kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app
History
Dmitriy Zaporozhets ae564c97d4
Dont expose user email via API 
To prevent leaking of users info we reduce amount of user information
retrieved via API for normal users.

What user can get via API:

* if not admin: only id, state, name, username and avatar_url
* if admin: all user information
* about himself: all informaion

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 		2014-06-13 17:46:48 +03:00
..
assets Dont expose user email via API 2014-06-13 17:46:48 +03:00
controllers Dont expose user email via API 2014-06-13 17:46:48 +03:00
finders Refactor some search scopes to prevent wierd behaviour and PG::Error issues 2014-06-05 20:37:35 +03:00
helpers Dont expose user email via API 2014-06-13 17:46:48 +03:00
mailers Wipe wall notes feature 2014-06-13 14:24:54 +03:00
models Dont expose user email via API 2014-06-13 17:46:48 +03:00
observers Wipe wall notes feature 2014-06-13 14:24:54 +03:00
services Move gravatar url compose to separate service 2014-06-13 17:11:46 +03:00
uploaders Make existing tests test something, return correct errors. 2014-05-26 14:17:46 +02:00
views Merge branch 'remove-wall' 2014-06-13 15:19:14 +03:00
workers Merge branch 'import-timeout' of https://dev.gitlab.org/dzaporozhets/gitlabhq into dzaporozhets/gitlabhq-import-timeout 2014-03-14 12:00:21 +02:00