Implement GET /users/autocomplete endpoint for APIv4 (#5742)

author: Joram Wilander <jwawilander@gmail.com> 2017-03-13 08:29:41 -0400
committer: George Goldberg <george@gberg.me> 2017-03-13 12:29:41 +0000
commit: 1860d05d623b6fd7670121a7e2391605d1281b27 (patch)
tree: 8ac40b5663473342fed4ba2a146e2551e9f56ab6 /api4
parent: c372ceebf87295408072a40c63df7c4be9bc2abc (diff)
download: chat-1860d05d623b6fd7670121a7e2391605d1281b27.tar.gz
chat-1860d05d623b6fd7670121a7e2391605d1281b27.tar.bz2
chat-1860d05d623b6fd7670121a7e2391605d1281b27.zip
4 files changed, 176 insertions, 2 deletions
diff --git a/api4/api.go b/api4/api.go
index 71dfbcdf3..223017151 100644
--- a/api4/api.go
+++ b/api4/api.go
@@ -92,7 +92,7 @@ func InitApi(full bool) {
 	BaseRoutes.ApiRoot = app.Srv.Router.PathPrefix(model.API_URL_SUFFIX).Subrouter()
 
 	BaseRoutes.Users = BaseRoutes.ApiRoot.PathPrefix("/users").Subrouter()
-	BaseRoutes.User = BaseRoutes.Users.PathPrefix("/{user_id:[A-Za-z0-9]+}").Subrouter()
+	BaseRoutes.User = BaseRoutes.ApiRoot.PathPrefix("/users/{user_id:[A-Za-z0-9]+}").Subrouter()
 	BaseRoutes.UserByUsername = BaseRoutes.Users.PathPrefix("/username/{username:[A-Za-z0-9\\_\\-\\.]+}").Subrouter()
 	BaseRoutes.UserByEmail = BaseRoutes.Users.PathPrefix("/email/{email}").Subrouter()
 
diff --git a/api4/team_test.go b/api4/team_test.go
index 7a1bbfb69..1ace69685 100644
--- a/api4/team_test.go
+++ b/api4/team_test.go
@@ -123,10 +123,11 @@ func TestGetAllTeams(t *testing.T) {
 	_, resp := Client.CreateTeam(team)
 	CheckNoError(t, resp)
 
-	rrteams, resp := Client.GetAllTeams("", 1, 1)
+	rrteams, resp := Client.GetAllTeams("", 0, 1)
 	CheckNoError(t, resp)
 
 	if len(rrteams) != 1 {
+		t.Log(len(rrteams))
 		t.Fatal("wrong number of teams - should be 1")
 	}
 
diff --git a/api4/user.go b/api4/user.go
index 822cd60c4..b0063c657 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -11,6 +11,7 @@ import (
 	l4g "github.com/alecthomas/log4go"
 	"github.com/mattermost/platform/app"
 	"github.com/mattermost/platform/model"
+	"github.com/mattermost/platform/store"
 	"github.com/mattermost/platform/utils"
 )
 
@@ -20,6 +21,7 @@ func InitUser() {
 	BaseRoutes.Users.Handle("", ApiHandler(createUser)).Methods("POST")
 	BaseRoutes.Users.Handle("", ApiSessionRequired(getUsers)).Methods("GET")
 	BaseRoutes.Users.Handle("/ids", ApiSessionRequired(getUsersByIds)).Methods("POST")
+	BaseRoutes.Users.Handle("/autocomplete", ApiSessionRequired(autocompleteUsers)).Methods("GET")
 
 	BaseRoutes.User.Handle("", ApiSessionRequired(getUser)).Methods("GET")
 	BaseRoutes.User.Handle("/image", ApiSessionRequired(getProfileImage)).Methods("GET")
@@ -331,6 +333,56 @@ func getUsersByIds(c *Context, w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func autocompleteUsers(c *Context, w http.ResponseWriter, r *http.Request) {
+	channelId := r.URL.Query().Get("in_channel")
+	teamId := r.URL.Query().Get("in_team")
+	name := r.URL.Query().Get("name")
+
+	autocomplete := new(model.UserAutocomplete)
+	var err *model.AppError
+
+	searchOptions := map[string]bool{}
+
+	hideFullName := !utils.Cfg.PrivacySettings.ShowFullName
+	if hideFullName && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
+		searchOptions[store.USER_SEARCH_OPTION_NAMES_ONLY_NO_FULL_NAME] = true
+	} else {
+		searchOptions[store.USER_SEARCH_OPTION_NAMES_ONLY] = true
+	}
+
+	if len(teamId) > 0 {
+		if len(channelId) > 0 {
+			if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) {
+				c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
+				return
+			}
+
+			result, _ := app.AutocompleteUsersInChannel(teamId, channelId, name, searchOptions, c.IsSystemAdmin())
+			autocomplete.Users = result.InChannel
+			autocomplete.OutOfChannel = result.OutOfChannel
+		} else {
+			if !app.SessionHasPermissionToTeam(c.Session, teamId, model.PERMISSION_VIEW_TEAM) {
+				c.SetPermissionError(model.PERMISSION_VIEW_TEAM)
+				return
+			}
+
+			result, _ := app.AutocompleteUsersInTeam(teamId, name, searchOptions, c.IsSystemAdmin())
+			autocomplete.Users = result.InTeam
+		}
+	} else {
+		// No permission check required
+		result, _ := app.SearchUsersInTeam("", name, searchOptions, c.IsSystemAdmin())
+		autocomplete.Users = result
+	}
+
+	if err != nil {
+		c.Err = err
+		return
+	} else {
+		w.Write([]byte((autocomplete.ToJson())))
+	}
+}
+
 func updateUser(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequireUserId()
 	if c.Err != nil {
diff --git a/api4/user_test.go b/api4/user_test.go
index 4ef1505e7..fd555fe42 100644
--- a/api4/user_test.go
+++ b/api4/user_test.go
@@ -267,6 +267,127 @@ func TestGetUserByEmail(t *testing.T) {
 	}
 }
 
+func TestAutocompleteUsers(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+	teamId := th.BasicTeam.Id
+	channelId := th.BasicChannel.Id
+	username := th.BasicUser.Username
+
+	rusers, resp := Client.AutocompleteUsersInChannel(teamId, channelId, username, "")
+	CheckNoError(t, resp)
+
+	if len(rusers.Users) != 1 {
+		t.Fatal("should have returned 1 user")
+	}
+
+	rusers, resp = Client.AutocompleteUsersInChannel(teamId, channelId, "amazonses", "")
+	CheckNoError(t, resp)
+	if len(rusers.Users) != 0 {
+		t.Fatal("should have returned 0 users")
+	}
+
+	rusers, resp = Client.AutocompleteUsersInChannel(teamId, channelId, "", "")
+	CheckNoError(t, resp)
+	if len(rusers.Users) < 2 {
+		t.Fatal("should have many users")
+	}
+
+	rusers, resp = Client.AutocompleteUsersInTeam(teamId, username, "")
+	CheckNoError(t, resp)
+
+	if len(rusers.Users) != 1 {
+		t.Fatal("should have returned 1 user")
+	}
+
+	rusers, resp = Client.AutocompleteUsers(username, "")
+	CheckNoError(t, resp)
+
+	if len(rusers.Users) != 1 {
+		t.Fatal("should have returned 1 users")
+	}
+
+	rusers, resp = Client.AutocompleteUsers("", "")
+	CheckNoError(t, resp)
+
+	if len(rusers.Users) < 2 {
+		t.Fatal("should have returned many users")
+	}
+
+	rusers, resp = Client.AutocompleteUsersInTeam(teamId, "amazonses", "")
+	CheckNoError(t, resp)
+	if len(rusers.Users) != 0 {
+		t.Fatal("should have returned 0 users")
+	}
+
+	rusers, resp = Client.AutocompleteUsersInTeam(teamId, "", "")
+	CheckNoError(t, resp)
+	if len(rusers.Users) < 2 {
+		t.Fatal("should have many users")
+	}
+
+	Client.Logout()
+	_, resp = Client.AutocompleteUsersInChannel(teamId, channelId, username, "")
+	CheckUnauthorizedStatus(t, resp)
+
+	_, resp = Client.AutocompleteUsersInTeam(teamId, username, "")
+	CheckUnauthorizedStatus(t, resp)
+
+	_, resp = Client.AutocompleteUsers(username, "")
+	CheckUnauthorizedStatus(t, resp)
+
+	user := th.CreateUser()
+	Client.Login(user.Email, user.Password)
+	_, resp = Client.AutocompleteUsersInChannel(teamId, channelId, username, "")
+	CheckForbiddenStatus(t, resp)
+
+	_, resp = Client.AutocompleteUsersInTeam(teamId, username, "")
+	CheckForbiddenStatus(t, resp)
+
+	_, resp = Client.AutocompleteUsers(username, "")
+	CheckNoError(t, resp)
+
+	_, resp = th.SystemAdminClient.AutocompleteUsersInChannel(teamId, channelId, username, "")
+	CheckNoError(t, resp)
+
+	_, resp = th.SystemAdminClient.AutocompleteUsersInTeam(teamId, username, "")
+	CheckNoError(t, resp)
+
+	_, resp = th.SystemAdminClient.AutocompleteUsers(username, "")
+	CheckNoError(t, resp)
+
+	// Check against privacy config settings
+	namePrivacy := utils.Cfg.PrivacySettings.ShowFullName
+	defer func() {
+		utils.Cfg.PrivacySettings.ShowFullName = namePrivacy
+	}()
+	utils.Cfg.PrivacySettings.ShowFullName = false
+
+	th.LoginBasic()
+
+	rusers, resp = Client.AutocompleteUsers(username, "")
+	CheckNoError(t, resp)
+
+	if rusers.Users[0].FirstName != "" || rusers.Users[0].LastName != "" {
+		t.Fatal("should not show first/last name")
+	}
+
+	rusers, resp = Client.AutocompleteUsersInChannel(teamId, channelId, username, "")
+	CheckNoError(t, resp)
+
+	if rusers.Users[0].FirstName != "" || rusers.Users[0].LastName != "" {
+		t.Fatal("should not show first/last name")
+	}
+
+	rusers, resp = Client.AutocompleteUsersInTeam(teamId, username, "")
+	CheckNoError(t, resp)
+
+	if rusers.Users[0].FirstName != "" || rusers.Users[0].LastName != "" {
+		t.Fatal("should not show first/last name")
+	}
+}
+
 func TestGetProfileImage(t *testing.T) {
 	th := Setup().InitBasic().InitSystemAdmin()
 	defer TearDown()
author	Joram Wilander <jwawilander@gmail.com>	2017-03-13 08:29:41 -0400
committer	George Goldberg <george@gberg.me>	2017-03-13 12:29:41 +0000
commit	1860d05d623b6fd7670121a7e2391605d1281b27 (patch)
tree	8ac40b5663473342fed4ba2a146e2551e9f56ab6 /api4
parent	c372ceebf87295408072a40c63df7c4be9bc2abc (diff)
download	chat-1860d05d623b6fd7670121a7e2391605d1281b27.tar.gz chat-1860d05d623b6fd7670121a7e2391605d1281b27.tar.bz2 chat-1860d05d623b6fd7670121a7e2391605d1281b27.zip