diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index a9617541fa..d8693ee9df 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -548,6 +548,8 @@ unfollow = Unfollow
heatmap.loading = Loading Heatmap…
user_bio = Biography
disabled_public_activity = This user has disabled the public visibility of the activity.
+email_visibility.limited = Your email address is visible to all authenticated users
+email_visibility.private = Your email address is only visible to you and administrators
form.name_reserved = The username '%s' is reserved.
form.name_pattern_not_allowed = The pattern '%s' is not allowed in a username.
@@ -661,7 +663,7 @@ add_email_success = The new email address has been added.
email_preference_set_success = Email preference has been set successfully.
add_openid_success = The new OpenID address has been added.
keep_email_private = Hide Email Address
-keep_email_private_popup = Your email address will be hidden from other users.
+keep_email_private_popup = Your email address will only be visible to you and the administrators
openid_desc = OpenID lets you delegate authentication to an external provider.
manage_ssh_keys = Manage SSH Keys
@@ -842,9 +844,9 @@ email_notifications.andyourown = And Your Own Notifications
visibility = User visibility
visibility.public = Public
-visibility.public_tooltip = Visible to all users
+visibility.public_tooltip = Visible to everyone
visibility.limited = Limited
-visibility.limited_tooltip = Visible to logged in users only
+visibility.limited_tooltip = Visible to authenticated users only
visibility.private = Private
visibility.private_tooltip = Visible only to organization members
@@ -2421,7 +2423,7 @@ settings.permission = Permissions
settings.repoadminchangeteam = Repository admin can add and remove access for teams
settings.visibility = Visibility
settings.visibility.public = Public
-settings.visibility.limited = Limited (Visible to logged in users only)
+settings.visibility.limited = Limited (Visible to authenticated users only)
settings.visibility.limited_shortname = Limited
settings.visibility.private = Private (Visible only to organization members)
settings.visibility.private_shortname = Private
diff --git a/templates/user/profile.tmpl b/templates/user/profile.tmpl
index d4a0f4a3ac..e0e05575fa 100644
--- a/templates/user/profile.tmpl
+++ b/templates/user/profile.tmpl
@@ -30,11 +30,29 @@
{{if .Owner.Location}}
{{svg "octicon-location"}} {{.Owner.Location}}
{{end}}
- {{if .ShowUserEmail}}
+ {{if (eq .SignedUserName .Owner.Name)}}
{{svg "octicon-mail"}}
{{.Owner.Email}}
+
+ {{if .ShowUserEmail}}
+
+ {{svg "octicon-unlock"}}
+
+ {{else}}
+
+ {{svg "octicon-lock"}}
+
+ {{end}}
+
+ {{else}}
+ {{if .ShowUserEmail}}
+
+ {{svg "octicon-mail"}}
+ {{.Owner.Email}}
+
+ {{end}}
{{end}}
{{if .Owner.Website}}
diff --git a/tests/integration/setting_test.go b/tests/integration/setting_test.go
index 777faf8cc0..cb8248e6e2 100644
--- a/tests/integration/setting_test.go
+++ b/tests/integration/setting_test.go
@@ -50,42 +50,42 @@ func TestSettingShowUserEmailProfile(t *testing.T) {
setting.UI.ShowUserEmail = true
- // user1 can see self
+ // user1 can see own visible email
session := loginUser(t, "user1")
req := NewRequest(t, "GET", "/user1")
resp := session.MakeRequest(t, req, http.StatusOK)
htmlDoc := NewHTMLParser(t, resp.Body)
assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user1@example.com")
- // user1 can not see user2
+ // user1 can not see user2's hidden email
req = NewRequest(t, "GET", "/user2")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
- // Should not contain even if the user visits their own profile page
+ // Should only contain if the user visits their own profile page
assert.NotContains(t, htmlDoc.doc.Find(".user.profile").Text(), "user2@example.com")
- // user2 can see user1
+ // user2 can see user1's visible email
session = loginUser(t, "user2")
req = NewRequest(t, "GET", "/user1")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user1@example.com")
- // user2 can not see self
+ // user2 can see own hidden email
session = loginUser(t, "user2")
req = NewRequest(t, "GET", "/user2")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
- assert.NotContains(t, htmlDoc.doc.Find(".user.profile").Text(), "user2@example.com")
+ assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user2@example.com")
setting.UI.ShowUserEmail = false
- // user1 can not see self
+ // user1 can see own (now hidden) email
session = loginUser(t, "user1")
req = NewRequest(t, "GET", "/user1")
resp = session.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
- assert.NotContains(t, htmlDoc.doc.Find(".user.profile").Text(), "user1@example.com")
+ assert.Contains(t, htmlDoc.doc.Find(".user.profile").Text(), "user1@example.com")
setting.UI.ShowUserEmail = showUserEmail
}