From ef72b4e4a1f6cb6fec26ac5db411b713b6735ad5 Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Sat, 1 Sep 2018 22:47:06 -0600
Subject: [PATCH 1/2] Update private profile view

---
 resources/views/profile/private.blade.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/resources/views/profile/private.blade.php b/resources/views/profile/private.blade.php
index dda823e33..8b04a4b40 100644
--- a/resources/views/profile/private.blade.php
+++ b/resources/views/profile/private.blade.php
@@ -8,11 +8,11 @@
   <div class="profile-timeline mt-2 mt-md-4">
     <div class="card">
       <div class="card-body py-5">
-        <p class="text-center lead font-weight-bold">
+        <p class="text-center lead font-weight-bold mb-0">
           {{__('profile.privateProfileWarning')}}
         </p>
 
-        @if(Auth::check())
+        @if(!Auth::check())
         <p class="text-center mb-0">{{ __('profile.alreadyFollow', ['username'=>$user->username])}}</p>
         <p class="text-center mb-0"><a href="{{route('login')}}">{{__('Log in')}}</a></p>
         <p class="text-center mb-0">{{__('profile.loginToSeeProfile')}}</p>

From 9608400f6fd8e07db94c687150d8ed8849d93b15 Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Sat, 1 Sep 2018 22:48:01 -0600
Subject: [PATCH 2/2] Update ProfileController to enforce private profiles

---
 app/Http/Controllers/ProfileController.php | 50 ++++++++++++----------
 1 file changed, 28 insertions(+), 22 deletions(-)

diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php
index a1749975c..2b9deb6b2 100644
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -42,27 +42,27 @@ class ProfileController extends Controller
         }
 
         if ($user->is_private == true) {
-            $isPrivate = $this->privateProfileCheck($user);
+            $isPrivate = $this->privateProfileCheck($user, $loggedIn);
         }
 
         if ($loggedIn == true) {
-            $isPrivate = $this->blockedProfileCheck($user);
+            $isBlocked = $this->blockedProfileCheck($user);
         }
 
-        if ($isPrivate == true) {
+        if ($isPrivate == true || $isBlocked == true) {
             return view('profile.private', compact('user'));
-        } else {
-            $owner = $loggedIn && Auth::id() === $user->user_id;
-            $is_following = ($owner == false && Auth::check()) ? $user->followedBy(Auth::user()->profile) : false;
-            $is_admin = is_null($user->domain) ? $user->user->is_admin : false;
-            $timeline = $user->statuses()
-                  ->whereHas('media')
-                  ->whereNull('in_reply_to_id')
-                  ->whereNull('reblog_of_id')
-                  ->orderBy('created_at', 'desc')
-                  ->withCount(['comments', 'likes'])
-                  ->simplePaginate(21);
-        }
+        } 
+
+        $owner = $loggedIn && Auth::id() === $user->user_id;
+        $is_following = ($owner == false && Auth::check()) ? $user->followedBy(Auth::user()->profile) : false;
+        $is_admin = is_null($user->domain) ? $user->user->is_admin : false;
+        $timeline = $user->statuses()
+              ->whereHas('media')
+              ->whereNull('in_reply_to_id')
+              ->whereNull('reblog_of_id')
+              ->orderBy('created_at', 'desc')
+              ->withCount(['comments', 'likes'])
+              ->simplePaginate(21);
 
         return view('profile.show', compact('user', 'settings', 'owner', 'is_following', 'is_admin', 'timeline'));
     }
@@ -79,18 +79,24 @@ class ProfileController extends Controller
         return redirect($user->url());
     }
 
-    protected function privateProfileCheck(Profile $profile)
+    protected function privateProfileCheck(Profile $profile, $loggedIn)
     {
-        if (Auth::check() === false) {
-            return false;
+        if (!Auth::check()) {
+            return true;
         }
-        $pid = Auth::user()->profile->id;
-        $follower_ids = $profile->followers()->pluck('followers.profile_id')->toArray();
-        if (!in_array($pid, $follower_ids) && $pid !== $profile->id) {
+
+        $user = Auth::user()->profile;
+        if($user->id == $profile->id) {
             return false;
         }
 
-        return true;
+        $follows = Follower::whereProfileId($user->id)->whereFollowingId($profile->id)->exists();
+        if ($follows == false) {
+            return true;
+        }
+        
+        return false;
+
     }
 
     protected function blockedProfileCheck(Profile $profile)