[NEW] Privacy for custom user fields#10891
[NEW] Privacy for custom user fields#10891vynmera wants to merge 25 commits intoRocketChat:developfrom
Conversation
|
I believe this should do it. If there are any issues, please let me know (as I'm new to this codebase) |
| sCustomFields = JSON.parse(metaCustomFields); | ||
|
|
||
| if (sCustomFields) { | ||
| _.each(sCustomFields, (el, key) => { |
There was a problem hiding this comment.
Let's change this to Object.keys(sCustomFields).forEach((key) => { const item = sCustomFields[key]; }), as we are slowly trying to lift our reliance on the _ package.
| }); | ||
| } | ||
| } catch (e) { | ||
| if (metaCustomFields !== '') { |
There was a problem hiding this comment.
Instead of checking this here, let's check it first before we try to parse the json. This way the error being thrown is a valid error instead of a error that will happen on the servers which don't use custom fields. As a server might have setup error handling/monitoring and adding a false positive will not be the best option, in my opinion. :)
…essary exceptions
ggazzo
added
the
area: ui/ux
|
I'm closing this PR as I've remade it here: #11332 |
4 participants
View #11332 instead
Closes an undocumented UI issue where a user without permissions couldn't see their own fields in the user panel, but could see them in their profile.
Possibly related to #6515.
When using custom user fields, you might not want to expose rather private fields like
statusConnectionor their email. Currently, to view custom fields, theview-full-other-user-infopermission is required.This PR adds an optional
publicfield to allAccounts_CustomFieldsentries, which overrides this requirement, so users without the permission can see the field.Setup
The
publicfield will default to false when not specified.Preview
Any user can see all of their own fields.
However, if they do not have the
view-full-other-user-infopermission, they can only see others' public fields.Of course, those with the
view-full-other-user-infopermission can always see all fields.This is my first OSS contribution, so please tell me how I did!