diff --git a/app/controllers/user_badges_controller.rb b/app/controllers/user_badges_controller.rb
index 397ce503f..6e9e55b07 100644
--- a/app/controllers/user_badges_controller.rb
+++ b/app/controllers/user_badges_controller.rb
@@ -3,8 +3,9 @@ class UserBadgesController < ApplicationController
params.permit [:granted_before, :offset]
badge = fetch_badge_from_params
- user_badges = badge.user_badges.order('granted_at DESC, id DESC').limit(96)
+ user_badges = filter_user_badges(badge.user_badges)
user_badges = user_badges.includes(:user, :granted_by, badge: :badge_type, post: :topic)
+ user_badges = user_badges.order(granted_at: :desc, id: :desc).limit(96)
if offset = params[:offset]
user_badges = user_badges.offset(offset.to_i)
@@ -17,17 +18,16 @@ class UserBadgesController < ApplicationController
params.permit [:grouped]
user = fetch_user_from_params
- user_badges = user.user_badges
+ user_badges = filter_user_badges(user.user_badges)
+ user_badges = user_badges.includes(badge: [:badge_grouping, :badge_type])
+ .includes(post: :topic)
+ .includes(:granted_by)
if params[:grouped]
user_badges = user_badges.group(:badge_id)
.select(UserBadge.attribute_names.map {|x| "MAX(#{x}) as #{x}" }, 'COUNT(*) as count')
end
- user_badges = user_badges.includes(badge: [:badge_grouping, :badge_type])
- .includes(post: :topic)
- .includes(:granted_by)
-
render_serialized(user_badges, DetailedUserBadgeSerializer, root: "user_badges")
end
@@ -94,4 +94,15 @@ class UserBadgesController < ApplicationController
master_api_call = current_user.nil? && is_api?
master_api_call or guardian.can_grant_badges?(user)
end
+
+ def filter_user_badges(user_badges)
+ if SiteSetting.enable_whispers?
+ unless current_user.try(:staff?)
+ user_badges = user_badges.joins("LEFT JOIN posts ON posts.id = user_badges.post_id")
+ .where("posts.post_type <> #{Post.types[:whisper]}")
+ end
+ end
+
+ user_badges
+ end
end