Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-30 18:46:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: #11906, remove retrieval of SSO data in getAllData internal method, only retrieve for calling user or admins, and only on edit page

Browse Source
This commit is contained in:
Julian Lam
2023-08-21 15:26:22 -04:00
parent c44ddb10e7
commit 8aacc8f89c
2 changed files with 7 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/controllers/accounts/edit.js
View File

@@ -5,6 +5,7 @@ const meta = require('../../meta');
const helpers = require('../helpers');
const groups = require('../../groups');
const privileges = require('../../privileges');
const plugins = require('../../plugins');
const accountHelpers = require('./helpers');
const file = require('../../file');
@@ -19,9 +20,10 @@ editController.get = async function (req, res) {
groups: _groups,
groupTitleArray,
allowMultipleBadges,
}, canUseSignature] = await Promise.all([
}, canUseSignature, canManageUsers] = await Promise.all([
accountHelpers.getUserDataByUserSlug(req.params.userslug, req.uid, req.query),
privileges.global.can('signature', req.uid),
privileges.admin.can('admin:users', req.uid),
]);
const payload = {};
@@ -38,6 +40,10 @@ editController.get = async function (req, res) {
payload.groups = _groups.filter(g => g && g.userTitleEnabled && !groups.isPrivilegeGroup(g.name) && g.name !== 'registered-users');
if (req.uid === res.locals.uid || canManageUsers) {
payload.sso = await plugins.hooks.fire('filter:auth.list', { uid: res.locals.uid, associations: [] });
}
if (!allowMultipleBadges) {
payload.groupTitle = groupTitleArray[0];
}