mirror of
https://github.com/discourse/discourse.git
synced 2025-01-19 05:43:16 +08:00
FIX: do not show SSO external_email to moderators
This commit is contained in:
parent
ff7cbf6935
commit
57f5f7d755
|
@ -541,10 +541,12 @@
|
|||
<div class='field'>{{i18n 'admin.user.sso.external_name'}}</div>
|
||||
<div class='value'>{{sso.external_name}}</div>
|
||||
</div>
|
||||
<div class='display-row'>
|
||||
<div class='field'>{{i18n 'admin.user.sso.external_email'}}</div>
|
||||
<div class='value'>{{sso.external_email}}</div>
|
||||
</div>
|
||||
{{#if sso.external_email}}
|
||||
<div class='display-row'>
|
||||
<div class='field'>{{i18n 'admin.user.sso.external_email'}}</div>
|
||||
<div class='value'>{{sso.external_email}}</div>
|
||||
</div>
|
||||
{{/if}}
|
||||
<div class='display-row'>
|
||||
<div class='field'>{{i18n 'admin.user.sso.external_avatar_url'}}</div>
|
||||
<div class='value'>{{sso.external_avatar_url}}</div>
|
||||
|
|
|
@ -6,4 +6,8 @@ class SingleSignOnRecordSerializer < ApplicationSerializer
|
|||
:external_avatar_url,
|
||||
:external_profile_background_url,
|
||||
:external_card_background_url
|
||||
|
||||
def include_external_email?
|
||||
scope.is_admin?
|
||||
end
|
||||
end
|
||||
|
|
36
spec/serializers/single_sign_on_record_serializer_spec.rb
Normal file
36
spec/serializers/single_sign_on_record_serializer_spec.rb
Normal file
|
@ -0,0 +1,36 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe SingleSignOnRecordSerializer do
|
||||
let(:user) { user = Fabricate(:user) }
|
||||
let :sso do
|
||||
SingleSignOnRecord.create!(user_id: user.id, external_id: '12345', external_email: user.email, last_payload: '')
|
||||
end
|
||||
|
||||
context "admin" do
|
||||
let(:admin) { Fabricate(:admin) }
|
||||
let :serializer do
|
||||
SingleSignOnRecordSerializer.new(sso, scope: Guardian.new(admin), root: false)
|
||||
end
|
||||
|
||||
it "should include user sso info" do
|
||||
payload = serializer.as_json
|
||||
expect(payload[:user_id]).to eq(user.id)
|
||||
expect(payload[:external_id]).to eq('12345')
|
||||
expect(payload[:external_email]).to eq(user.email)
|
||||
end
|
||||
end
|
||||
|
||||
context "moderator" do
|
||||
let(:moderator) { Fabricate(:moderator) }
|
||||
let :serializer do
|
||||
SingleSignOnRecordSerializer.new(sso, scope: Guardian.new(moderator), root: false)
|
||||
end
|
||||
|
||||
it "should include user sso info" do
|
||||
payload = serializer.as_json
|
||||
expect(payload[:user_id]).to eq(user.id)
|
||||
expect(payload[:external_id]).to eq('12345')
|
||||
expect(payload[:external_email]).to be_nil
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue
Block a user