[#114] Made MastodonAPI and TwitterAPI user show actions return 404 for auth-inactive users

unless requested by admin or moderator.

lib/pleroma/web/mastodon_api/mastodon_api_controller.ex

@@ -110,7 +110,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
   end
 
   def user(%{assigns: %{user: for_user}} = conn, %{"id" => id}) do
-    with %User{} = user <- Repo.get(User, id) do
+    with %User{} = user <- Repo.get(User, id),
+         true <- User.auth_active?(user) || user.id == for_user.id || User.superuser?(for_user) do
       account = AccountView.render("account.json", %{user: user, for: for_user})
       json(conn, account)
     else