Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-31 02:55:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: use user.hidePrivateData(); more consistently across user retrieval endpoints

Browse Source
This commit is contained in:
Julian Lam
2022-06-29 16:31:21 -04:00
parent c26be43ac5
commit 0529f2fb5d
2 changed files with 5 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/controllers/accounts/helpers.js
View File

@@ -28,7 +28,7 @@ helpers.getUserDataByUserSlug = async function (userslug, callerUID, query = {})
} }
await parseAboutMe(results.userData); await parseAboutMe(results.userData);
const { userData } = results; let { userData } = results;
const { userSettings } = results; const { userSettings } = results;
const { isAdmin } = results; const { isAdmin } = results;
const { isGlobalModerator } = results; const { isGlobalModerator } = results;
@@ -41,17 +41,8 @@ helpers.getUserDataByUserSlug = async function (userslug, callerUID, query = {})
userData.birthday ? Math.floor((new Date().getTime() - new Date(userData.birthday).getTime()) / 31536000000) : 0 userData.birthday ? Math.floor((new Date().getTime() - new Date(userData.birthday).getTime()) / 31536000000) : 0
); );
userData.emailClass = 'hide'; userData = await user.hidePrivateData(userData, callerUID);
userData.emailClass = userSettings.showemail ? 'hide' : '';
if (!results.canEdit && (!userSettings.showemail || meta.config.hideEmail)) {
userData.email = '';
} else if (!userSettings.showemail) {
userData.emailClass = '';
}
if (!results.canEdit && (!userSettings.showfullname || meta.config.hideFullname)) {
userData.fullname = '';
}
if (isAdmin || isSelf || (canViewInfo && !results.isTargetAdmin)) { if (isAdmin || isSelf || (canViewInfo && !results.isTargetAdmin)) {
userData.ips = results.ips; userData.ips = results.ips;

9
src/controllers/user.js
View File

@@ -3,7 +3,6 @@
const path = require('path'); const path = require('path');
const user = require('../user'); const user = require('../user');
const meta = require('../meta');
const privileges = require('../privileges'); const privileges = require('../privileges');
const accountHelpers = require('./accounts/helpers'); const accountHelpers = require('./accounts/helpers');
@@ -68,17 +67,13 @@ userController.getUserDataByUID = async function (callerUid, uid) {
if (!canView) { if (!canView) {
throw new Error('[[error:no-privileges]]'); throw new Error('[[error:no-privileges]]');
} }
const [userData, settings] = await Promise.all([
user.getUserData(uid),
user.getSettings(uid),
]);
let userData = await user.getUserData(uid);
if (!userData) { if (!userData) {
throw new Error('[[error:no-user]]'); throw new Error('[[error:no-user]]');
} }
userData.email = settings.showemail && !meta.config.hideEmail ? userData.email : undefined; userData = await user.hidePrivateData(userData, callerUid);
userData.fullname = settings.showfullname && !meta.config.hideFullname ? userData.fullname : undefined;
return userData; return userData;
}; };