From 71d010b7af3601b0690407af328ec2865e3a0efd Mon Sep 17 00:00:00 2001
From: Saturnino Abril <saturnino.abril@gmail.com>
Date: Mon, 27 Feb 2017 23:25:28 +0900
Subject: APIv4: GET /users/{user_id}/image (#5526)

---
 api4/user.go | 43 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 42 insertions(+), 1 deletion(-)

(limited to 'api4/user.go')

diff --git a/api4/user.go b/api4/user.go
index 94891d11c..9fa6568d3 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -4,7 +4,9 @@
 package api4
 
 import (
+	"fmt"
 	"net/http"
+	"strconv"
 
 	l4g "github.com/alecthomas/log4go"
 	"github.com/mattermost/platform/app"
@@ -20,6 +22,7 @@ func InitUser() {
 	BaseRoutes.Users.Handle("/ids", ApiSessionRequired(getUsersByIds)).Methods("POST")
 
 	BaseRoutes.User.Handle("", ApiSessionRequired(getUser)).Methods("GET")
+	BaseRoutes.User.Handle("/image", ApiSessionRequired(getProfileImage)).Methods("GET")
 	BaseRoutes.User.Handle("", ApiSessionRequired(updateUser)).Methods("PUT")
 	BaseRoutes.User.Handle("/patch", ApiSessionRequired(patchUser)).Methods("PUT")
 	BaseRoutes.User.Handle("", ApiSessionRequired(deleteUser)).Methods("DELETE")
@@ -38,7 +41,6 @@ func InitUser() {
 	BaseRoutes.User.Handle("/sessions", ApiSessionRequired(getSessions)).Methods("GET")
 	BaseRoutes.User.Handle("/sessions/revoke", ApiSessionRequired(revokeSession)).Methods("POST")
 	BaseRoutes.User.Handle("/audits", ApiSessionRequired(getAudits)).Methods("GET")
-
 }
 
 func createUser(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -156,6 +158,45 @@ func getUserByEmail(c *Context, w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func getProfileImage(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireUserId()
+	if c.Err != nil {
+		return
+	}
+
+	if users, err := app.GetUsersByIds([]string{c.Params.UserId}, c.IsSystemAdmin()); err != nil {
+		c.Err = err
+		return
+	} else {
+		if len(users) == 0 {
+			c.Err = err
+		}
+
+		user := users[0]
+		etag := strconv.FormatInt(user.LastPictureUpdate, 10)
+		if HandleEtag(etag, "Get Profile Image", w, r) {
+			return
+		}
+
+		var img []byte
+		img, readFailed, err := app.GetProfileImage(user)
+		if err != nil {
+			c.Err = err
+			return
+		}
+
+		if readFailed {
+			w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 5*60)) // 5 mins
+		} else {
+			w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%v, public", 24*60*60)) // 24 hrs
+		}
+
+		w.Header().Set("Content-Type", "image/png")
+		w.Header().Set(model.HEADER_ETAG_SERVER, etag)
+		w.Write(img)
+	}
+}
+
 func getUsers(c *Context, w http.ResponseWriter, r *http.Request) {
 	inTeamId := r.URL.Query().Get("in_team")
 	inChannelId := r.URL.Query().Get("in_channel")
-- 
cgit v1.2.3-1-g7c22