fix(bot): respect member/group name/desc privacy in search

2026-02-04 04:56:49 +00:00 · 2024-10-04 10:49:10 -06:00 · 2024-10-04 10:49:10 -06:00 · 5f644ab17a
commit 5f644ab17a
parent 42235cef9c
8 changed files with 42 additions and 12 deletions
--- a/PluralKit.Core/Database/Views/DatabaseViewsExt.cs
+++ b/PluralKit.Core/Database/Views/DatabaseViewsExt.cs
@ -24,7 +24,8 @@ public static class DatabaseViewsExt
            static string Filter(string column) =>
                $"(position(lower(@filter) in lower(coalesce({column}, ''))) > 0)";

-            query.Append($" and ({Filter("name")} or {Filter("display_name")}");
+            var nameColumn = opts.Context == LookupContext.ByOwner ? "name" : "public_name";
+            query.Append($" and ({Filter(nameColumn)} or {Filter("display_name")}");
            if (opts.SearchDescription)
            {
                // We need to account for the possibility of description privacy when searching
@ -60,7 +61,8 @@ public static class DatabaseViewsExt
            static string Filter(string column) =>
                $"(position(lower(@filter) in lower(coalesce({column}, ''))) > 0)";

-            query.Append($" and ({Filter("name")} or {Filter("display_name")}");
+            var nameColumn = opts.Context == LookupContext.ByOwner ? "name" : "public_name";
+            query.Append($" and ({Filter(nameColumn)} or {Filter("display_name")}");
            if (opts.SearchDescription)
            {
                // We need to account for the possibility of description privacy when searching
--- a/PluralKit.Core/Database/Views/views.sql
+++ b/PluralKit.Core/Database/Views/views.sql
@ -30,7 +30,15 @@ select members.*,
           -- Privacy '1' = public; just return description as normal
           when members.description_privacy = 1 then members.description
           -- Any other privacy (rn just '2'), return null description (missing case = null in SQL)
-        end as public_description
+        end as public_description,
+        
+        -- Extract member name as seen by "the public"
+        case
+            -- Privacy '1' = public; just return name as normal
+            when members.name_privacy = 1 then members.name
+            -- Any other privacy (rn just '2'), return display name
+            else members.display_name
+        end as public_name
 from members;

 create view group_list as
@ -48,5 +56,20 @@ select groups.*,
            inner join members on group_members.member_id = members.id
        where
            group_members.group_id = groups.id
-    ) as total_member_count
+    ) as total_member_count,
+
+    -- Extract group description as seen by "the public"
+    case
+        -- Privacy '1' = public; just return description as normal
+        when groups.description_privacy = 1 then groups.description
+        -- Any other privacy (rn just '2'), return null description (missing case = null in SQL)
+    end as public_description,
+    
+    -- Extract member name as seen by "the public"
+    case
+        -- Privacy '1' = public; just return name as normal
+        when groups.name_privacy = 1 then groups.name
+        -- Any other privacy (rn just '2'), return display name
+        else groups.display_name
+    end as public_name
 from groups;