gitea/routers/api/v1/user/user.go
Lanre Adelowo 4bf0cae1f5 Respect email privacy option in user search via API (#4512)
* respect user's email privacy option

* make email visible to admin irrespective of privacy option
2018-07-25 15:11:22 +03:00

121 lines
2.7 KiB
Go

// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package user
import (
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/markup"
api "code.gitea.io/sdk/gitea"
"github.com/Unknwon/com"
)
// Search search users
func Search(ctx *context.APIContext) {
// swagger:operation GET /users/search user userSearch
// ---
// summary: Search for users
// produces:
// - application/json
// parameters:
// - name: q
// in: query
// description: keyword
// type: string
// - name: limit
// in: query
// description: maximum number of users to return
// type: integer
// responses:
// "200":
// "$ref": "#/responses/UserList"
opts := &models.SearchUserOptions{
Keyword: strings.Trim(ctx.Query("q"), " "),
Type: models.UserTypeIndividual,
PageSize: com.StrTo(ctx.Query("limit")).MustInt(),
}
if opts.PageSize == 0 {
opts.PageSize = 10
}
users, _, err := models.SearchUsers(opts)
if err != nil {
ctx.JSON(500, map[string]interface{}{
"ok": false,
"error": err.Error(),
})
return
}
results := make([]*api.User, len(users))
for i := range users {
results[i] = &api.User{
ID: users[i].ID,
UserName: users[i].Name,
AvatarURL: users[i].AvatarLink(),
FullName: markup.Sanitize(users[i].FullName),
}
if ctx.IsSigned && (!users[i].KeepEmailPrivate || ctx.User.IsAdmin) {
results[i].Email = users[i].Email
}
}
ctx.JSON(200, map[string]interface{}{
"ok": true,
"data": results,
})
}
// GetInfo get user's information
func GetInfo(ctx *context.APIContext) {
// swagger:operation GET /users/{username} user userGet
// ---
// summary: Get a user
// produces:
// - application/json
// parameters:
// - name: username
// in: path
// description: username of user to get
// type: string
// required: true
// responses:
// "200":
// "$ref": "#/responses/User"
// "404":
// "$ref": "#/responses/notFound"
u, err := models.GetUserByName(ctx.Params(":username"))
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.Status(404)
} else {
ctx.Error(500, "GetUserByName", err)
}
return
}
// Hide user e-mail when API caller isn't signed in.
if !ctx.IsSigned {
u.Email = ""
}
ctx.JSON(200, u.APIFormat())
}
// GetAuthenticatedUser get current user's information
func GetAuthenticatedUser(ctx *context.APIContext) {
// swagger:operation GET /user user userGetCurrent
// ---
// summary: Get the authenticated user
// produces:
// - application/json
// responses:
// "200":
// "$ref": "#/responses/User"
ctx.JSON(200, ctx.User.APIFormat())
}