IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

Update getUser API and add it to the JS driver (#4020)

Browse Source
This commit is contained in:
Joram Wilander
2016-09-14 08:57:33 -04:00
committed by enahum
parent abe6e8e471
commit 837808eba3
4 changed files with 74 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
api/user.go
View File

@@ -932,18 +932,15 @@ func getUser(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
id := params["user_id"]
if !HasPermissionToUser(c, id) {
return
}
if result := <-Srv.Store.User().Get(id); result.Err != nil {
c.Err = result.Err
return
} else if HandleEtag(result.Data.(*model.User).Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress), w, r) {
return
} else {
result.Data.(*model.User).Sanitize(map[string]bool{})
w.Header().Set(model.HEADER_ETAG_SERVER, result.Data.(*model.User).Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress))
user := sanitizeProfile(c, result.Data.(*model.User))
w.Header().Set(model.HEADER_ETAG_SERVER, user.Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress))
w.Write([]byte(result.Data.(*model.User).ToJson()))
return
}

50
api/user_test.go
View File

@@ -345,7 +345,7 @@ func TestGetUser(t *testing.T) {
LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team))
store.Must(Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id))
user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"}
user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", FirstName: "Corey", LastName: "Hulen"}
ruser2, _ := Client.CreateUser(&user2, "")
LinkUserToTeam(ruser2.Data.(*model.User), rteam.Data.(*model.Team))
store.Must(Srv.Store.User().VerifyEmail(ruser2.Data.(*model.User).Id))
@@ -387,8 +387,52 @@ func TestGetUser(t *testing.T) {
t.Fatal("shouldn't exist")
}
if _, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err == nil {
t.Fatal("shouldn't have accss")
emailPrivacy := utils.Cfg.PrivacySettings.ShowEmailAddress
namePrivacy := utils.Cfg.PrivacySettings.ShowFullName
defer func() {
utils.Cfg.PrivacySettings.ShowEmailAddress = emailPrivacy
utils.Cfg.PrivacySettings.ShowFullName = namePrivacy
}()
utils.Cfg.PrivacySettings.ShowEmailAddress = false
utils.Cfg.PrivacySettings.ShowFullName = false
if result, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err != nil {
t.Fatal(err)
} else {
u := result.Data.(*model.User)
if u.Password != "" {
t.Fatal("password must be empty")
}
if *u.AuthData != "" {
t.Fatal("auth data must be empty")
}
if u.Email != "" {
t.Fatal("email should be sanitized")
}
if u.FirstName != "" {
t.Fatal("full name should be sanitized")
}
if u.LastName != "" {
t.Fatal("full name should be sanitized")
}
}
utils.Cfg.PrivacySettings.ShowEmailAddress = true
utils.Cfg.PrivacySettings.ShowFullName = true
if result, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err != nil {
t.Fatal(err)
} else {
u := result.Data.(*model.User)
if u.Email == "" {
t.Fatal("email should not be sanitized")
}
if u.FirstName == "" {
t.Fatal("full name should not be sanitized")
}
if u.LastName == "" {
t.Fatal("full name should not be sanitized")
}
}
if userMap, err := Client.GetProfiles(rteam.Data.(*model.Team).Id, ""); err != nil {