From ae564c97d48bf728745c57720734cb40378fd90f Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Fri, 13 Jun 2014 17:46:48 +0300 Subject: Dont expose user email via API To prevent leaking of users info we reduce amount of user information retrieved via API for normal users. What user can get via API: * if not admin: only id, state, name, username and avatar_url * if admin: all user information * about himself: all informaion Signed-off-by: Dmitriy Zaporozhets --- lib/api/internal.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/api/internal.rb') diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 06c66ba0b35..5850892df07 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -59,4 +59,3 @@ module API end end end - -- cgit v1.2.1