hide hidden releases from unauthorised /api/v1/artist/{id}

This commit is contained in:
ari melody 2024-09-12 09:56:22 +01:00
parent e69cf78e57
commit 1846203076
Signed by: ari
GPG key ID: CF99829C92678188
3 changed files with 11 additions and 8 deletions

View file

@ -25,7 +25,7 @@ func serveArtist() http.Handler {
return
}
credits, err := music.GetArtistCredits(global.DB, artist.ID)
credits, err := music.GetArtistCredits(global.DB, artist.ID, true)
if err != nil {
fmt.Printf("Error rendering admin track page for %s: %s\n", id, err)
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)

View file

@ -9,6 +9,7 @@ import (
"path/filepath"
"strings"
"arimelody-web/admin"
"arimelody-web/global"
db "arimelody-web/music/controller"
music "arimelody-web/music/controller"
@ -46,8 +47,10 @@ func ServeArtist(artist *model.Artist) http.Handler {
}
)
show_hidden_releases := admin.GetSession(r) != nil
var dbCredits []*model.Credit
dbCredits, err := db.GetArtistCredits(global.DB, artist.ID)
dbCredits, err := db.GetArtistCredits(global.DB, artist.ID, show_hidden_releases)
if err != nil {
fmt.Printf("FATAL: Failed to retrieve artist credits for %s: %s\n", artist.ID, err)
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)

View file

@ -44,15 +44,15 @@ func GetArtistsNotOnRelease(db *sqlx.DB, releaseID string) ([]*model.Artist, err
return artists, nil
}
func GetArtistCredits(db *sqlx.DB, artistID string) ([]*model.Credit, error) {
rows, err := db.Query(
"SELECT release.id,release.title,release.artwork,artist.id,artist.name,artist.website,artist.avatar,role,is_primary "+
func GetArtistCredits(db *sqlx.DB, artistID string, show_hidden bool) ([]*model.Credit, error) {
var query string = "SELECT release.id,release.title,release.artwork,artist.id,artist.name,artist.website,artist.avatar,role,is_primary "+
"FROM musiccredit "+
"JOIN musicrelease AS release ON release=release.id "+
"JOIN artist ON artist=artist.id "+
"WHERE artist=$1 "+
"ORDER BY release_date DESC",
artistID)
"WHERE artist=$1 "
if !show_hidden { query += "AND visible=true " }
query += "ORDER BY release_date DESC"
rows, err := db.Query(query, artistID)
if err != nil {
return nil, err
}