feat(backend): return unlisted status in partial member for authenticated users

Foxnouns.Backend/Controllers/InternalController.cs

@@ -60,7 +60,8 @@ public partial class InternalController(DatabaseContext db) : ControllerBase
         {
             if (endpoint.RoutePattern.RawText == null) continue;
 
-            var templateMatcher = new TemplateMatcher(TemplateParser.Parse(endpoint.RoutePattern.RawText), new RouteValueDictionary());
+            var templateMatcher = new TemplateMatcher(TemplateParser.Parse(endpoint.RoutePattern.RawText),
+                new RouteValueDictionary());
             if (!templateMatcher.TryMatch(url, new())) continue;
             var httpMethodAttribute = endpoint.Metadata.GetMetadata<HttpMethodAttribute>();
             if (httpMethodAttribute != null &&

Foxnouns.Backend/Controllers/MembersController.cs

@@ -42,7 +42,8 @@ public class MembersController(
     [HttpPost("/api/v2/users/@me/members")]
     [ProducesResponseType<MemberRendererService.MemberResponse>(StatusCodes.Status200OK)]
     [Authorize("member.create")]
-    public async Task<IActionResult> CreateMemberAsync([FromBody] CreateMemberRequest req, CancellationToken ct = default)
+    public async Task<IActionResult> CreateMemberAsync([FromBody] CreateMemberRequest req,
+        CancellationToken ct = default)
     {
         ValidationUtils.Validate([
             ("name", ValidationUtils.ValidateMemberName(req.Name)),

Foxnouns.Backend/Controllers/UsersController.cs

@@ -104,7 +104,8 @@ public class UsersController(
     [HttpPatch("@me/custom-preferences")]
     [Authorize("user.update")]
     [ProducesResponseType<Dictionary<Snowflake, User.CustomPreference>>(StatusCodes.Status200OK)]
-    public async Task<IActionResult> UpdateCustomPreferencesAsync([FromBody] List<CustomPreferencesUpdateRequest> req, CancellationToken ct = default)
+    public async Task<IActionResult> UpdateCustomPreferencesAsync([FromBody] List<CustomPreferencesUpdateRequest> req,
+        CancellationToken ct = default)
     {
         ValidationUtils.Validate(ValidateCustomPreferences(req));
 
@@ -194,7 +195,8 @@ public class UsersController(
     [HttpPatch("@me/settings")]
     [Authorize("user.read_hidden", "user.update")]
     [ProducesResponseType<UserSettings>(statusCode: StatusCodes.Status200OK)]
-    public async Task<IActionResult> UpdateUserSettingsAsync([FromBody] UpdateUserSettingsRequest req, CancellationToken ct = default)
+    public async Task<IActionResult> UpdateUserSettingsAsync([FromBody] UpdateUserSettingsRequest req,
+        CancellationToken ct = default)
     {
         var user = await db.Users.FirstAsync(u => u.Id == CurrentUser!.Id, ct);
 

Foxnouns.Backend/Extensions/AvatarObjectExtensions.cs

@@ -14,11 +14,13 @@ public static class AvatarObjectExtensions
     private static readonly string[] ValidContentTypes = ["image/png", "image/webp", "image/jpeg"];
 
     public static async Task
-        DeleteMemberAvatarAsync(this ObjectStorageService objectStorageService, Snowflake id, string hash, CancellationToken ct = default) =>
+        DeleteMemberAvatarAsync(this ObjectStorageService objectStorageService, Snowflake id, string hash,
+            CancellationToken ct = default) =>
         await objectStorageService.RemoveObjectAsync(MemberAvatarUpdateInvocable.Path(id, hash), ct);
 
     public static async Task
-        DeleteUserAvatarAsync(this ObjectStorageService objectStorageService, Snowflake id, string hash, CancellationToken ct = default) =>
+        DeleteUserAvatarAsync(this ObjectStorageService objectStorageService, Snowflake id, string hash,
+            CancellationToken ct = default) =>
         await objectStorageService.RemoveObjectAsync(UserAvatarUpdateInvocable.Path(id, hash), ct);
 
     public static async Task<Stream> ConvertBase64UriToAvatar(this string uri)

Foxnouns.Backend/Mailables/AccountCreationMailable.cs

@@ -2,7 +2,8 @@ using Coravel.Mailer.Mail;
 
 namespace Foxnouns.Backend.Mailables;
 
-public class AccountCreationMailable(Config config, AccountCreationMailableView view) : Mailable<AccountCreationMailableView>
+public class AccountCreationMailable(Config config, AccountCreationMailableView view)
+    : Mailable<AccountCreationMailableView>
 {
     public override void Build()
     {

Foxnouns.Backend/Services/MemberRendererService.cs

@@ -11,6 +11,7 @@ public class MemberRendererService(DatabaseContext db, Config config)
     public async Task<IEnumerable<PartialMember>> RenderUserMembersAsync(User user, Token? token)
     {
         var canReadHiddenMembers = token != null && token.UserId == user.Id && token.HasScope("member.read");
+        var renderUnlisted = token != null && token.UserId == user.Id && token.HasScope("user.read_hidden");
         var canReadMemberList = !user.ListHidden || canReadHiddenMembers;
 
         IEnumerable<Member> members = canReadMemberList
@@ -20,7 +21,7 @@ public class MemberRendererService(DatabaseContext db, Config config)
                 .ToListAsync()
             : [];
         if (!canReadHiddenMembers) members = members.Where(m => !m.Unlisted);
-        return members.Select(RenderPartialMember);
+        return members.Select(m => RenderPartialMember(m, renderUnlisted));
     }
 
     public MemberResponse RenderMember(Member member, Token? token)
@@ -34,10 +35,11 @@ public class MemberRendererService(DatabaseContext db, Config config)
     }
 
     private UserRendererService.PartialUser RenderPartialUser(User user) =>
-        new(user.Id, user.Username, user.DisplayName, AvatarUrlFor(user));
+        new(user.Id, user.Username, user.DisplayName, AvatarUrlFor(user), user.CustomPreferences);
 
-    public PartialMember RenderPartialMember(Member member) => new(member.Id, member.Name,
-        member.DisplayName, member.Bio, AvatarUrlFor(member), member.Names, member.Pronouns);
+    public PartialMember RenderPartialMember(Member member, bool renderUnlisted = false) => new(member.Id, member.Name,
+        member.DisplayName, member.Bio, AvatarUrlFor(member), member.Names, member.Pronouns,
+        renderUnlisted ? member.Unlisted : null);
 
     private string? AvatarUrlFor(Member member) =>
         member.Avatar != null ? $"{config.MediaBaseUrl}/members/{member.Id}/avatars/{member.Avatar}.webp" : null;
@@ -52,7 +54,9 @@ public class MemberRendererService(DatabaseContext db, Config config)
         string? Bio,
         string? AvatarUrl,
         IEnumerable<FieldEntry> Names,
-        IEnumerable<Pronoun> Pronouns);
+        IEnumerable<Pronoun> Pronouns,
+        [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)]
+        bool? Unlisted);
 
     public record MemberResponse(
         Snowflake Id,

Foxnouns.Backend/Services/UserRendererService.cs

@@ -39,7 +39,7 @@ public class UserRendererService(DatabaseContext db, MemberRendererService membe
         return new UserResponse(
             user.Id, user.Username, user.DisplayName, user.Bio, user.MemberTitle, AvatarUrlFor(user), user.Links,
             user.Names, user.Pronouns, user.Fields, user.CustomPreferences,
-            renderMembers ? members.Select(memberRenderer.RenderPartialMember) : null,
+            renderMembers ? members.Select(m => memberRenderer.RenderPartialMember(m, tokenHidden)) : null,
             renderAuthMethods
                 ? authMethods.Select(a => new AuthenticationMethodResponse(
                     a.Id, a.AuthType, a.RemoteId,
@@ -52,7 +52,7 @@ public class UserRendererService(DatabaseContext db, MemberRendererService membe
     }
 
     public PartialUser RenderPartialUser(User user) =>
-        new(user.Id, user.Username, user.DisplayName, AvatarUrlFor(user));
+        new(user.Id, user.Username, user.DisplayName, AvatarUrlFor(user), user.CustomPreferences);
 
     private string? AvatarUrlFor(User user) =>
         user.Avatar != null ? $"{config.MediaBaseUrl}/users/{user.Id}/avatars/{user.Avatar}.webp" : null;
@@ -94,6 +94,7 @@ public class UserRendererService(DatabaseContext db, MemberRendererService membe
         Snowflake Id,
         string Username,
         string? DisplayName,
-        string? AvatarUrl
+        string? AvatarUrl,
+        Dictionary<Snowflake, User.CustomPreference> CustomPreferences
     );
 }

Foxnouns.Backend/Utils/ValidationUtils.cs

@@ -156,7 +156,8 @@ public static class ValidationUtils
                     break;
             }
 
-            errors = errors.Concat(ValidateFieldEntries(field.Entries, customPreferences, $"fields.{index}.entries")).ToList();
+            errors = errors.Concat(ValidateFieldEntries(field.Entries, customPreferences, $"fields.{index}.entries"))
+                .ToList();
         }
 
         return errors;
@@ -238,12 +239,14 @@ public static class ValidationUtils
                 {
                     case > Limits.FieldEntryTextLimit:
                         errors.Add(($"{errorPrefix}.{entryIdx}.value",
-                            ValidationError.LengthError("Pronoun display text is too long", 1, Limits.FieldEntryTextLimit,
+                            ValidationError.LengthError("Pronoun display text is too long", 1,
+                                Limits.FieldEntryTextLimit,
                                 entry.Value.Length)));
                         break;
                     case < 1:
                         errors.Add(($"{errorPrefix}.{entryIdx}.value",
-                            ValidationError.LengthError("Pronoun display text is too short", 1, Limits.FieldEntryTextLimit,
+                            ValidationError.LengthError("Pronoun display text is too short", 1,
+                                Limits.FieldEntryTextLimit,
                                 entry.Value.Length)));
                         break;
                 }