5 files changed, 91 insertions, 0 deletions

diff --git a/api/user.go b/api/user.go
index 5c44ec1f6..635d4c057 100644
--- a/api/user.go
+++ b/api/user.go
@@ -75,6 +75,7 @@ func InitUser() {
 
 	BaseRoutes.NeedUser.Handle("/get", ApiUserRequired(getUser)).Methods("GET")
 	BaseRoutes.Users.Handle("/name/{username:[A-Za-z0-9_\\-.]+}", ApiUserRequired(getByUsername)).Methods("GET")
+	BaseRoutes.Users.Handle("/email/{email}", ApiUserRequired(getByEmail)).Methods("GET")
 	BaseRoutes.NeedUser.Handle("/sessions", ApiUserRequired(getSessions)).Methods("GET")
 	BaseRoutes.NeedUser.Handle("/audits", ApiUserRequired(getAudits)).Methods("GET")
 	BaseRoutes.NeedUser.Handle("/image", ApiUserRequiredTrustRequester(getProfileImage)).Methods("GET")
@@ -981,6 +982,24 @@ func getByUsername(c *Context, w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func getByEmail(c *Context, w http.ResponseWriter, r *http.Request) {
+	params := mux.Vars(r)
+	email := params["email"]
+
+	if result := <-Srv.Store.User().GetByEmail(email); result.Err != nil {
+		c.Err = result.Err
+		return
+	} else if HandleEtag(result.Data.(*model.User).Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress), "Get By Email", w, r) {
+		return
+	} else {
+		user := sanitizeProfile(c, result.Data.(*model.User))
+
+		w.Header().Set(model.HEADER_ETAG_SERVER, user.Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress))
+		w.Write([]byte(result.Data.(*model.User).ToJson()))
+		return
+	}
+}
+
 func getProfiles(c *Context, w http.ResponseWriter, r *http.Request) {
 	params := mux.Vars(r)
 
diff --git a/api/user_test.go b/api/user_test.go
index ecfd81ee1..02589f9d0 100644
--- a/api/user_test.go
+++ b/api/user_test.go
@@ -2559,3 +2559,36 @@ func TestGetByUsername(t *testing.T) {
 	}
 
 }
+
+func TestGetByEmail(t *testing.T) {
+	th := Setup().InitBasic()
+	Client := th.BasicClient
+
+	if _, respMetdata := Client.GetByEmail(th.BasicUser.Email, ""); respMetdata.Error != nil {
+		t.Fatal("Failed to get user by email")
+	}
+
+	emailPrivacy := utils.Cfg.PrivacySettings.ShowEmailAddress
+	namePrivacy := utils.Cfg.PrivacySettings.ShowFullName
+	defer func() {
+		utils.Cfg.PrivacySettings.ShowEmailAddress = emailPrivacy
+		utils.Cfg.PrivacySettings.ShowFullName = namePrivacy
+	}()
+
+	utils.Cfg.PrivacySettings.ShowEmailAddress = false
+	utils.Cfg.PrivacySettings.ShowFullName = false
+
+	if user, respMetdata := Client.GetByEmail(th.BasicUser2.Email, ""); respMetdata.Error != nil {
+		t.Fatal(respMetdata.Error)
+	} else {
+		if user.Password != "" {
+			t.Fatal("password must be empty")
+		}
+		if *user.AuthData != "" {
+			t.Fatal("auth data must be empty")
+		}
+		if user.Email != "" {
+			t.Fatal("email should be sanitized")
+		}
+	}
+}
diff --git a/model/client.go b/model/client.go
index 4a6cb169f..54095fcba 100644
--- a/model/client.go
+++ b/model/client.go
@@ -518,6 +518,21 @@ func (c *Client) GetByUsername(username string, etag string) (*Result, *AppError
 	}
 }
 
+// getByEmail returns a user based on a provided username string. Must be authenticated.
+func (c *Client) GetByEmail(email string, etag string) (*User, *ResponseMetadata) {
+	if r, err := c.DoApiGet(fmt.Sprintf("/users/email/%v", email), "", etag); err != nil {
+		return nil, &ResponseMetadata{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return UserFromJson(r.Body),
+			&ResponseMetadata{
+				StatusCode: r.StatusCode,
+				RequestId:  r.Header.Get(HEADER_REQUEST_ID),
+				Etag:       r.Header.Get(HEADER_ETAG_SERVER),
+			}
+	}
+}
+
 // GetMe returns the current user.
 func (c *Client) GetMe(etag string) (*Result, *AppError) {
 	if r, err := c.DoApiGet("/users/me", "", etag); err != nil {
diff --git a/webapp/client/client.jsx b/webapp/client/client.jsx
index 0c4e04524..1bbd750c3 100644
--- a/webapp/client/client.jsx
+++ b/webapp/client/client.jsx
@@ -974,6 +974,15 @@ export default class Client {
             end(this.handleResponse.bind(this, 'getByUsername', success, error));
     }
 
+    getByEmail(email, success, error) {
+        request.
+            get(`${this.getUsersRoute()}/email/${email}`).
+            set(this.defaultHeaders).
+            type('application/json').
+            accept('application/json').
+            end(this.handleResponse.bind(this, 'getByEmail', success, error));
+    }
+
     login(loginId, password, mfaToken, success, error) {
         this.doLogin({login_id: loginId, password, token: mfaToken}, success, error);
 
diff --git a/webapp/tests/client_user.test.jsx b/webapp/tests/client_user.test.jsx
index 3af29661a..741f494bb 100644
--- a/webapp/tests/client_user.test.jsx
+++ b/webapp/tests/client_user.test.jsx
@@ -51,6 +51,21 @@ describe('Client.User', function() {
         });
     });
 
+    it('getByEmail', function(done) {
+        TestHelper.initBasic(() => {
+            TestHelper.basicClient().getByEmail(
+                TestHelper.basicUser().email,
+                function(data) {
+                    assert.equal(data.email, TestHelper.basicUser().email);
+                    done();
+                },
+                function(err) {
+                    done(new Error(err.message));
+                }
+            );
+        });
+    });
+
     it('getInitialLoad', function(done) {
         TestHelper.initBasic(() => {
             TestHelper.basicClient().getInitialLoad(