From 094263db4d9f1b53c4b4c021005eec07baddd253 Mon Sep 17 00:00:00 2001 From: Lanre Adelowo Date: Tue, 19 Feb 2019 15:11:50 +0100 Subject: [PATCH] Show email if the authenticated user owns the profile page being requested for (#4981) * Show email if the authenticated user owns the profile page being requested for. Also removed `setting.UI.ShowUserEmail` as it's documentation says it only controls the email setting on the explore page * fix current user check... This prevents a panic as a user must be signed in before ctx.User is called * fix panic in tests * try to fix tests * Update year * Test CI fail * Revert change * User 3 is not allowed to authorize * Set user2 email to be private * Change to user4 in explore page as user2 now has private email option set --- integrations/setting_test.go | 17 ++++++++++++++--- models/fixtures/user.yml | 1 + routers/user/profile.go | 2 +- templates/user/profile.tmpl | 2 +- 4 files changed, 17 insertions(+), 5 deletions(-) diff --git a/integrations/setting_test.go b/integrations/setting_test.go index 2aac8e90e..54f4fded6 100644 --- a/integrations/setting_test.go +++ b/integrations/setting_test.go @@ -25,7 +25,7 @@ func TestSettingShowUserEmailExplore(t *testing.T) { htmlDoc := NewHTMLParser(t, resp.Body) assert.Contains(t, htmlDoc.doc.Find(".ui.user.list").Text(), - "user2@example.com", + "user4@example.com", ) setting.UI.ShowUserEmail = false @@ -35,7 +35,7 @@ func TestSettingShowUserEmailExplore(t *testing.T) { htmlDoc = NewHTMLParser(t, resp.Body) assert.NotContains(t, htmlDoc.doc.Find(".ui.user.list").Text(), - "user2@example.com", + "user4@example.com", ) setting.UI.ShowUserEmail = showUserEmail @@ -61,12 +61,23 @@ func TestSettingShowUserEmailProfile(t *testing.T) { req = NewRequest(t, "GET", "/user2") resp = session.MakeRequest(t, req, http.StatusOK) htmlDoc = NewHTMLParser(t, resp.Body) - assert.NotContains(t, + // Should contain since this user owns the profile page + assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user2@example.com", ) setting.UI.ShowUserEmail = showUserEmail + + session = loginUser(t, "user4") + req = NewRequest(t, "GET", "/user2") + resp = session.MakeRequest(t, req, http.StatusOK) + htmlDoc = NewHTMLParser(t, resp.Body) + assert.NotContains(t, + htmlDoc.doc.Find(".user.profile").Text(), + "user2@example.com", + ) + } func TestSettingLandingPage(t *testing.T) { diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml index 3a44946bb..8d2b698b2 100644 --- a/models/fixtures/user.yml +++ b/models/fixtures/user.yml @@ -21,6 +21,7 @@ name: user2 full_name: " < Ur Tw >< " email: user2@example.com + keep_email_private: true passwd: 7d93daa0d1e6f2305cc8fa496847d61dc7320bb16262f9c55dd753480207234cdd96a93194e408341971742f4701772a025a # password type: 0 # individual salt: ZogKvWdyEx diff --git a/routers/user/profile.go b/routers/user/profile.go index b1daa9e49..03f88e256 100644 --- a/routers/user/profile.go +++ b/routers/user/profile.go @@ -237,7 +237,7 @@ func Profile(ctx *context.Context) { } } - ctx.Data["ShowUserEmail"] = setting.UI.ShowUserEmail + ctx.Data["ShowUserEmail"] = len(ctxUser.Email) > 0 && ctx.IsSigned && (!ctxUser.KeepEmailPrivate || ctxUser.ID == ctx.User.ID) ctx.HTML(200, tplProfile) } diff --git a/templates/user/profile.tmpl b/templates/user/profile.tmpl index b3a500e9f..f65776bdf 100644 --- a/templates/user/profile.tmpl +++ b/templates/user/profile.tmpl @@ -22,7 +22,7 @@ {{if .Owner.Location}}
  • {{.Owner.Location}}
    • {{end}} - {{if and $.ShowUserEmail .Owner.Email .IsSigned (not .Owner.KeepEmailPrivate)}} + {{if .ShowUserEmail }}
  • {{.Owner.Email}}