From 2b1e67e0851ccaf040baf5331f5b66150a550afb Mon Sep 17 00:00:00 2001
From: Unknwon <u@gogs.io>
Date: Tue, 14 Jul 2015 23:21:34 +0800
Subject: #1127: hide user e-mail when API caller isn't signed in

---
 routers/api/v1/user.go | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'routers/api/v1/user.go')

diff --git a/routers/api/v1/user.go b/routers/api/v1/user.go
index e9ba615f..a4648297 100644
--- a/routers/api/v1/user.go
+++ b/routers/api/v1/user.go
@@ -68,5 +68,10 @@ func GetUserInfo(ctx *middleware.Context) {
 		}
 		return
 	}
+
+	// Hide user e-mail when API caller isn't signed in.
+	if !ctx.IsSigned {
+		u.Email = ""
+	}
 	ctx.JSON(200, &api.User{u.Id, u.Name, u.FullName, u.Email, u.AvatarLink()})
 }
-- 
cgit v1.2.3