MM-10980: Conditionally filteres User json properties. (#9018)

author: Martin Kraft <mkraft@users.noreply.github.com> 2018-06-29 08:45:04 -0400
committer: Joram Wilander <jwawilander@gmail.com> 2018-06-29 08:45:04 -0400
commit: 56ba06c0166f46e9fcfcc4f654a3f7346244b5a9 (patch)
tree: 394da528f922b1d4377ebc8504aaadd53f683f75 /api4
parent: e51ae397664b6c2b04bfa263429da550240d160e (diff)
download: chat-56ba06c0166f46e9fcfcc4f654a3f7346244b5a9.tar.gz
chat-56ba06c0166f46e9fcfcc4f654a3f7346244b5a9.tar.bz2
chat-56ba06c0166f46e9fcfcc4f654a3f7346244b5a9.zip
2 files changed, 12 insertions, 2 deletions
diff --git a/api4/user.go b/api4/user.go
index 14ab3a0a2..ac702644d 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -154,7 +154,11 @@ func getUserByUsername(c *Context, w http.ResponseWriter, r *http.Request) {
 	if c.HandleEtag(etag, "Get User", w, r) {
 		return
 	} else {
-		c.App.SanitizeProfile(user, c.IsSystemAdmin())
+		if c.Session.UserId == user.Id {
+			user.Sanitize(map[string]bool{})
+		} else {
+			c.App.SanitizeProfile(user, c.IsSystemAdmin())
+		}
 		w.Header().Set(model.HEADER_ETAG_SERVER, etag)
 		w.Write([]byte(user.ToJson()))
 		return
diff --git a/api4/user_test.go b/api4/user_test.go
index 96aa55d5f..ad77c8c4c 100644
--- a/api4/user_test.go
+++ b/api4/user_test.go
@@ -411,7 +411,7 @@ func TestGetUserByUsername(t *testing.T) {
 	th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false })
 	th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false })
 
-	ruser, resp = Client.GetUserByUsername(user.Username, "")
+	ruser, resp = Client.GetUserByUsername(th.BasicUser2.Username, "")
 	CheckNoError(t, resp)
 
 	if ruser.Email != "" {
@@ -424,6 +424,12 @@ func TestGetUserByUsername(t *testing.T) {
 		t.Fatal("last name should be blank")
 	}
 
+	ruser, resp = Client.GetUserByUsername(th.BasicUser.Username, "")
+	CheckNoError(t, resp)
+	if len(ruser.NotifyProps) == 0 {
+		t.Fatal("notify props should be sent")
+	}
+
 	Client.Logout()
 	_, resp = Client.GetUserByUsername(user.Username, "")
 	CheckUnauthorizedStatus(t, resp)
author	Martin Kraft <mkraft@users.noreply.github.com>	2018-06-29 08:45:04 -0400
committer	Joram Wilander <jwawilander@gmail.com>	2018-06-29 08:45:04 -0400
commit	56ba06c0166f46e9fcfcc4f654a3f7346244b5a9 (patch)
tree	394da528f922b1d4377ebc8504aaadd53f683f75 /api4
parent	e51ae397664b6c2b04bfa263429da550240d160e (diff)
download	chat-56ba06c0166f46e9fcfcc4f654a3f7346244b5a9.tar.gz chat-56ba06c0166f46e9fcfcc4f654a3f7346244b5a9.tar.bz2 chat-56ba06c0166f46e9fcfcc4f654a3f7346244b5a9.zip