ->with('error', __($ex->getMessage(), ['name' => $entity->name]));
+        //        }
     }
 }
diff --git a/app/Http/Requests/StoreCalendar.php b/app/Http/Requests/StoreCalendar.php
@@ -48,9 +48,9 @@ public function rules()
             'show_birthdays' => 'boolean',
             'template_id' => 'nullable',
             'format'      => ['nullable', new CalendarFormat(), 'string', 'max:20'],
-//            'moon_offset' => [
-//                '*' => new CalendarMoonOffset()
-//            ],
+            //            'moon_offset' => [
+            //                '*' => new CalendarMoonOffset()
+            //            ],
         ];
 
         if (request()->has('quick-creator')) {

diff --git a/app/Models/Character.php b/app/Models/Character.php
@@ -179,16 +179,22 @@ public function scopeMember(Builder $query, string|null $value, FilterOption $fi
             if (!empty($value)) {
                 return $query;
             }
-            return $query
+            $query
                 ->select($this->getTable() . '.*')
                 ->leftJoin('organisation_member as memb', function ($join) {
                     $join->on('memb.character_id', '=', $this->getTable() . '.id');
                 })
                 ->where('memb.organisation_id', null);
+
+            if (auth()->guest() || !auth()->user()->isAdmin()) {
+                $query->where('memb.is_private', 0);
+            }
+
+            return $query;
         } elseif ($filter === FilterOption::EXCLUDE) {
             return $query
                 ->whereRaw('(select count(*) from organisation_member as memb where memb.character_id = ' .
-                    $this->getTable() . '.id and memb.organisation_id in (' . (int) $value . ')) = 0');
+                    $this->getTable() . '.id and memb.character_id = ' . ((int) $value) . ' and ' . $this->subPrivacy('memb.is_private') . ') = 0');
         }
 
         $ids = [$value];
@@ -199,12 +205,18 @@ public function scopeMember(Builder $query, string|null $value, FilterOption $fi
                 $ids = [...$model->descendants->pluck('id')->toArray(), $model->id];
             }
         }
-        return $query
+        $query
             ->select($this->getTable() . '.*')
             ->leftJoin('organisation_member as memb', function ($join) {
                 $join->on('memb.character_id', '=', $this->getTable() . '.id');
             })
-            ->whereIn('memb.organisation_id', $ids)->distinct();
+            ->whereIn('memb.organisation_id', $ids);
+
+        if (auth()->guest() || !auth()->user()->isAdmin()) {
+            $query->where('memb.is_private', 0);
+        }
+
+        return $query->distinct();
     }
 
     /**

diff --git a/app/Models/Concerns/HasFilters.php b/app/Models/Concerns/HasFilters.php
@@ -489,9 +489,15 @@ protected function filterRace(Builder $query, string $value = null): void
     {
         $ids = [$value];
         if ($this->filterOption('exclude')) {
-            $query->whereRaw('(select count(*) from character_race as cr where cr.character_id = ' .
-                $this->getTable() . '.id and cr.race_id = ' . ((int) $value) . ') = 0');
+            if (auth()->check() && auth()->user()->isAdmin()) {
+                $query->whereRaw('(select count(*) from character_race as cr where cr.character_id = ' .
+                    $this->getTable() . '.id and cr.race_id = ' . ((int) $value) . ') = 0');
+            } else {
+                $query->whereRaw('(select count(*) from character_race as cr where cr.character_id = ' .
+                    $this->getTable() . '.id and cr.race_id = ' . ((int) $value) . ' and cr.is_private = 0) = 0');
+            }
             return;
+
         } elseif ($this->filterOption('children')) {
             /** @var Race|null $race */
             $race = Race::find($value);
@@ -505,7 +511,12 @@ protected function filterRace(Builder $query, string $value = null): void
             ->select($this->getTable() . '.*')
             ->leftJoin('character_race as cr', function ($join) {
                 $join->on('cr.character_id', '=', $this->getTable() . '.id');
-            })->whereIn('cr.race_id', $ids)->distinct();
+            })->whereIn('cr.race_id', $ids);
+
+        if (auth()->guest() || !auth()->user()->isAdmin()) {
+            $query->where('cr.is_private', false);
+        }
+        $query->distinct();
     }
 
     /**
@@ -516,8 +527,10 @@ protected function filterFamily(Builder $query, string $value = null): void
         $ids = [$value];
         if ($this->filterOption('exclude')) {
             $query->whereRaw('(select count(*) from character_family as cf where cf.character_id = ' .
-                $this->getTable() . '.id and cf.family_id = ' . ((int) $value) . ') = 0');
+                $this->getTable() . '.id and cf.family_id = ' . ((int) $value)
+                . ' and ' . $this->subPrivacy('cf.is_private') . ') = 0');
             return;
+
         } elseif ($this->filterOption('children')) {
             /** @var Family|null $family */
             $family = Family::find($value);
@@ -531,7 +544,13 @@ protected function filterFamily(Builder $query, string $value = null): void
             ->select($this->getTable() . '.*')
             ->leftJoin('character_family as cf', function ($join) {
                 $join->on('cf.character_id', '=', $this->getTable() . '.id');
-            })->whereIn('cf.family_id', $ids)->distinct();
+            })->whereIn('cf.family_id', $ids);
+
+        if (auth()->guest() || !auth()->user()->isAdmin()) {
+            $query->where('cf.is_private', false);
+        }
+
+        $query->distinct();
     }
 
     /**
@@ -677,4 +696,14 @@ protected function explicitFilters(): array
         }
         return [];
     }
+
+    protected function subPrivacy(string $field): string|null
+    {
+        // Campaign admins don't have private data hidden from them
+        if (auth()->check() && auth()->user()->isAdmin()) {
+            return null;
+        }
+
+        return $field . ' = 0';
+    }
 }
diff --git a/app/Models/Family.php b/app/Models/Family.php
@@ -146,25 +146,38 @@ public function scopeMember(Builder $query, string|null $value, FilterOption $fi
             if (!empty($value)) {
                 return $query;
             }
-            return $query
+            $query
                 ->select($this->getTable() . '.*')
                 ->leftJoin('character_family as memb', function ($join) {
                     $join->on('memb.family_id', '=', $this->getTable() . '.id');
                 })
                 ->where('memb.character_id', null);
+
+            if (auth()->guest() || !auth()->user()->isAdmin()) {
+                $query->where('memb.is_private', 0);
+            }
+
+            return $query;
         } elseif ($filter === FilterOption::EXCLUDE) {
             return $query
                 ->whereRaw('(select count(*) from character_family as memb where memb.family_id = ' .
-                    $this->getTable() . '.id and memb.character_id in (' . (int) $value . ')) = 0');
+                    $this->getTable() . '.id and memb.family_id = ' . ((int) $value) . ' and ' . $this->subPrivacy('memb.is_private') . ') = 0');
         }
 
         $ids = [$value];
-        return $query
+        $query
             ->select($this->getTable() . '.*')
             ->leftJoin('character_family as memb', function ($join) {
                 $join->on('memb.family_id', '=', $this->getTable() . '.id');
             })
-            ->whereIn('memb.character_id', $ids)->distinct();
+            ->whereIn('memb.character_id', $ids);
+
+
+        if (auth()->guest() || !auth()->user()->isAdmin()) {
+            $query->where('memb.is_private', 0);
+        }
+
+        return $query->distinct();
     }
 
     /**
@@ -176,7 +189,7 @@ public function datagridSelectFields(): array
     }
 
     /**
-     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
+     * @return BelongsTo
      */
     public function location()
     {

diff --git a/app/Models/Organisation.php b/app/Models/Organisation.php
@@ -168,24 +168,37 @@ public function scopeMember(Builder $query, string|null $value, FilterOption $fi
             if (!empty($value)) {
                 return $query;
             }
-            return $query
+            $query
                 ->select($this->getTable() . '.*')
                 ->leftJoin('organisation_member as memb', function ($join) {
                     $join->on('memb.organisation_id', '=', $this->getTable() . '.id');
                 })
                 ->where('memb.character_id', null);
+            if (auth()->guest() || !auth()->user()->isAdmin()) {
+                $query->where('memb.is_private', 0);
+            }
+
+            return $query;
+
         } elseif ($filter === FilterOption::EXCLUDE) {
             return $query
                 ->whereRaw('(select count(*) from organisation_member as memb where memb.organisation_id = ' .
-                    $this->getTable() . '.id and memb.character_id in (' . (int) $value . ')) = 0');
+                    $this->getTable() . '.id and memb.character_id = ' . ((int) $value) . ' and ' . $this->subPrivacy('memb.is_private') . ') = 0');
         }
         $ids = [$value];
-        return $query
+
+        $query
             ->select($this->getTable() . '.*')
             ->leftJoin('organisation_member as memb', function ($join) {
                 $join->on('memb.organisation_id', '=', $this->getTable() . '.id');
             })
-            ->whereIn('memb.character_id', $ids)->distinct();
+            ->whereIn('memb.character_id', $ids);
+
+        if (auth()->guest() || !auth()->user()->isAdmin()) {
+            $query->where('memb.is_private', 0);
+        }
+
+        return $query->distinct();
     }
 
     /**