feat(privacy): enforce avatar/presence visibility and invite restrictions

2026-03-08 13:32:20 +03:00
parent eb0852e64d
commit c214cc8fd8
5 changed files with 113 additions and 8 deletions
--- a/app/chats/service.py
+++ b/app/chats/service.py
@@ -27,7 +27,25 @@ from app.messages.repository import (
    list_chat_message_ids,
 )
 from app.realtime.presence import get_users_online_map
-from app.users.repository import get_user_by_id, has_block_relation_between_users
+from app.users.repository import get_user_by_id, has_block_relation_between_users, is_user_in_contacts
+
+
+async def _can_view_last_seen(*, db: AsyncSession, target_user, viewer_user_id: int) -> bool:
+    if target_user.id == viewer_user_id:
+        return True
+    if target_user.privacy_last_seen == "everyone":
+        return True
+    if target_user.privacy_last_seen == "nobody":
+        return False
+    return await is_user_in_contacts(db, owner_user_id=target_user.id, candidate_user_id=viewer_user_id)
+
+
+async def _can_invite_to_group(*, db: AsyncSession, target_user, actor_user_id: int) -> bool:
+    if target_user.id == actor_user_id:
+        return False
+    if target_user.privacy_group_invites == "everyone":
+        return True
+    return await is_user_in_contacts(db, owner_user_id=target_user.id, candidate_user_id=actor_user_id)


 async def serialize_chat_for_user(
@@ -61,9 +79,12 @@ async def serialize_chat_for_user(
                display_title = counterpart.name or counterpart.username
                counterpart_name = counterpart.name
                counterpart_username = counterpart.username
-                counterpart_last_seen_at = counterpart.last_seen_at
+                presence_allowed = await _can_view_last_seen(db=db, target_user=counterpart, viewer_user_id=user_id)
+                counterpart_last_seen_at = counterpart.last_seen_at if presence_allowed else None
            presence = await get_users_online_map([counterpart_id])
-            counterpart_is_online = presence.get(counterpart_id, False)
+            if counterpart:
+                presence_allowed = await _can_view_last_seen(db=db, target_user=counterpart, viewer_user_id=user_id)
+                counterpart_is_online = presence.get(counterpart_id, False) if presence_allowed else None
    else:
        member_ids = await repository.list_chat_member_user_ids(db, chat_id=chat.id)
        members_count = len(member_ids)
@@ -175,6 +196,13 @@ async def create_chat_for_user(db: AsyncSession, *, creator_id: int, payload: Ch
        user = await get_user_by_id(db, member_id)
        if not user:
            raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=f"User {member_id} not found")
+        if payload.type in {ChatType.GROUP, ChatType.CHANNEL}:
+            can_invite = await _can_invite_to_group(db=db, target_user=user, actor_user_id=creator_id)
+            if not can_invite:
+                raise HTTPException(
+                    status_code=status.HTTP_403_FORBIDDEN,
+                    detail=f"User {member_id} does not allow group invites from you",
+                )

    chat = await repository.create_chat_with_meta(
        db,
@@ -287,6 +315,8 @@ async def add_chat_member_for_user(
    target_user = await get_user_by_id(db, target_user_id)
    if not target_user:
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
+    if not await _can_invite_to_group(db=db, target_user=target_user, actor_user_id=actor_user_id):
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="User does not allow group invites from you")
    existing = await repository.get_chat_member(db, chat_id=chat_id, user_id=target_user_id)
    if existing:
        return existing