From 8f96db4d0b52d0701398703364948e659f3ce34f Mon Sep 17 00:00:00 2001
From: Antti Ahti <antti.ahti@gmail.com>
Date: Wed, 14 Oct 2015 19:27:19 +0300
Subject: Sanitize team data

We don't want to expose sensitive data that might pose a security risk.
---
 api/team.go   | 1 +
 model/team.go | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/api/team.go b/api/team.go
index 18acf33ce..f6038566a 100644
--- a/api/team.go
+++ b/api/team.go
@@ -411,6 +411,7 @@ func findTeams(c *Context, w http.ResponseWriter, r *http.Request) {
 		teams := result.Data.([]*model.Team)
 		m := make(map[string]*model.Team)
 		for _, v := range teams {
+			v.Sanitize()
 			m[v.Id] = v
 		}
 
diff --git a/model/team.go b/model/team.go
index c0f6524cd..584c78f8d 100644
--- a/model/team.go
+++ b/model/team.go
@@ -219,3 +219,9 @@ func CleanTeamName(s string) string {
 
 func (o *Team) PreExport() {
 }
+
+func (o *Team) Sanitize() {
+	o.Email = ""
+	o.Type = ""
+	o.AllowedDomains = ""
+}
-- 
cgit v1.2.3-1-g7c22