Commit 05d678c0 authored by feld's avatar feld
Browse files

Expose user email address to user/owner; not publicly.

parent 8e9f032f
Pipeline #36094 passed with stages
in 10 minutes and 46 seconds
......@@ -10,6 +10,7 @@ The format is based on [Keep a Changelog](
- The `application` metadata returned with statuses is no longer hardcoded. Apps that want to display these details will now have valid data for new posts after this change.
- HTTPSecurityPlug now sends a response header to opt out of Google's FLoC (Federated Learning of Cohorts) targeted advertising.
- Email address is now returned if requesting user is the owner of the user account so it can be exposed in client and FE user settings UIs.
### Added
......@@ -292,6 +292,7 @@ defp do_render("show.json", %{user: user} = opts) do
|> maybe_put_allow_following_move(user, opts[:for])
|> maybe_put_unread_conversation_count(user, opts[:for])
|> maybe_put_unread_notification_count(user, opts[:for])
|> maybe_put_email_address(user, opts[:for])
defp username_from_nickname(string) when is_binary(string) do
......@@ -403,6 +404,16 @@ defp maybe_put_unread_notification_count(data, %User{id: user_id}, %User{id: use
defp maybe_put_unread_notification_count(data, _, _), do: data
defp maybe_put_email_address(data, %User{id: user_id}, %User{id: user_id} = user) do
[:pleroma, :email],
defp maybe_put_email_address(data, _, _), do: data
defp image_url(%{"url" => [%{"href" => href} | _]}), do: href
defp image_url(_), do: nil
......@@ -468,6 +468,23 @@ test "shows unread_count only to the account owner" do
%{user: user, for: user}
)[:pleroma][:unread_notifications_count] == 7
test "shows email only to the account owner" do
user = insert(:user)
other_user = insert(:user)
user = User.get_cached_by_ap_id(user.ap_id)
assert AccountView.render(
%{user: user, for: other_user}
)[:pleroma][:email] == nil
assert AccountView.render(
%{user: user, for: user}
)[:pleroma][:email] ==
describe "follow requests counter" do
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment