Browse Source

Show email if the authenticated user owns the profile page being requested for (#4981)

* Show email if the authenticated user owns the profile page being
requested for.

Also removed `setting.UI.ShowUserEmail` as it's documentation says it
only controls the email setting on the explore page

* fix current user check... This prevents a panic as a user must be signed in before ctx.User is called

* fix panic in tests

* try to fix tests

* Update year

* Test CI fail

* Revert change

* User 3 is not allowed to authorize

* Set user2 email to be private

* Change to user4 in explore page as user2 now has private email option set
for-closed-social
Lanre Adelowo 5 years ago
committed by techknowlogick
parent
commit
094263db4d
4 changed files with 17 additions and 5 deletions
  1. +14
    -3
      integrations/setting_test.go
  2. +1
    -0
      models/fixtures/user.yml
  3. +1
    -1
      routers/user/profile.go
  4. +1
    -1
      templates/user/profile.tmpl

+ 14
- 3
integrations/setting_test.go View File

@ -25,7 +25,7 @@ func TestSettingShowUserEmailExplore(t *testing.T) {
htmlDoc := NewHTMLParser(t, resp.Body)
assert.Contains(t,
htmlDoc.doc.Find(".ui.user.list").Text(),
"user2@example.com",
"user4@example.com",
)
setting.UI.ShowUserEmail = false
@ -35,7 +35,7 @@ func TestSettingShowUserEmailExplore(t *testing.T) {
htmlDoc = NewHTMLParser(t, resp.Body)
assert.NotContains(t,
htmlDoc.doc.Find(".ui.user.list").Text(),
"user2@example.com",
"user4@example.com",
)
setting.UI.ShowUserEmail = showUserEmail
@ -61,12 +61,23 @@ func TestSettingShowUserEmailProfile(t *testing.T) {
req = NewRequest(t, "GET", "/user2")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.NotContains(t,
// Should contain since this user owns the profile page
assert.Contains(t,
htmlDoc.doc.Find(".user.profile").Text(),
"user2@example.com",
)
setting.UI.ShowUserEmail = showUserEmail
session = loginUser(t, "user4")
req = NewRequest(t, "GET", "/user2")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.NotContains(t,
htmlDoc.doc.Find(".user.profile").Text(),
"user2@example.com",
)
}
func TestSettingLandingPage(t *testing.T) {

+ 1
- 0
models/fixtures/user.yml View File

@ -21,6 +21,7 @@
name: user2
full_name: " < U<se>r Tw<o > >< "
email: user2@example.com
keep_email_private: true
passwd: 7d93daa0d1e6f2305cc8fa496847d61dc7320bb16262f9c55dd753480207234cdd96a93194e408341971742f4701772a025a # password
type: 0 # individual
salt: ZogKvWdyEx

+ 1
- 1
routers/user/profile.go View File

@ -237,7 +237,7 @@ func Profile(ctx *context.Context) {
}
}
ctx.Data["ShowUserEmail"] = setting.UI.ShowUserEmail
ctx.Data["ShowUserEmail"] = len(ctxUser.Email) > 0 && ctx.IsSigned && (!ctxUser.KeepEmailPrivate || ctxUser.ID == ctx.User.ID)
ctx.HTML(200, tplProfile)
}

+ 1
- 1
templates/user/profile.tmpl View File

@ -22,7 +22,7 @@
{{if .Owner.Location}}
<li><i class="octicon octicon-location"></i> {{.Owner.Location}}</li>
{{end}}
{{if and $.ShowUserEmail .Owner.Email .IsSigned (not .Owner.KeepEmailPrivate)}}
{{if .ShowUserEmail }}
<li>
<i class="octicon octicon-mail"></i>
<a href="mailto:{{.Owner.Email}}" rel="nofollow">{{.Owner.Email}}</a>

Loading…
Cancel
Save