refactor: implemented privacy checks in the GetProfileByUsername method;

refactor: reworked sql request for privacy-checking profile getter

backend/internal/services/profile.go

@@ -70,7 +70,6 @@ func (p *profileServiceImpl) GetMyProfile(cinfo dto.ClientInfo) (*dto.ProfileDto
 	return profileDto, nil
 }
 
-// TODO: Profile privacy settings checks
 func (p *profileServiceImpl) GetProfileByUsername(cinfo dto.ClientInfo, username string) (*dto.ProfileDto, error) {
 	helper, db, err := database.NewDbHelperTransaction(p.dbctx); if err != nil {
 		p.log.Error(
@@ -80,7 +79,10 @@ func (p *profileServiceImpl) GetProfileByUsername(cinfo dto.ClientInfo, username
 	}
 	defer helper.Rollback()
 
-	profile, err := db.TXQueries.GetProfileByUsername(db.CTX, username); if err != nil {
+	profileRow, err := db.TXQueries.GetProfileByUsernameWithPrivacy(db.CTX, database.GetProfileByUsernameWithPrivacyParams{
+		Requester: cinfo.Username,
+		SearchedUsername: username,
+	}); if err != nil {
 		if errors.Is(err, pgx.ErrNoRows) {
 			return nil, errs.ErrNotFound
 		}
@@ -92,8 +94,18 @@ func (p *profileServiceImpl) GetProfileByUsername(cinfo dto.ClientInfo, username
 		return nil, errs.ErrServerError
 	}
 
-	profileDto := &dto.ProfileDto{}
-	mapspecial.MapProfileDto(profile, profileDto)
+	if !*profileRow.AccessAllowed {
+		return nil, errs.ErrForbidden
+	}
+
+	profileDto := &dto.ProfileDto{
+		Name: profileRow.Name,
+		Bio: profileRow.Bio,
+		AvatarUrl: &profileRow.AvatarUrl,
+		Birthday: profileRow.Birthday.Time.UnixMilli(),
+		Color: profileRow.Color,
+		ColorGrad: profileRow.ColorGrad,
+	}
 
 	return profileDto, nil
 }