Respect description privacy when searching members

PluralKit.Bot/Lists/SortFilterOptions.cs

@@ -54,12 +54,12 @@ namespace PluralKit.Bot
         
         public async Task<IEnumerable<ListedMember>> Execute(IPKConnection conn, PKSystem system, LookupContext ctx)
         {
-            var filtered = await QueryWithFilter(conn, system);
+            var filtered = await QueryWithFilter(conn, system, ctx);
             return Sort(filtered, ctx);
         }
 
-        private Task<IEnumerable<ListedMember>> QueryWithFilter(IPKConnection conn, PKSystem system) =>
+        private Task<IEnumerable<ListedMember>> QueryWithFilter(IPKConnection conn, PKSystem system, LookupContext ctx) =>
-            conn.QueryMemberList(system.Id, PrivacyFilter switch
+            conn.QueryMemberList(system.Id, ctx, PrivacyFilter switch
             {
                 PrivacyFilter.PrivateOnly => PrivacyLevel.Private,
                 PrivacyFilter.PublicOnly => PrivacyLevel.Public,

PluralKit.Core/Database/Views/DatabaseViewsExt.cs

@@ -12,7 +12,7 @@ namespace PluralKit.Core
         public static Task<IEnumerable<SystemFronter>> QueryCurrentFronters(this IPKConnection conn, SystemId system) =>
             conn.QueryAsync<SystemFronter>("select * from system_fronters where system = @system", new {system});
 
-        public static Task<IEnumerable<ListedMember>> QueryMemberList(this IPKConnection conn, SystemId system, PrivacyLevel? privacyFilter = null, string? filter = null, bool includeDescriptionInNameFilter = false)
+        public static Task<IEnumerable<ListedMember>> QueryMemberList(this IPKConnection conn, SystemId system, LookupContext ctx, PrivacyLevel? privacyFilter = null, string? filter = null, bool includeDescriptionInNameFilter = false)
         {
             StringBuilder query = new StringBuilder("select * from member_list where system = @system");
 
@@ -21,10 +21,17 @@ namespace PluralKit.Core
 
             if (filter != null)
             {
-                static string Filter(string column) => $"position(lower(@filter) in lower(coalesce({column}, ''))) > 0"; 
+                static string Filter(string column) => $"(position(lower(@filter) in lower(coalesce({column}, ''))) > 0)"; 
 
                 query.Append($" and ({Filter("name")} or {Filter("display_name")}");
-                if (includeDescriptionInNameFilter) query.Append($" or {Filter("description")}");
+                if (includeDescriptionInNameFilter)
+                {
+                    // We need to account for the possibility of description privacy when searching
+                    // If we're looking up from the outside, only search "public_description" (defined in the view; null if desc is private)
+                    // If we're the owner, just search the full description
+                    var descriptionColumn = ctx == LookupContext.ByOwner ? "description" : "public_description";
+                    query.Append($"or {Filter(descriptionColumn)}");
+                }
                 query.Append(")");
             }
             

PluralKit.Core/Database/Views/views.sql

@@ -46,5 +46,12 @@ select members.*,
                4,
                extract(month from members.birthday)::integer,
                extract(day from members.birthday)::integer
-           ) end as birthday_md
+           ) end as birthday_md,
+
+        -- Extract member description as seen by "the public"
+        case 
+            -- Privacy '1' = public; just return description as normal
+            when members.description_privacy = 1 then members.description
+            -- Any other privacy (rn just '2'), return null description (missing case = null in SQL)
+        end as public_description
 from members;