aboutsummaryrefslogtreecommitdiffstats
path: root/routers/api/v1/api.go
diff options
context:
space:
mode:
Diffstat (limited to 'routers/api/v1/api.go')
-rw-r--r--routers/api/v1/api.go12
1 files changed, 10 insertions, 2 deletions
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
index 883e694e44..bfc601c835 100644
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@@ -356,12 +356,20 @@ func reqToken() func(ctx *context.APIContext) {
func reqExploreSignIn() func(ctx *context.APIContext) {
return func(ctx *context.APIContext) {
- if setting.Service.Explore.RequireSigninView && !ctx.IsSigned {
+ if (setting.Service.RequireSignInView || setting.Service.Explore.RequireSigninView) && !ctx.IsSigned {
ctx.Error(http.StatusUnauthorized, "reqExploreSignIn", "you must be signed in to search for users")
}
}
}
+func reqUsersExploreEnabled() func(ctx *context.APIContext) {
+ return func(ctx *context.APIContext) {
+ if setting.Service.Explore.DisableUsersPage {
+ ctx.NotFound()
+ }
+ }
+}
+
func reqBasicOrRevProxyAuth() func(ctx *context.APIContext) {
return func(ctx *context.APIContext) {
if ctx.IsSigned && setting.Service.EnableReverseProxyAuthAPI && ctx.Data["AuthedMethod"].(string) == auth.ReverseProxyMethodName {
@@ -955,7 +963,7 @@ func Routes() *web.Router {
// Users (requires user scope)
m.Group("/users", func() {
- m.Get("/search", reqExploreSignIn(), user.Search)
+ m.Get("/search", reqExploreSignIn(), reqUsersExploreEnabled(), user.Search)
m.Group("/{username}", func() {
m.Get("", reqExploreSignIn(), user.GetInfo)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-29 15:08:25 +0000