Email read permission for whoami (#2064)

extensions/whoami/routes.js

@@ -1,7 +1,7 @@
 // static imports
+import _path from 'fs';
 import TimeAgo from 'javascript-time-ago';
 import localeEn from 'javascript-time-ago/locale/en';
-import _path from 'fs';
 
 // runtime imports
 const { UserActorType, AppUnderUserActorType } = extension.import('core');
@@ -61,6 +61,7 @@ const whoami_common = ({ is_user, user }) => {
 
 extension.get('/whoami', { subdomain: 'api' }, async (req, res, next) => {
     const actor = req.actor;
+
     if ( ! actor ) {
         throw Error('actor not found in context');
     }
@@ -101,7 +102,10 @@ extension.get('/whoami', { subdomain: 'api' }, async (req, res, next) => {
 
     // TODO: redundant? GetUserService already puts these values on 'user'
     // Get whoami values from other services
-    const svc_whoami = req.services.get('whoami');
+    const /** @type {any} */ svc_whoami = req.services.get('whoami');
+
+    const /** @type {any} */ svc_permission = req.services.get('permission');
+
     const provider_details = await svc_whoami.get_details({
         user: req.user,
         actor: actor,
@@ -112,8 +116,12 @@ extension.get('/whoami', { subdomain: 'api' }, async (req, res, next) => {
         // When apps call /whoami they should not see these attributes
         // delete details.username;
         // delete details.uuid;
-        delete details.email;
-        delete details.unconfirmed_email;
+
+        if ( ! (await svc_permission.check(actor, `user:${details.uuid}:email:read`)) ) {
+            delete details.email;
+            delete details.unconfirmed_email;
+        }
+
         delete details.desktop_bg_url;
         delete details.desktop_bg_color;
         delete details.desktop_bg_fit;

src/backend/src/services/GetUserService.js

@@ -17,6 +17,8 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */
+const { Actor, UserActorType } = require('./auth/Actor');
+const { PermissionImplicator } = require('./auth/permissionUtils.mjs');
 const BaseService = require('./BaseService');
 const { DB_READ } = require('./database/consts');
 
@@ -55,6 +57,24 @@ class GetUserService extends BaseService {
     * @returns {Promise<void>} A promise that resolves when the initialization is complete.
     */
     async _init () {
+
+        const svc_permission = this.services.get('permission');
+        console.log('reg imppl');
+        svc_permission.register_implicator(PermissionImplicator.create({
+            id: 'user-set-own',
+            shortcut: true,
+            matcher: permission => {
+                return permission.startsWith('user:');
+            },
+            checker: async ({ actor, permission }) => {
+                if ( ! (actor.type instanceof UserActorType) ) {
+                    return undefined;
+                }
+                if ( permission === `user:${ actor.type.user.uuid }:email:read` ) {
+                    return {};
+                }
+            },
+        }));
     }
 
     /**