Add ability to search users by email

This might be a security concern, even though the user will have to provide an email to retrieve user information. This functionality is needed by Team management functionality because expecting users to add a user by id is hard. TODO: explore other options. Maybe add public profiles and request the user to go to the profile to invite a user to team?
2019-03-20 13:23:46 +05:00 · 2019-03-20 13:23:46 +05:00 · 9aff78b7a9
commit 9aff78b7a9
parent 5317187a45
4 changed files with 45 additions and 1 deletions
--- a/packages/server/src/routes/UserRoutes.test.ts
+++ b/packages/server/src/routes/UserRoutes.test.ts
@ -48,4 +48,31 @@ describe('user', () => {
      .expect(200)
    })
  })
+
+  describe('GET /users/emails/:email', () => {
+    it('fetches user by email', async () => {
+      t.setHeaders({cookie})
+      const response = await t
+      .get('/users/emails/:email', {
+        params: {
+          email: 'test@user.com',
+        },
+      })
+      .expect(200)
+      expect(response.body!.firstName).toEqual('test')
+    })
+    it('returns an empty body when email is not found', async () => {
+      t.setHeaders({cookie})
+      await t
+      .get('/users/emails/:email', {
+        params: {
+          email: 'non-existing@address.com',
+        }
+      })
+      .expect(200)
+      .expect(/^$/g)
+      // TODO use status code 404 when an entity is not found
+    })
+  })
+
 })
--- a/packages/server/src/routes/UserRoutes.ts
+++ b/packages/server/src/routes/UserRoutes.ts
@ -23,6 +23,10 @@ export class UserRoutes extends BaseRoute<IAPIDef> {
      })
    })

+    t.get('/users/emails/:email', async req => {
+      return this.userService.findUserByEmail(req.params.email)
+    })
+
    t.get('/users/profile', async req => {
      return (await this.userService.findOne(req.user!.id))!
    })
--- a/packages/server/src/services/IUserService.ts
+++ b/packages/server/src/services/IUserService.ts
@ -9,4 +9,5 @@ export interface IUserService {
  }): Promise<any>
  validateCredentials(credentials: ICredentials): Promise<IUser | undefined>
  findOne(id: number): Promise<IUser | undefined>
+  findUserByEmail(email: string): Promise<IUser | undefined>
 }
--- a/packages/server/src/services/UserService.ts
+++ b/packages/server/src/services/UserService.ts
@ -70,7 +70,19 @@ export class UserService extends BaseService implements IUserService {
    .findOne({ email }, {
      relations: ['user'],
    })
-    return userEmail && userEmail.user
+
+    if (!userEmail) {
+      return
+    }
+
+    const user = userEmail.user!
+
+    return {
+      id: userEmail.userId!,
+      username: userEmail.email,
+      firstName: user.firstName,
+      lastName: user.lastName,
+    }
  }

  async changePassword(params: {