summaryrefslogtreecommitdiffstats
path: root/api
diff options
context:
space:
mode:
Diffstat (limited to 'api')
-rw-r--r--api/user.go19
-rw-r--r--api/user_test.go39
2 files changed, 58 insertions, 0 deletions
diff --git a/api/user.go b/api/user.go
index 5fcea3367..2507bd740 100644
--- a/api/user.go
+++ b/api/user.go
@@ -73,6 +73,7 @@ func InitUser() {
BaseRoutes.Users.Handle("/claim/ldap_to_email", ApiAppHandler(ldapToEmail)).Methods("POST")
BaseRoutes.NeedUser.Handle("/get", ApiUserRequired(getUser)).Methods("GET")
+ BaseRoutes.Users.Handle("/name/{username:[A-Za-z0-9_\\-.]+}", ApiUserRequired(getByUsername)).Methods("GET")
BaseRoutes.NeedUser.Handle("/sessions", ApiUserRequired(getSessions)).Methods("GET")
BaseRoutes.NeedUser.Handle("/audits", ApiUserRequired(getAudits)).Methods("GET")
BaseRoutes.NeedUser.Handle("/image", ApiUserRequiredTrustRequester(getProfileImage)).Methods("GET")
@@ -954,6 +955,24 @@ func getUser(c *Context, w http.ResponseWriter, r *http.Request) {
}
}
+func getByUsername(c *Context, w http.ResponseWriter, r *http.Request) {
+ params := mux.Vars(r)
+ username := params["username"]
+
+ if result := <-Srv.Store.User().GetByUsername(username); result.Err != nil {
+ c.Err = result.Err
+ return
+ } else if HandleEtag(result.Data.(*model.User).Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress), w, r) {
+ return
+ } else {
+ user := sanitizeProfile(c, result.Data.(*model.User))
+
+ w.Header().Set(model.HEADER_ETAG_SERVER, user.Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress))
+ w.Write([]byte(result.Data.(*model.User).ToJson()))
+ return
+ }
+}
+
func getProfiles(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
diff --git a/api/user_test.go b/api/user_test.go
index bc804ca11..a10cee961 100644
--- a/api/user_test.go
+++ b/api/user_test.go
@@ -2339,3 +2339,42 @@ func TestAutocompleteUsers(t *testing.T) {
t.Fatal("should have errored - bad team id")
}
}
+
+func TestGetByUsername(t *testing.T) {
+ th := Setup().InitBasic()
+ Client := th.BasicClient
+
+ if result, err := Client.GetByUsername(th.BasicUser.Username, ""); err != nil {
+ t.Fatal("Failed to get user")
+ } else {
+ if result.Data.(*model.User).Password != "" {
+ t.Fatal("User shouldn't have any password data once set")
+ }
+ }
+
+ emailPrivacy := utils.Cfg.PrivacySettings.ShowEmailAddress
+ namePrivacy := utils.Cfg.PrivacySettings.ShowFullName
+ defer func() {
+ utils.Cfg.PrivacySettings.ShowEmailAddress = emailPrivacy
+ utils.Cfg.PrivacySettings.ShowFullName = namePrivacy
+ }()
+
+ utils.Cfg.PrivacySettings.ShowEmailAddress = false
+ utils.Cfg.PrivacySettings.ShowFullName = false
+
+ if result, err := Client.GetByUsername(th.BasicUser2.Username, ""); err != nil {
+ t.Fatal(err)
+ } else {
+ u := result.Data.(*model.User)
+ if u.Password != "" {
+ t.Fatal("password must be empty")
+ }
+ if *u.AuthData != "" {
+ t.Fatal("auth data must be empty")
+ }
+ if u.Email != "" {
+ t.Fatal("email should be sanitized")
+ }
+ }
+
+}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-09-29 17:18:25 +0000