remove sensitive information from data_only for siteuser objects
authorTony Cook <tony@develop-help.com>
Wed, 11 May 2016 13:49:31 +0000 (23:49 +1000)
committerTony Cook <tony@develop-help.com>
Fri, 27 May 2016 09:12:48 +0000 (19:12 +1000)
site/cgi-bin/modules/BSE/TB/SiteUser.pm

index 1008202..d57f3f8 100644 (file)
@@ -18,7 +18,7 @@ SiteUser - represent a site user (or member)
 
 =cut
 
-our $VERSION = "1.017";
+our $VERSION = "1.018";
 
 use constant MAX_UNACKED_CONF_MSGS => 3;
 use constant MIN_UNACKED_CONF_GAP => 2 * 24 * 60 * 60;
@@ -1035,6 +1035,15 @@ sub logon {
   return $self->userId;
 }
 
+sub data_only {
+  my ($self) = @_;
+
+  my $data = $self->SUPER::data_only();
+  delete @$data{qw/confirmSecret password password_type/};
+
+  return $data;
+}
+
 =back
 
 =cut