[BUG] Android shows user email addresses even when oCIS is configured to hide them

[dj4oC]

Problem

Android shows user email addresses even when oCIS is configured to hide them.

This is a privacy / information disclosure issue and a client-server behavior mismatch.

Expected behavior

If oCIS disables email visibility, Android must not render email addresses anywhere in the UI (sharee search, share dialogs, member lists, mentions, etc.).

Actual behavior

Android still displays email addresses although the oCIS setting is disabled.

Engineering scope

Please implement and verify the full propagation path:

1. oCIS config: email-visibility setting is configured in frontend/web config (WEB_OPTION_* / WEB_UI_CONFIG_FILE)
2. Capabilities/API: effective value is exposed to clients (or add a stable capability flag)
3. Android parsing: Android reads/stores the flag
4. UI enforcement: all user/sharee UI rendering respects the flag
5. Tests: regression coverage for both states (show/hide email)

Acceptance criteria

• Android respects the oCIS email-visibility capability/setting
• No email addresses are shown when disabled
• Email display still works when enabled
• Regression tests added
• Capability key / endpoint used is documented

Impact

Privacy / information disclosure (personal email addresses shown despite server-side policy).

Environment

• Server: oCIS
• Client: ownCloud Android
• Type: Bug / Privacy

[jesmrec]

Added to 4.8 milestone.

[jesmrec]

Some questions about this one:

• Which capability is telling us that the email should be shown/hidden?
• I did not find info about the oCIS setup with (WEB_OPTION_* / WEB_UI_CONFIG_FILE) to build an environment with such values for testing.

Thanks in advance

[dj4oC]

Some questions about this one:

• Which capability is telling us that the email should be shown/hidden?
• I did not find info about the oCIS setup with (WEB_OPTION_* / WEB_UI_CONFIG_FILE) to build an environment with such values for testing.

Thanks in advance

In Helm Chart this parameter is called: showUserEmail == false
I think this ends up in: "search":{"property":{"name":{"enabled":true}
... ocs/v1.php/cloud/capabilities?format=json

@kobergj and / or @d7oc can you confirm?

[d7oc]

I'm not sure if this is the right parameter, but showUserEmail point to ENV variable OCIS_SHOW_USER_EMAIL_IN_RESULTS if that helps.

[jesmrec]

I think this ends up in: "search":{"property":{"name":{"enabled":true}

that capability sounds like the file-searching feature. Something to do here? It's like...

 "search": {
                    "property": {
                        "content": {
                            "enabled": true
                        },
                        "mediatype": {
                            "enabled": true,
                            "keywords": [
                                "document",
                                "spreadsheet",
                                "presentation",
                                "pdf",
                                "image",
                                "video",
                                "audio",

I'm not sure if this is the right parameter, but showUserEmail point to ENV variable OCIS_SHOW_USER_EMAIL_IN_RESULTS if that helps.

i built an oCIS server via simple docker-compose.yml file, adding OCIS_SHOW_USER_EMAIL_IN_RESULTS as false in the environment section. Unfortunately, things did not change and all clients still displayed the user email.

[jesmrec]

I'm not sure if this is the right parameter, but showUserEmail point to ENV variable OCIS_SHOW_USER_EMAIL_IN_RESULTS if that helps.

also, about this:

https://github.com/owncloud/ocis/blob/8addbceed718a4a66109eb7a12af895f9ea602bd/changelog/8.0.0_2026-02-13/change-remove-ocis-show-user-email-in-results.md?plain=1

i have explored the OCIS_USER_SEARCH_DISPLAYED_ATTRIBUTES parameter and works fine in web (non-admin users, admins will always see the email)

if OCIS_USER_SEARCH_DISPLAYED_ATTRIBUTES: "mail" -> web shows email
if OCIS_USER_SEARCH_DISPLAYED_ATTRIBUTES: "" -> web does not show email

but, i didn't find the capability/settings for the clients to know whether the email should be displayed or not depending on the backend setup