diff options
author | Dessalines <tyhou13@gmx.com> | 2020-03-05 15:46:33 -0500 |
---|---|---|
committer | Dessalines <tyhou13@gmx.com> | 2020-03-05 15:46:33 -0500 |
commit | 876d3117062f3f801026d72c9359613eca7e46ed (patch) | |
tree | 72a4f9c1309d742a5f2580286cca830dab848836 | |
parent | ade334b2513242c5ab59f336a2f457c7379b46b9 (diff) |
Remove email from GetUserDetails when not same user. Fixes #579
-rw-r--r-- | server/src/api/user.rs | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/server/src/api/user.rs b/server/src/api/user.rs index 99072a74..1d332b90 100644 --- a/server/src/api/user.rs +++ b/server/src/api/user.rs @@ -466,7 +466,7 @@ impl Perform<GetUserDetailsResponse> for Oper<GetUserDetails> { } }; - let user_view = UserView::read(&conn, user_details_id)?; + let mut user_view = UserView::read(&conn, user_details_id)?; let mut posts_query = PostQueryBuilder::create(&conn) .sort(&sort) @@ -502,6 +502,15 @@ impl Perform<GetUserDetailsResponse> for Oper<GetUserDetails> { let creator_user = admins.remove(creator_index); admins.insert(0, creator_user); + // If its not the same user, remove the email + if let Some(user_id) = user_id { + if user_details_id != user_id { + user_view.email = None; + } + } else { + user_view.email = None; + } + // Return the jwt Ok(GetUserDetailsResponse { user: user_view, |