Add API call to get a user by their email address (#4884)

* Add API call to get a user by their email address * update per review
2025-02-25 18:55:24 -06:00 · 2016-12-28 14:44:32 +01:00
parent 14f1f4e9b1
commit 5fd11bd674
5 changed files with 91 additions and 0 deletions
--- a/api/user.go
+++ b/api/user.go
@@ -75,6 +75,7 @@ func InitUser() {

 	BaseRoutes.NeedUser.Handle("/get", ApiUserRequired(getUser)).Methods("GET")
 	BaseRoutes.Users.Handle("/name/{username:[A-Za-z0-9_\\-.]+}", ApiUserRequired(getByUsername)).Methods("GET")
+	BaseRoutes.Users.Handle("/email/{email}", ApiUserRequired(getByEmail)).Methods("GET")
 	BaseRoutes.NeedUser.Handle("/sessions", ApiUserRequired(getSessions)).Methods("GET")
 	BaseRoutes.NeedUser.Handle("/audits", ApiUserRequired(getAudits)).Methods("GET")
 	BaseRoutes.NeedUser.Handle("/image", ApiUserRequiredTrustRequester(getProfileImage)).Methods("GET")
@@ -981,6 +982,24 @@ func getByUsername(c *Context, w http.ResponseWriter, r *http.Request) {
 	}
 }

+func getByEmail(c *Context, w http.ResponseWriter, r *http.Request) {
+	params := mux.Vars(r)
+	email := params["email"]
+
+	if result := <-Srv.Store.User().GetByEmail(email); result.Err != nil {
+		c.Err = result.Err
+		return
+	} else if HandleEtag(result.Data.(*model.User).Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress), "Get By Email", w, r) {
+		return
+	} else {
+		user := sanitizeProfile(c, result.Data.(*model.User))
+
+		w.Header().Set(model.HEADER_ETAG_SERVER, user.Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress))
+		w.Write([]byte(result.Data.(*model.User).ToJson()))
+		return
+	}
+}
+
 func getProfiles(c *Context, w http.ResponseWriter, r *http.Request) {
 	params := mux.Vars(r)

--- a/api/user_test.go
+++ b/api/user_test.go
@@ -2559,3 +2559,36 @@ func TestGetByUsername(t *testing.T) {
 	}

 }
+
+func TestGetByEmail(t *testing.T) {
+	th := Setup().InitBasic()
+	Client := th.BasicClient
+
+	if _, respMetdata := Client.GetByEmail(th.BasicUser.Email, ""); respMetdata.Error != nil {
+		t.Fatal("Failed to get user by email")
+	}
+
+	emailPrivacy := utils.Cfg.PrivacySettings.ShowEmailAddress
+	namePrivacy := utils.Cfg.PrivacySettings.ShowFullName
+	defer func() {
+		utils.Cfg.PrivacySettings.ShowEmailAddress = emailPrivacy
+		utils.Cfg.PrivacySettings.ShowFullName = namePrivacy
+	}()
+
+	utils.Cfg.PrivacySettings.ShowEmailAddress = false
+	utils.Cfg.PrivacySettings.ShowFullName = false
+
+	if user, respMetdata := Client.GetByEmail(th.BasicUser2.Email, ""); respMetdata.Error != nil {
+		t.Fatal(respMetdata.Error)
+	} else {
+		if user.Password != "" {
+			t.Fatal("password must be empty")
+		}
+		if *user.AuthData != "" {
+			t.Fatal("auth data must be empty")
+		}
+		if user.Email != "" {
+			t.Fatal("email should be sanitized")
+		}
+	}
+}
--- a/model/client.go
+++ b/model/client.go
@@ -518,6 +518,21 @@ func (c *Client) GetByUsername(username string, etag string) (*Result, *AppError
 	}
 }

+// getByEmail returns a user based on a provided username string. Must be authenticated.
+func (c *Client) GetByEmail(email string, etag string) (*User, *ResponseMetadata) {
+	if r, err := c.DoApiGet(fmt.Sprintf("/users/email/%v", email), "", etag); err != nil {
+		return nil, &ResponseMetadata{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return UserFromJson(r.Body),
+			&ResponseMetadata{
+				StatusCode: r.StatusCode,
+				RequestId:  r.Header.Get(HEADER_REQUEST_ID),
+				Etag:       r.Header.Get(HEADER_ETAG_SERVER),
+			}
+	}
+}
+
 // GetMe returns the current user.
 func (c *Client) GetMe(etag string) (*Result, *AppError) {
 	if r, err := c.DoApiGet("/users/me", "", etag); err != nil {
--- a/webapp/client/client.jsx
+++ b/webapp/client/client.jsx
@@ -974,6 +974,15 @@ export default class Client {
            end(this.handleResponse.bind(this, 'getByUsername', success, error));
    }

+    getByEmail(email, success, error) {
+        request.
+            get(`${this.getUsersRoute()}/email/${email}`).
+            set(this.defaultHeaders).
+            type('application/json').
+            accept('application/json').
+            end(this.handleResponse.bind(this, 'getByEmail', success, error));
+    }
+
    login(loginId, password, mfaToken, success, error) {
        this.doLogin({login_id: loginId, password, token: mfaToken}, success, error);

--- a/webapp/tests/client_user.test.jsx
+++ b/webapp/tests/client_user.test.jsx
@@ -51,6 +51,21 @@ describe('Client.User', function() {
        });
    });

+    it('getByEmail', function(done) {
+        TestHelper.initBasic(() => {
+            TestHelper.basicClient().getByEmail(
+                TestHelper.basicUser().email,
+                function(data) {
+                    assert.equal(data.email, TestHelper.basicUser().email);
+                    done();
+                },
+                function(err) {
+                    done(new Error(err.message));
+                }
+            );
+        });
+    });
+
    it('getInitialLoad', function(done) {
        TestHelper.initBasic(() => {
            TestHelper.basicClient().getInitialLoad(