🔒 Add privacy settings for leaderboard visibility

✨ Features: - Added show_in_leaderboard column to players table (default: false) - Replaced Quick Actions with Settings section in dashboard - Added toggle switch for leaderboard visibility - Created settings modal with privacy controls 🔧 API Changes: - Added /api/v1/private/update-player-settings endpoint - Updated best-times queries to filter by show_in_leaderboard - Updated times-with-details to respect privacy settings - Added updated_at column to players table 🎨 UI/UX: - Modern toggle switch design - Responsive settings modal - Success/error notifications - Clear privacy explanation 🔐 Privacy: - Default: Times are NOT shown in global leaderboard - Users can opt-in via settings - Personal dashboard always shows own times - Global leaderboard only shows opted-in users
2025-09-08 19:14:17 +02:00
parent ecb6291c74
commit 70ceb2da25
4 changed files with 304 additions and 3 deletions
--- a/routes/api.js
+++ b/routes/api.js
@@ -1851,6 +1851,7 @@ router.get('/v1/public/times-with-details', async (req, res) => {
        }
        
        // Get all times with player and location details, ordered by time (fastest first)
+        // Only show times from players who have opted into leaderboard visibility
        const result = await pool.query(`
            SELECT 
                t.id,
@@ -1872,6 +1873,7 @@ router.get('/v1/public/times-with-details', async (req, res) => {
            LEFT JOIN players p ON t.player_id = p.id
            LEFT JOIN locations l ON t.location_id = l.id
            WHERE 1=1 ${locationFilter} ${dateFilter}
+            AND p.show_in_leaderboard = true
            ORDER BY t.recorded_time ASC
            LIMIT 50
        `);
@@ -2397,6 +2399,7 @@ router.get('/v1/public/best-times', async (req, res) => {
                FROM times t
                JOIN players p ON t.player_id = p.id
                WHERE DATE(t.created_at AT TIME ZONE 'Europe/Berlin') = $1
+                AND p.show_in_leaderboard = true
                GROUP BY t.player_id, p.firstname, p.lastname
            )
            SELECT 
@@ -2419,6 +2422,7 @@ router.get('/v1/public/best-times', async (req, res) => {
                JOIN players p ON t.player_id = p.id
                WHERE DATE(t.created_at AT TIME ZONE 'Europe/Berlin') >= $1
                AND DATE(t.created_at AT TIME ZONE 'Europe/Berlin') <= $2
+                AND p.show_in_leaderboard = true
                GROUP BY t.player_id, p.firstname, p.lastname
            )
            SELECT 
@@ -2441,6 +2445,7 @@ router.get('/v1/public/best-times', async (req, res) => {
                JOIN players p ON t.player_id = p.id
                WHERE DATE(t.created_at AT TIME ZONE 'Europe/Berlin') >= $1
                AND DATE(t.created_at AT TIME ZONE 'Europe/Berlin') <= $2
+                AND p.show_in_leaderboard = true
                GROUP BY t.player_id, p.firstname, p.lastname
            )
            SELECT 
@@ -2906,4 +2911,48 @@ router.get('/achievements/leaderboard', async (req, res) => {
    }
 });

+// Update player settings (privacy settings)
+router.post('/v1/private/update-player-settings', requireApiKey, async (req, res) => {
+    try {
+        const { player_id, show_in_leaderboard } = req.body;
+        
+        if (!player_id) {
+            return res.status(400).json({
+                success: false,
+                message: 'Player ID ist erforderlich'
+            });
+        }
+        
+        // Update player settings
+        const updateQuery = `
+            UPDATE players 
+            SET show_in_leaderboard = $1, updated_at = NOW()
+            WHERE id = $2
+            RETURNING id, firstname, lastname, show_in_leaderboard
+        `;
+        
+        const result = await pool.query(updateQuery, [show_in_leaderboard || false, player_id]);
+        
+        if (result.rows.length === 0) {
+            return res.status(404).json({
+                success: false,
+                message: 'Spieler nicht gefunden'
+            });
+        }
+        
+        res.json({
+            success: true,
+            message: 'Einstellungen erfolgreich aktualisiert',
+            data: result.rows[0]
+        });
+        
+    } catch (error) {
+        console.error('Error updating player settings:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Fehler beim Aktualisieren der Einstellungen'
+        });
+    }
+});
+
 module.exports = { router, requireApiKey };