diff --git a/app/serializers/user_serializer.rb b/app/serializers/user_serializer.rb index b2bde1321a5..15b871a8a3c 100644 --- a/app/serializers/user_serializer.rb +++ b/app/serializers/user_serializer.rb @@ -44,7 +44,8 @@ class UserSerializer < BasicUserSerializer :uploaded_avatar_id, :badge_count, :has_title_badges, - :edit_history_public + :edit_history_public, + :custom_fields has_one :invited_by, embed: :object, serializer: BasicUserSerializer has_many :custom_groups, embed: :object, serializer: BasicGroupSerializer @@ -77,7 +78,6 @@ class UserSerializer < BasicUserSerializer :disable_jump_reply, :gravatar_avatar_upload_id, :custom_avatar_upload_id, - :custom_fields, :has_title_badges ### @@ -240,4 +240,18 @@ class UserSerializer < BasicUserSerializer def include_edit_history_public? can_edit && !SiteSetting.edit_history_visible_to_public end + + def custom_fields + fields = nil + + if SiteSetting.public_user_custom_fields.present? + fields = SiteSetting.public_user_custom_fields.split('|') + end + + if fields.present? + User.custom_fields_for_ids([object.id], fields)[object.id] + else + {} + end + end end diff --git a/spec/serializers/user_serializer_spec.rb b/spec/serializers/user_serializer_spec.rb index 200c2c4939b..2ef554a42da 100644 --- a/spec/serializers/user_serializer_spec.rb +++ b/spec/serializers/user_serializer_spec.rb @@ -67,4 +67,26 @@ describe UserSerializer do end end end + + context "with custom_fields" do + let(:user) { Fabricate(:user) } + let(:json) { UserSerializer.new(user, scope: Guardian.new, root: false).as_json } + + before do + user.custom_fields['secret_field'] = 'Only for me to know' + user.custom_fields['public_field'] = 'Everyone look here' + user.save + end + + it "doesn't serialize the fields by default" do + json[:custom_fields] + json[:custom_fields].should be_empty + end + + it "serializes the fields listed in public_user_custom_fields site setting" do + SiteSetting.stubs(:public_user_custom_fields).returns('public_field') + json[:custom_fields]['public_field'].should == user.custom_fields['public_field'] + json[:custom_fields]['secret_field'].should be_nil + end + end end