Filter out possibly sensitive information for normal users

Fixes #407
This commit is contained in:
Girish Ramakrishnan
2017-08-26 13:59:45 -07:00
parent a87dd65c1d
commit 1da91b64f6
2 changed files with 50 additions and 2 deletions

View File

@@ -184,6 +184,10 @@ function getConfig(req, res, next) {
cloudron.getConfig(function (error, cloudronConfig) {
if (error) return next(new HttpError(500, error));
if (!req.user.admin) {
cloudronConfig = _.pick(cloudronConfig, 'apiServerOrigin', 'webServerOrigin', 'fqdn', 'version', 'progress', 'isCustomDomain', 'isDemo', 'cloudronName', 'provider');
}
next(new HttpSuccess(200, cloudronConfig));
});
}