The privacy setting is only about syncing to other servers

Signed-off-by: Joas Schilling <coding@schilljs.com>

core/Controller/AvatarController.php

@@ -126,21 +126,6 @@ class AvatarController extends Controller {
 			$size = 64;
 		}
 
-		$user = $this->userManager->get($userId);
-		if ($user === null) {
-			return new JSONResponse([], Http::STATUS_NOT_FOUND);
-		}
-
-		$account = $this->accountManager->getAccount($user);
-		$scope = $account->getProperty(IAccountManager::PROPERTY_AVATAR)->getScope();
-
-		if ($scope !== IAccountManager::VISIBILITY_PUBLIC && $this->userId === null) {
-			// Public avatar access is not allowed
-			$response = new JSONResponse([], Http::STATUS_NOT_FOUND);
-			$response->cacheFor(1800);
-			return $response;
-		}
-
 		try {
 			$avatar = $this->avatarManager->getAvatar($userId);
 			$avatarFile = $avatar->getFile($size);

tests/Core/Controller/AvatarControllerTest.php

@@ -145,39 +145,6 @@ class AvatarControllerTest extends \Test\TestCase {
 		$this->assertEquals(Http::STATUS_NOT_FOUND, $response->getStatus());
 	}
 
-	public function testAvatarNotPublic() {
-		$account = $this->createMock(IAccount::class);
-		$this->accountManager->method('getAccount')
-			->with($this->userMock)
-			->willReturn($account);
-
-		$property = $this->createMock(IAccountProperty::class);
-		$account->method('getProperty')
-			->with(IAccountManager::PROPERTY_AVATAR)
-			->willReturn($property);
-
-		$property->method('getScope')
-			->willReturn(IAccountManager::VISIBILITY_PRIVATE);
-
-		$controller = new AvatarController(
-			'core',
-			$this->request,
-			$this->avatarManager,
-			$this->cache,
-			$this->l,
-			$this->userManager,
-			$this->rootFolder,
-			$this->logger,
-			null,
-			$this->timeFactory,
-			$this->accountManager
-		);
-
-		$result = $controller->getAvatar('userId', 128);
-
-		$this->assertEquals(Http::STATUS_NOT_FOUND, $result->getStatus());
-	}
-
 	/**
 	 * Fetch the user's avatar
 	 */