github
/
filebrowser
mirror of https://github.com/filebrowser/filebrowser
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: don't expose scope for non-admin users

pull/1841/head
Oleg Lobanov 2022-02-21 20:17:42 +01:00
parent c1987237d0
commit 0942fc7042
No known key found for this signature in database
GPG Key ID: 65FF3DB864FE3D2A
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
http/users.go
View File

@ -94,6 +94,9 @@ var userGetHandler = withSelfOrAdmin(func(w http.ResponseWriter, r *http.Request
} }
u.Password = "" u.Password = ""
if !u.Perm.Admin {
u.Scope = ""
}
return renderJSON(w, r, u) return renderJSON(w, r, u)
}) })