From 8ab5df675e98129bb57b106ee331a8d07d324a45 Mon Sep 17 00:00:00 2001
From: Mohamed Bassem <me@mbassem.com>
Date: Sun, 23 Nov 2025 10:13:15 +0000
Subject: fix: hide collaborator emails from non-owners (#2160)

* feat: Hide collaborator emails from non-owners in shared lists

Implemented privacy protection for collaborator emails in shared lists.
Non-owners (viewers and editors) can no longer see email addresses of
the list owner or other collaborators. Only the list owner can view
all email addresses.

Changes:
- Modified List.getCollaborators() to return empty strings for emails
  when the requester is not the owner
- Updated ManageCollaboratorsModal UI to conditionally display email
  fields only when they are not empty
- Added comprehensive test to verify email privacy for non-owners while
  ensuring owners can still see all emails

This follows existing privacy patterns in the codebase (similar to how
pending invitation names are masked as "Pending User").

* make the email field nullable

* fix tests

---------

Co-authored-by: Claude <noreply@anthropic.com>
---
 packages/trpc/routers/lists.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'packages/trpc/routers/lists.ts')

diff --git a/packages/trpc/routers/lists.ts b/packages/trpc/routers/lists.ts
index 5eb0baff..296679f3 100644
--- a/packages/trpc/routers/lists.ts
+++ b/packages/trpc/routers/lists.ts
@@ -301,7 +301,7 @@ export const listsAppRouter = router({
             user: z.object({
               id: z.string(),
               name: z.string(),
-              email: z.string(),
+              email: z.string().nullable(),
             }),
           }),
         ),
@@ -309,7 +309,7 @@ export const listsAppRouter = router({
           .object({
             id: z.string(),
             name: z.string(),
-            email: z.string(),
+            email: z.string().nullable(),
           })
           .nullable(),
       }),
-- 
cgit v1.2.3-70-g09d2