Ensured a user with no photo or about me story image can hibernate , closes #1139 , closes #1134

[MICHAELMUNAVU83]

• I ensured if a user has been hibernated due to lack of profile photo they see these flash message

Screen.Recording.2024-11-18.at.16.47.53.mov

"You need to have a profile photo and a photo for your about me story to change your profile visibility." - If a user user has no profile photo and no about me story image

"You need to have a profile photo to change your profile visibility." - If a user has no profile photo

"You need to have a photo for your about me story to change your profile visibility." - If a user has no about me story image

[wintermeyer]

Please DRY this code. Something like

defp maybe_change_user_state("normalize", socket, profile_photo, about_me_photo) do
  cond do
    is_nil(profile_photo) and not about_me_photo ->
      {:noreply, show_error(socket, "You need to have a profile photo and a photo for your about me story to change your profile visibility.")}

    is_nil(profile_photo) and about_me_photo ->
      {:noreply, show_error(socket, "You need to have a profile photo to change your profile visibility.")}

    not about_me_photo ->
      {:noreply, show_error(socket, "You need to have a photo for your about me story to change your profile visibility.")}

    true ->
      handle_state_change("normalize", socket)
  end
end

defp maybe_change_user_state("hibernate", socket, _profile_photo, _about_me_photo) do
  handle_state_change("hibernate", socket)
end

defp show_error(socket, message) do
  socket
  |> put_flash(:error, with_locale(socket.assigns.language, fn -> gettext(message) end))
end

defp handle_state_change(action, socket) do
  case change_user_state(action, socket.assigns.current_user) do
    {:ok, user} ->
      {:noreply,
       socket
       |> assign(current_user: user)
       |> put_flash(
         :info,
         with_locale(socket.assigns.language, fn ->
           gettext("Profile visibility changed successfully.")
         end)
       )}

    {:error, _} ->
      {:noreply,
       socket
       |> put_flash(
         :error,
         with_locale(socket.assigns.language, fn ->
           gettext("Profile visibility change failed.")
         end)
       )}
  end
end

[wintermeyer]

Just to be sure: Do we have the policies in place to ensure that the state can not be changed in these circumstances? I want to be sure that a potential black hat hacker doesn't play around with our API or form to bypass this.

[wintermeyer]

This cries for more refactoring. Too much duplication. Something like:

defp maybe_change_user_state("normalize", socket, profile_photo, about_me_photo) do
  case {is_nil(profile_photo), not about_me_photo} do
    {true, true} ->
      show_visibility_error(socket, "You need to have a profile photo and a photo for your about me story to change your profile visibility.")

    {true, false} ->
      show_visibility_error(socket, "You need to have a profile photo to change your profile visibility.")

    {false, true} ->
      show_visibility_error(socket, "You need to have a photo for your about me story to change your profile visibility.")

    _ ->
      handle_state_change("normalize", socket)
  end
end

defp show_visibility_error(socket, message) do
  {:noreply,
   socket
   |> show_error(with_locale(socket.assigns.language, fn -> message end))}
end

[MICHAELMUNAVU83]

I have added a policy for reactivating to ensure we check the user has a profile photo and has about me story with an image