From 9bde52ffc1bdfc6fcc3d2995776d60d8b42ce316 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Fri, 25 Oct 2019 21:09:15 +0900 Subject: [PATCH] Fix 500 when getting user as unauthenticated user (#8653) (#8663) Backport #8653 When doing GET /api/v1/users/{user} as an unauthenticated user, gitea throws a 500 because it's trying to dereference elements from the context user. It wants to do this to see whether to show the primary email and will do that if the logged in user is admin or the user in question. However, if ctx.User is nil there is a panic --- routers/api/v1/user/user.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go index bb1302077..0639494c0 100644 --- a/routers/api/v1/user/user.go +++ b/routers/api/v1/user/user.go @@ -104,7 +104,7 @@ func GetInfo(ctx *context.APIContext) { return } - ctx.JSON(200, convert.ToUser(u, ctx.IsSigned, ctx.User.ID == u.ID || ctx.User.IsAdmin)) + ctx.JSON(200, convert.ToUser(u, ctx.IsSigned, ctx.User != nil && (ctx.User.ID == u.ID || ctx.User.IsAdmin))) } // GetAuthenticatedUser get current user's information