Add check that user can view feature before sending change notificati…

…on email (#4676) Changes on confidential features are only sent to users that can actually see the features
GoogleChrome · Jan 9, 2025 · acab78e · acab78e
1 parent 10fe4a2
commit acab78e
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/internals/notifier.py b/internals/notifier.py
@@ -449,7 +449,10 @@ def process_post_data(self, **kwargs):
     # actually changes to it.
     # Load feature directly from NDB so as to never get a stale cached copy.
     fe = FeatureEntry.get_by_id(feature['id'])
-    if fe and (is_update and len(changes) or not is_update):
+    user = users.User(email=triggering_user_email)
+    can_view_feature = permissions.can_view_feature(user, fe)
+
+    if fe and (is_update and len(changes) or not is_update) and can_view_feature:
       email_tasks = make_feature_changes_email(
           fe, is_update=is_update, changes=changes,
           triggering_user_email=triggering_user_email)