API owner is always admin in detail view

[philippeluickx]

On production. When in the catalog the user is someone "not admin", in the detailview it shows "admin".

[marla-singer]

@philippeluickx It happens when api doesn't have owner any more (user deleted account) or api was created by user, who sighed up via GitHub

[bajiat]

@marla-singer Thanks for checking. Why is the user then displayed in the Catalog, if it is one of the cases described by you? I'll post an example from apinf.io: same API in Catalog and in API profile.

[bajiat]

Compare the following screenshots in apinf.io: owner is shown in Catalog, but not in profile view:

[jykae]

Good find, taking look

[jykae]

@marla-singer I tried both cases described on latest develop, works as expected. Is this behaviour happening only in production? Checking nightly

[jykae]

Nightly has same issue, trying to reproduce there.

[marla-singer]

@jykae Let me know if you can't reproduce it, I'll try too

[jykae]

@marla-singer On nightly, my own APIs with user (admin role) I am signed in show right both catalogue & API profile. Others work like described.

[marla-singer]

@jykae
Second case: Sign in like GitHub user, create an api and sign out. In API profile owner will be admin. Look above in Taija's screenshot.

What did you check?

[jykae]

@marla-singer Ok, now got that locally. When I log in with that Github user the profile page shows the user right.

[jykae]

Problematic line https://github.com/apinf/platform/blob/develop/apis/collection/helpers.js#L59

On the client we publish only currentUser when user is logged in, Meteor.users can be queried only on server side for security.