FIX: do not include contact url & email in client site settings payload (PR #13004)


wait… are we sure about this?

wait… are we sure about this?

discourse/guardian.rb at 7a0e5c8cb945f2c2aafa314ff71ef4dd2d87899c · discourse/discourse · GitHub

Note that contact_url and contact_email are outside stats so can_see_about_stats will not be applicable on them. I’ll add a new guardian check to ensure if contact details can be accessed by client.

  describe "#can_see_site_contact_details" do

minor but let us make this method private

I don’t think the logic should be pushed into the guardian… yet. Contact details is very specific to this serializer so moving the logic into guardian makes it more confusing IMO.

Thanks for the review @tgxworld! PR has been updated per feedback.