Show email if the authenticated user owns the profile page being requested for (#4981)

* Show email if the authenticated user owns the profile page being
requested for.

Also removed `setting.UI.ShowUserEmail` as it's documentation says it
only controls the email setting on the explore page

* fix current user check... This prevents a panic as a user must be signed in before ctx.User is called

* fix panic in tests

* try to fix tests

* Update year

* Test CI fail

* Revert change

* User 3 is not allowed to authorize

* Set user2 email to be private

* Change to user4 in explore page as user2 now has private email option set

4 files changed, 17 insertions, 5 deletions

diff --git a/integrations/setting_test.go b/integrations/setting_test.go
index 2aac8e90ed..54f4fded66 100644
--- a/integrations/setting_test.go
+++ b/integrations/setting_test.go
@@ -25,7 +25,7 @@ func TestSettingShowUserEmailExplore(t *testing.T) {
 	htmlDoc := NewHTMLParser(t, resp.Body)
 	assert.Contains(t,
 		htmlDoc.doc.Find(".ui.user.list").Text(),
-		"user2@example.com",
+		"user4@example.com",
 	)
 
 	setting.UI.ShowUserEmail = false
@@ -35,7 +35,7 @@ func TestSettingShowUserEmailExplore(t *testing.T) {
 	htmlDoc = NewHTMLParser(t, resp.Body)
 	assert.NotContains(t,
 		htmlDoc.doc.Find(".ui.user.list").Text(),
-		"user2@example.com",
+		"user4@example.com",
 	)
 
 	setting.UI.ShowUserEmail = showUserEmail
@@ -61,12 +61,23 @@ func TestSettingShowUserEmailProfile(t *testing.T) {
 	req = NewRequest(t, "GET", "/user2")
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	htmlDoc = NewHTMLParser(t, resp.Body)
-	assert.NotContains(t,
+	// Should contain since this user owns the profile page
+	assert.Contains(t,
 		htmlDoc.doc.Find(".user.profile").Text(),
 		"user2@example.com",
 	)
 
 	setting.UI.ShowUserEmail = showUserEmail
+
+	session = loginUser(t, "user4")
+	req = NewRequest(t, "GET", "/user2")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	htmlDoc = NewHTMLParser(t, resp.Body)
+	assert.NotContains(t,
+		htmlDoc.doc.Find(".user.profile").Text(),
+		"user2@example.com",
+	)
+
 }
 
 func TestSettingLandingPage(t *testing.T) {
diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index 3a44946bb2..8d2b698b20 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -21,6 +21,7 @@
   name: user2
   full_name: "   < U<se>r Tw<o > ><  "
   email: user2@example.com
+  keep_email_private: true
   passwd: 7d93daa0d1e6f2305cc8fa496847d61dc7320bb16262f9c55dd753480207234cdd96a93194e408341971742f4701772a025a # password
   type: 0 # individual
   salt: ZogKvWdyEx
diff --git a/routers/user/profile.go b/routers/user/profile.go
index b1daa9e496..03f88e256a 100644
--- a/routers/user/profile.go
+++ b/routers/user/profile.go
@@ -237,7 +237,7 @@ func Profile(ctx *context.Context) {
 		}
 	}
 
-	ctx.Data["ShowUserEmail"] = setting.UI.ShowUserEmail
+	ctx.Data["ShowUserEmail"] = len(ctxUser.Email) > 0 && ctx.IsSigned && (!ctxUser.KeepEmailPrivate || ctxUser.ID == ctx.User.ID)
 
 	ctx.HTML(200, tplProfile)
 }
diff --git a/templates/user/profile.tmpl b/templates/user/profile.tmpl
index b3a500e9f6..f65776bdfa 100644
--- a/templates/user/profile.tmpl
+++ b/templates/user/profile.tmpl
@@ -22,7 +22,7 @@
 							{{if .Owner.Location}}
 								<li><i class="octicon octicon-location"></i> {{.Owner.Location}}</li>
 							{{end}}
-							{{if and $.ShowUserEmail .Owner.Email .IsSigned (not .Owner.KeepEmailPrivate)}}
+							{{if .ShowUserEmail }}
 								<li>
 									<i class="octicon octicon-mail"></i>
 									<a href="mailto:{{.Owner.Email}}" rel="nofollow">{{.Owner.Email}}</a>