From 5d25861dc6785c1bfc5b01d39e2d5088e1179b53 Mon Sep 17 00:00:00 2001
From: maxwell <maxwell@joindiaspora.com>
Date: Thu, 19 Aug 2010 10:46:47 -0700
Subject: [PATCH] IZ MS person profile page now displays only posts a user can
 see

---
 app/controllers/people_controller.rb | 6 ++++--
 app/models/post.rb                   | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/app/controllers/people_controller.rb b/app/controllers/people_controller.rb
index 28b5de57d9..4019b871c0 100644
--- a/app/controllers/people_controller.rb
+++ b/app/controllers/people_controller.rb
@@ -14,8 +14,10 @@ class PeopleController < ApplicationController
   def show
     @person = current_user.visible_person_by_id(params[:id])
     @profile = @person.profile
-    @posts = Post.find_all_by_person_id(@person.id).paginate :page => params[:page], :order => 'created_at DESC'
-    @latest_status_message = StatusMessage.newest_for(@person)
+
+    @posts = Post.where(:person_id => @person.id, :_id.in => current_user.visible_post_ids).paginate :page => params[:page], :order => 'created_at DESC'
+
+    @latest_status_message = current_user.raw_visible_posts.find_all_by__type_and_person_id("StatusMessage", params[:id]).last
     @post_count = @posts.count
   end
   
diff --git a/app/models/post.rb b/app/models/post.rb
index e1821d615e..8f30586a08 100644
--- a/app/models/post.rb
+++ b/app/models/post.rb
@@ -31,7 +31,7 @@ class Post
 
 #Querying
   def self.newest_for(person)
-    self.first(:person_id => person.id, :order => '_id desc')
+    self.where(:person_id => person.id, :order => '_id desc')
   end
 
 #ENCRYPTION
-- 
GitLab