diff options
Diffstat (limited to 'api')
-rw-r--r-- | api/user.go | 19 | ||||
-rw-r--r-- | api/user_test.go | 33 |
2 files changed, 52 insertions, 0 deletions
diff --git a/api/user.go b/api/user.go index 5c44ec1f6..635d4c057 100644 --- a/api/user.go +++ b/api/user.go @@ -75,6 +75,7 @@ func InitUser() { BaseRoutes.NeedUser.Handle("/get", ApiUserRequired(getUser)).Methods("GET") BaseRoutes.Users.Handle("/name/{username:[A-Za-z0-9_\\-.]+}", ApiUserRequired(getByUsername)).Methods("GET") + BaseRoutes.Users.Handle("/email/{email}", ApiUserRequired(getByEmail)).Methods("GET") BaseRoutes.NeedUser.Handle("/sessions", ApiUserRequired(getSessions)).Methods("GET") BaseRoutes.NeedUser.Handle("/audits", ApiUserRequired(getAudits)).Methods("GET") BaseRoutes.NeedUser.Handle("/image", ApiUserRequiredTrustRequester(getProfileImage)).Methods("GET") @@ -981,6 +982,24 @@ func getByUsername(c *Context, w http.ResponseWriter, r *http.Request) { } } +func getByEmail(c *Context, w http.ResponseWriter, r *http.Request) { + params := mux.Vars(r) + email := params["email"] + + if result := <-Srv.Store.User().GetByEmail(email); result.Err != nil { + c.Err = result.Err + return + } else if HandleEtag(result.Data.(*model.User).Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress), "Get By Email", w, r) { + return + } else { + user := sanitizeProfile(c, result.Data.(*model.User)) + + w.Header().Set(model.HEADER_ETAG_SERVER, user.Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress)) + w.Write([]byte(result.Data.(*model.User).ToJson())) + return + } +} + func getProfiles(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) diff --git a/api/user_test.go b/api/user_test.go index ecfd81ee1..02589f9d0 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -2559,3 +2559,36 @@ func TestGetByUsername(t *testing.T) { } } + +func TestGetByEmail(t *testing.T) { + th := Setup().InitBasic() + Client := th.BasicClient + + if _, respMetdata := Client.GetByEmail(th.BasicUser.Email, ""); respMetdata.Error != nil { + t.Fatal("Failed to get user by email") + } + + emailPrivacy := utils.Cfg.PrivacySettings.ShowEmailAddress + namePrivacy := utils.Cfg.PrivacySettings.ShowFullName + defer func() { + utils.Cfg.PrivacySettings.ShowEmailAddress = emailPrivacy + utils.Cfg.PrivacySettings.ShowFullName = namePrivacy + }() + + utils.Cfg.PrivacySettings.ShowEmailAddress = false + utils.Cfg.PrivacySettings.ShowFullName = false + + if user, respMetdata := Client.GetByEmail(th.BasicUser2.Email, ""); respMetdata.Error != nil { + t.Fatal(respMetdata.Error) + } else { + if user.Password != "" { + t.Fatal("password must be empty") + } + if *user.AuthData != "" { + t.Fatal("auth data must be empty") + } + if user.Email != "" { + t.Fatal("email should be sanitized") + } + } +} |