diff --git a/backend/grant/proposal/views.py b/backend/grant/proposal/views.py index a21a2de5..56073c65 100644 --- a/backend/grant/proposal/views.py +++ b/backend/grant/proposal/views.py @@ -25,6 +25,7 @@ from .models import ( proposal_team, ProposalTeamInvite, proposal_team_invite_schema, + proposal_proposal_contributions_schema, db, DRAFT, PENDING, diff --git a/backend/grant/user/views.py b/backend/grant/user/views.py index 61ea9c50..c0e8f51e 100644 --- a/backend/grant/user/views.py +++ b/backend/grant/user/views.py @@ -13,7 +13,8 @@ from grant.proposal.models import ( user_proposals_schema, PENDING, APPROVED, - REJECTED + REJECTED, + CONFIRMED ) from grant.utils.auth import requires_auth, requires_same_user_auth, get_authed_user from grant.utils.upload import remove_avatar, sign_avatar_upload, AvatarException @@ -64,19 +65,21 @@ def get_user(user_id, with_proposals, with_comments, with_funded, with_pending): user = User.get_by_id(user_id) if user: result = user_schema.dump(user) + authed_user = get_authed_user() if with_proposals: proposals = Proposal.get_by_user(user) proposals_dump = user_proposals_schema.dump(proposals) result["proposals"] = proposals_dump if with_funded: contributions = ProposalContribution.get_by_userid(user_id) + if not authed_user or user.id != authed_user.id: + contributions = [c for c in contributions if c.status == CONFIRMED] contributions_dump = user_proposal_contributions_schema.dump(contributions) result["contributions"] = contributions_dump if with_comments: comments = Comment.get_by_user(user) comments_dump = user_comments_schema.dump(comments) result["comments"] = comments_dump - authed_user = get_authed_user() if with_pending and authed_user and authed_user.id == user.id: pending = Proposal.get_by_user(user, [PENDING, APPROVED, REJECTED]) pending_dump = user_proposals_schema.dump(pending)