diff --git a/app/views/users/show.api.rsb b/app/views/users/show.api.rsb
index d83ad22f6..1a3041db3 100644
--- a/app/views/users/show.api.rsb
+++ b/app/views/users/show.api.rsb
@@ -1,6 +1,6 @@
api.user do
api.id @user.id
- api.login @user.login if User.current.admin? || (User.current == @user)
+ api.login @user.login
api.admin @user.admin? if User.current.admin? || (User.current == @user)
api.firstname @user.firstname
api.lastname @user.lastname
@@ -29,7 +29,7 @@ api.user do
attrs = {:id => member_role.role.id, :name => member_role.role.name}
attrs.merge!(:inherited => true) if member_role.inherited_from.present?
api.role attrs
- end
+ end
end
end
end if membership.project
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 84e95ead5..9dee5a886 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -6,9 +6,7 @@
- <% if User.current.admin? %>
- - <%=l(:field_login)%>: <%= @user.login %>
- <% end %>
+ - <%=l(:field_login)%>: <%= @user.login %>
<% unless @user.pref.hide_mail %>
- <%=l(:field_mail)%>: <%= mail_to(@user.mail, nil, :encode => 'javascript') %>
<% end %>
diff --git a/test/integration/api_test/users_test.rb b/test/integration/api_test/users_test.rb
index 80f237b25..eb96b2d29 100644
--- a/test/integration/api_test/users_test.rb
+++ b/test/integration/api_test/users_test.rb
@@ -89,16 +89,10 @@ class Redmine::ApiTest::UsersTest < Redmine::ApiTest::Base
assert_select 'user id', :text => '2'
end
- test "GET /users/:id should not return login for other user" do
+ test "GET /users/:id should return login for visible user" do
get '/users/3.xml', :headers => credentials('jsmith')
assert_response :success
- assert_select 'user login', 0
- end
-
- test "GET /users/:id should return login for current user" do
- get '/users/2.xml', :headers => credentials('jsmith')
- assert_response :success
- assert_select 'user login', :text => 'jsmith'
+ assert_select 'user login', :text => 'dlopper'
end
test "GET /users/:id should not return api_key for other user" do