added a check for when you are asking from your profile, or your publ…

…ic profile
gordon-cs · Jul 6, 2023 · 6ad249c · 6ad249c
1 parent da31131
commit 6ad249c
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 13 deletions.
diff --git a/Gordon360/Controllers/MembershipsController.cs b/Gordon360/Controllers/MembershipsController.cs
@@ -25,14 +25,15 @@ public MembershipsController(IMembershipService membershipService)
  /// <summary>
  /// Get all the memberships associated with a given activity
  /// </summary>
+ /// <param name="myProf">Optional boolean indication if you are searching for your public profile</param>
  /// <param name="involvementCode">Optional involvementCode filter</param>
  /// <param name="username">Optional username filter</param>
  /// <param name="sessionCode">Optional session code for which session memberships should be retrieved. Defaults to current session. Use "*" for all sessions.</param>
  /// <param name="participationTypes">Optional list of participation types that should be retrieved. Defaults to all participation types.</param>
  /// <returns>An IEnumerable of the matching MembershipViews</returns>
  [HttpGet]
  [StateYourBusiness(operation = Operation.READ_PARTIAL, resource = Resource.MEMBERSHIP)]
- public ActionResult<IEnumerable<MembershipView>> GetMemberships(string? involvementCode = null, string? username = null, string? sessionCode = null, [FromQuery] List<string>? participationTypes = null)
+ public ActionResult<IEnumerable<MembershipView>> GetMemberships(bool? myProf, string? involvementCode = null, string? username = null, string? sessionCode = null, [FromQuery] List<string>? participationTypes = null)
  {
  var memberships = _membershipService.GetMemberships(
  activityCode: involvementCode,
@@ -44,12 +45,13 @@ public ActionResult<IEnumerable<MembershipView>> GetMemberships(string? involvem
  {
  var authenticatedUserUsername = AuthUtils.GetUsername(User);
  var viewerGroups = AuthUtils.GetGroups(User);
+ bool mp = myProf ?? false;
 
  // User can see all their own memberships. SiteAdmin and Police can see all of anyone's memberships
  if (!(username == authenticatedUserUsername
  || viewerGroups.Contains(AuthGroup.SiteAdmin)
  || viewerGroups.Contains(AuthGroup.Police)
- ))
+ ) || !mp)
  {
  memberships = _membershipService.RemovePrivateMemberships(memberships, authenticatedUserUsername);
  }

diff --git a/Gordon360/Documentation/Gordon360.xml b/Gordon360/Documentation/Gordon360.xml