diff --git a/app/api/v1/boxes.rb b/app/api/v1/boxes.rb
index 96d2f9d..b48a9ea 100644
--- a/app/api/v1/boxes.rb
+++ b/app/api/v1/boxes.rb
@@ -13,7 +13,7 @@ module Api
               get do
                 profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
                 return forbidden! unless profile.display_info_to?(current_person)
-                present profile.boxes, :with => Entities::Box
+                present profile.boxes, with: Entities::Box, current_person: current_person
               end
             end
           end
@@ -33,7 +33,7 @@ module Api
                 else
                   env = Environment.find(params[:environment_id])
                 end
-                present env.boxes, :with => Entities::Box
+                present env.boxes, with: Entities::Box, current_person: current_person
               end
             end
           end
diff --git a/test/api/boxes_test.rb b/test/api/boxes_test.rb
index 6481f03..fe2de3e 100644
--- a/test/api/boxes_test.rb
+++ b/test/api/boxes_test.rb
@@ -70,6 +70,17 @@ class BoxesTest < ActiveSupport::TestCase
     assert_equal [], json["boxes"].first["blocks"].map {|b| b['id']}
   end
 
+  should 'list a block with logged in display_user for a logged user' do
+    profile = fast_create(Profile)
+    box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
+    block = fast_create(Block, box_id: box.id)
+    block.display_user = 'logged'
+    block.save!
+    get "/api/v1/profiles/#{profile.id}/boxes?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal [block.id], json["boxes"].first["blocks"].map {|b| b['id']}
+  end
+
   should 'not list boxes for user without permission' do
     profile = fast_create(Profile, public_profile: false)
     box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
--
libgit2 0.21.2