diff options
Diffstat (limited to 'api')
| -rw-r--r-- | api/user.go | 65 |
1 files changed, 21 insertions, 44 deletions
diff --git a/api/user.go b/api/user.go index 6b9aa4f64..d7eab3d46 100644 --- a/api/user.go +++ b/api/user.go @@ -898,17 +898,7 @@ func getInitialLoad(c *Context, w http.ResponseWriter, r *http.Request) { profiles := dp.Data.(map[string]*model.User) for k, p := range profiles { - options := utils.Cfg.GetSanitizeOptions() - options["passwordupdate"] = false - - if c.IsSystemAdmin() { - options["fullname"] = true - options["email"] = true - } else { - p.ClearNonProfileFields() - } - - p.Sanitize(options) + p.SanitizeProfile(c.IsSystemAdmin(), false, true, true) profiles[k] = p } @@ -984,17 +974,7 @@ func getProfilesForDirectMessageList(c *Context, w http.ResponseWriter, r *http. profiles := result.Data.(map[string]*model.User) for k, p := range profiles { - options := utils.Cfg.GetSanitizeOptions() - options["passwordupdate"] = false - - if c.IsSystemAdmin() { - options["fullname"] = true - options["email"] = true - } else { - p.ClearNonProfileFields() - } - - p.Sanitize(options) + p.SanitizeProfile(c.IsSystemAdmin(), false, false, false) profiles[k] = p } @@ -1024,17 +1004,7 @@ func getProfiles(c *Context, w http.ResponseWriter, r *http.Request) { profiles := result.Data.(map[string]*model.User) for k, p := range profiles { - options := utils.Cfg.GetSanitizeOptions() - options["passwordupdate"] = false - - if c.IsSystemAdmin() { - options["fullname"] = true - options["email"] = true - } else { - p.ClearNonProfileFields() - } - - p.Sanitize(options) + p.SanitizeProfile(c.IsSystemAdmin(), false, true, true) profiles[k] = p } @@ -1056,17 +1026,7 @@ func getDirectProfiles(c *Context, w http.ResponseWriter, r *http.Request) { profiles := result.Data.(map[string]*model.User) for k, p := range profiles { - options := utils.Cfg.GetSanitizeOptions() - options["passwordupdate"] = false - - if c.IsSystemAdmin() { - options["fullname"] = true - options["email"] = true - } else { - p.ClearNonProfileFields() - } - - p.Sanitize(options) + p.SanitizeProfile(c.IsSystemAdmin(), false, true, true) profiles[k] = p } @@ -1312,6 +1272,16 @@ func uploadProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { Srv.Store.User().UpdateLastPictureUpdate(c.Session.UserId) + if result := <-Srv.Store.User().Get(c.Session.UserId); result.Err != nil { + l4g.Error(utils.T("api.user.get_me.getting.error"), c.Session.UserId) + } else { + user := result.Data.(*model.User) + user.SanitizeProfile(c.IsSystemAdmin(), false, true, true) + message := model.NewWebSocketEvent("", "", c.Session.UserId, model.WEBSOCKET_EVENT_USER_UPDATED) + message.Add("user", user) + go Publish(message) + } + c.LogAudit("") // write something as the response since jQuery expects a json response @@ -1355,6 +1325,13 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { go sendEmailChangeUsername(c, rusers[1].Username, rusers[0].Username, rusers[0].Email, c.GetSiteURL()) } + updatedUser := rusers[0] + updatedUser.SanitizeProfile(c.IsSystemAdmin(), false, true, true) + + message := model.NewWebSocketEvent("", "", user.Id, model.WEBSOCKET_EVENT_USER_UPDATED) + message.Add("user", updatedUser) + go Publish(message) + rusers[0].Password = "" rusers[0].AuthData = new(string) *rusers[0].AuthData = "" |