From 15c7b7ac43346dd9ecde58e27868b49bdd5a410e Mon Sep 17 00:00:00 2001 From: benya Date: Sun, 8 Mar 2026 22:37:45 +0300 Subject: [PATCH] feat(web): exclude banned users from add-member search --- docs/core-checklist-status.md | 2 +- web/src/components/ChatInfoPanel.tsx | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/docs/core-checklist-status.md b/docs/core-checklist-status.md index fc5166d..d40bd98 100644 --- a/docs/core-checklist-status.md +++ b/docs/core-checklist-status.md @@ -31,7 +31,7 @@ Legend: 22. Text Formatting - `PARTIAL` (bold/italic/underline/spoiler/mono/links + strikethrough + quote/code block; toolbar still evolving) 23. Groups - `PARTIAL` (create/add/remove/invite link; join-by-invite and invite permissions covered by integration tests; members API now returns profile fields (`username/name/avatar_url`) and web Chat Info consumes them to avoid extra per-member profile requests; add-member search also shows avatars; advanced moderation still partial) 24. Roles - `DONE` (owner/admin/member) -25. Admin Rights - `PARTIAL` (delete/pin/edit info + explicit ban APIs for groups/channels including ban list endpoint; web Chat Info now shows searchable `Banned users` with both inline and right-click `Unban` actions for owner/admin, member search, avatars in moderation lists, invite-link copy/regenerate actions, ban metadata (`who banned/when`), explicit member action button for touch/trackpad UX, `@username`-friendly moderation filters, and resilient profile hydration (`allSettled`) for partially missing users; integration tests cover channel member read-only, channel admin full-delete, channel message delete-for-all permissions, group profile edit permissions, owner-only role management rules, and admin-visible/member-forbidden ban-list access; remaining UX moderation tools limited) +25. Admin Rights - `PARTIAL` (delete/pin/edit info + explicit ban APIs for groups/channels including ban list endpoint; web Chat Info now shows searchable `Banned users` with both inline and right-click `Unban` actions for owner/admin, member search, avatars in moderation lists, invite-link copy/regenerate actions, ban metadata (`who banned/when`), explicit member action button for touch/trackpad UX, `@username`-friendly moderation filters, and resilient profile hydration (`allSettled`) for partially missing users; add-member search now excludes already banned users; integration tests cover channel member read-only, channel admin full-delete, channel message delete-for-all permissions, group profile edit permissions, owner-only role management rules, and admin-visible/member-forbidden ban-list access; remaining UX moderation tools limited) 26. Channels - `PARTIAL` (create/post/edit/delete/subscribe/unsubscribe; integration tests now also cover invite-link permissions (member forbidden, admin allowed); web Chat Info now differentiates destructive actions by role for both groups/channels (`Delete ... for all` for owner/admin, `Leave` for members) and blocks invalid owner-leave action when members remain; app auto-join by invite token is now single-shot with toast errors (no retry spam on invalid/expired links); remaining UX edge-cases still polishing) 27. Channel Types - `DONE` (public/private) 28. Notifications - `PARTIAL` (browser notifications + mute/settings; chat mute is propagated in chat list payload, honored by web realtime notifications with mention override, and mute toggle now syncs instantly in chat store; backend now emits `chat_updated` after notification mute/unmute for cross-tab consistency; no mobile push infra) diff --git a/web/src/components/ChatInfoPanel.tsx b/web/src/components/ChatInfoPanel.tsx index 66147f1..221a616 100644 --- a/web/src/components/ChatInfoPanel.tsx +++ b/web/src/components/ChatInfoPanel.tsx @@ -669,7 +669,13 @@ export function ChatInfoPanel({ chatId, open, onClose }: Props) { } try { const users = await searchUsers(value); - setSearchResults(users.filter((u) => !members.some((m) => m.user_id === u.id))); + setSearchResults( + users.filter( + (u) => + !members.some((m) => m.user_id === u.id) && + !bans.some((ban) => ban.user_id === u.id) + ) + ); } catch { setError("Failed to search users"); }