diff options
| author | Sergey Dryabzhinsky <sergey@rusoft.ru> | 2021-06-26 22:53:14 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-06-26 20:53:14 +0100 |
| commit | 22a0636544237bcffb46b36b593a501e77ae02cc (patch) | |
| tree | 009c2bcf2b478f45356b8aae59f29091ffc5809f /routers/api/v1/user | |
| parent | 19ac575d572af655ab691f829d0b4de38a1f10be (diff) | |
| download | gitea-22a0636544237bcffb46b36b593a501e77ae02cc.tar.gz gitea-22a0636544237bcffb46b36b593a501e77ae02cc.zip | |
Add Visible modes function from Organisation to Users too (#16069)
You can limit or hide organisations. This pull make it also posible for users
- new strings to translte
- add checkbox to user profile form
- add checkbox to admin user.edit form
- filter explore page user search
- filter api admin and public user searches
- allow admins view "hidden" users
- add app option DEFAULT_USER_VISIBILITY
- rewrite many files to use Visibility field
- check for teams intersection
- fix context output
- right fake 404 if not visible
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'routers/api/v1/user')
| -rw-r--r-- | routers/api/v1/user/helper.go | 2 | ||||
| -rw-r--r-- | routers/api/v1/user/user.go | 7 |
2 files changed, 8 insertions, 1 deletions
diff --git a/routers/api/v1/user/helper.go b/routers/api/v1/user/helper.go index fcdac257ed..a3500e0ee6 100644 --- a/routers/api/v1/user/helper.go +++ b/routers/api/v1/user/helper.go @@ -17,7 +17,7 @@ func GetUserByParamsName(ctx *context.APIContext, name string) *models.User { user, err := models.GetUserByName(username) if err != nil { if models.IsErrUserNotExist(err) { - if redirectUserID, err := models.LookupUserRedirect(username); err == nil { + if redirectUserID, err2 := models.LookupUserRedirect(username); err2 == nil { context.RedirectToUser(ctx.Context, username, redirectUserID) } else { ctx.NotFound("GetUserByName", err) diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go index 4adae532fd..ac543d597d 100644 --- a/routers/api/v1/user/user.go +++ b/routers/api/v1/user/user.go @@ -57,6 +57,7 @@ func Search(ctx *context.APIContext) { listOptions := utils.GetListOptions(ctx) opts := &models.SearchUserOptions{ + Actor: ctx.User, Keyword: strings.Trim(ctx.Query("q"), " "), UID: ctx.QueryInt64("uid"), Type: models.UserTypeIndividual, @@ -102,10 +103,16 @@ func GetInfo(ctx *context.APIContext) { // "$ref": "#/responses/notFound" u := GetUserByParams(ctx) + if ctx.Written() { return } + if !u.IsVisibleToUser(ctx.User) { + // fake ErrUserNotExist error message to not leak information about existence + ctx.NotFound("GetUserByName", models.ErrUserNotExist{Name: ctx.Params(":username")}) + return + } ctx.JSON(http.StatusOK, convert.ToUser(u, ctx.User)) } |