From d7a4614143521d2f8f90e31cc7b137d51a35e757 Mon Sep 17 00:00:00 2001
From: Michael Ball <cycomachead@gmail.com>
Date: Fri, 24 Mar 2023 08:57:41 +0800
Subject: [PATCH] Filter private usernames in selectize functions

---
 app/controllers/users_controller.rb | 5 +++--
 app/models/user.rb                  | 3 ++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index eee61b41a..ff2e3ea82 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -23,14 +23,15 @@ def update
   end
 
   def search
+    fields = %i[username id name]
+    fields << :email if current_user.is_admin?
     respond_to do |format|
       format.json do
         render json: { users:
                               User.active.where(
                                 'username ILIKE :search OR email ILIKE :search OR name ILIKE :search',
                                 search: "%#{params[:query]}%"
-                              ).as_json(only:
-            %i[username id name email], methods: :dropdwon_display) }
+                              ).as_json(only: fields, methods: :dropdwon_display) }
       end
     end
   end
diff --git a/app/models/user.rb b/app/models/user.rb
index 05904e38d..6f0f0b889 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -396,7 +396,8 @@ def self.empty?
   end
 
   def dropdwon_display
-    "#{name} (#{username} #{email})"
+    more_info = email_public? ? username : "#{username} #{email}"
+    "#{name} (#{more_info})"
   end
 
   private