Added limitation on viewing all character profiles

app/eve_api/models/character.py

@@ -84,3 +84,7 @@ class EVEPlayerCharacter(EVEAPIModel):
         app_label = 'eve_api'
         verbose_name = 'Player Character'
         verbose_name_plural = 'Player Characters'
+
+        permissions = (
+            ("can_view_all_characters", "Can view any character profile"),
+        )

app/eve_api/views.py

@@ -141,6 +141,11 @@ def eveapi_character(request, charid=None):
 
     if charid:
         character = get_object_or_404(EVEPlayerCharacter.objects.select_related('corporation', 'corporation__aliance'), id=charid)
+
+        # Check if the user has permission to see the character profile
+        if not request.user.has_perm('eve_api.can_view_all_characters') and (not character.account or not request.user == character.account.user):
+            raise Http404
+
         try:
             current_training = character.eveplayercharacterskill_set.get(in_training__gt=0)
         except: