Commit1a06c13

Emyrk

authored and

kylecarbs

committed

feat: Allow using username in user queries (#1221)

* feat: Allow using username in user queries* Test needs a username/email to not match empty string

1 parentf897b39 commit1a06c13Copy full SHA for 1a06c13

File tree

4 files changed

+95

-22

lines changed

coderd
- httpmw
  - userparam.go
  - userparam_test.go
- users_test.go
codersdk
- users.go

4 files changed

+95

-22

lines changed

`‎coderd/httpmw/userparam.go`

Lines changed: 45 additions & 14 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,13 @@ import (`
`14`	`14`
`15`	`15`	`typeuserParamContextKeystruct{}`
`16`	`16`
	`17`	`+const (`
	`18`	`+// userErrorMessage is a constant so that no information about the state`
	`19`	`+// of the queried user can be gained. We return the same error if the user`
	`20`	`+// does not exist, or if the input is just garbage.`
	`21`	`+userErrorMessage="\"user\" must be an existing uuid or username"`
	`22`	`+)`
	`23`	`+`
`17`	`24`	`// UserParam returns the user from the ExtractUserParam handler.`
`18`	`25`	`funcUserParam(r*http.Request) database.User {`
`19`	`26`	`user,ok:=r.Context().Value(userParamContextKey{}).(database.User)`
`@@ -27,32 +34,56 @@ func UserParam(r *http.Request) database.User {`
`27`	`34`	`funcExtractUserParam(db database.Store)func(http.Handler) http.Handler {`
`28`	`35`	`returnfunc(next http.Handler) http.Handler {`
`29`	`36`	`returnhttp.HandlerFunc(func(rw http.ResponseWriter,r*http.Request) {`
`30`		`-varuserID uuid.UUID`
`31`		`-ifchi.URLParam(r,"user")=="me" {`
`32`		`-userID=APIKey(r).UserID`
	`37`	`+varuser database.User`
	`38`	`+varerrerror`
	`39`	`+`
	`40`	`+// userQuery is either a uuid, a username, or 'me'`
	`41`	`+userQuery:=chi.URLParam(r,"user")`
	`42`	`+ifuserQuery=="" {`
	`43`	`+httpapi.Write(rw,http.StatusBadRequest, httpapi.Response{`
	`44`	`+Message:"\"user\" must be provided",`
	`45`	`+})`
	`46`	`+return`
	`47`	`+}`
	`48`	`+`
	`49`	`+ifuserQuery=="me" {`
	`50`	`+user,err=db.GetUserByID(r.Context(),APIKey(r).UserID)`
	`51`	`+iferr!=nil {`
	`52`	`+httpapi.Write(rw,http.StatusInternalServerError, httpapi.Response{`
	`53`	`+Message:fmt.Sprintf("get user: %s",err.Error()),`
	`54`	`+})`
	`55`	`+return`
	`56`	`+}`
	`57`	`+}elseifuserID,err:=uuid.Parse(userQuery);err==nil {`
	`58`	`+// If the userQuery is a valid uuid`
	`59`	`+user,err=db.GetUserByID(r.Context(),userID)`
	`60`	`+iferr!=nil {`
	`61`	`+httpapi.Write(rw,http.StatusBadRequest, httpapi.Response{`
	`62`	`+Message:userErrorMessage,`
	`63`	`+})`
	`64`	`+return`
	`65`	`+}`
`33`	`66`	`}else {`
`34`		`-varokbool`
`35`		`-userID,ok=parseUUID(rw,r,"user")`
`36`		`-if!ok {`
	`67`	`+// Try as a username last`
	`68`	`+user,err=db.GetUserByEmailOrUsername(r.Context(), database.GetUserByEmailOrUsernameParams{`
	`69`	`+Username:userQuery,`
	`70`	`+})`
	`71`	`+iferr!=nil {`
	`72`	`+httpapi.Write(rw,http.StatusBadRequest, httpapi.Response{`
	`73`	`+Message:userErrorMessage,`
	`74`	`+})`
`37`	`75`	`return`
`38`	`76`	`}`
`39`	`77`	`}`
`40`	`78`
`41`	`79`	`apiKey:=APIKey(r)`
`42`		`-ifapiKey.UserID!=userID {`
	`80`	`+ifapiKey.UserID!=user.ID {`
`43`	`81`	`httpapi.Write(rw,http.StatusBadRequest, httpapi.Response{`
`44`	`82`	`Message:"getting non-personal users isn't supported yet",`
`45`	`83`	`})`
`46`	`84`	`return`
`47`	`85`	`}`
`48`	`86`
`49`		`-user,err:=db.GetUserByID(r.Context(),userID)`
`50`		`-iferr!=nil {`
`51`		`-httpapi.Write(rw,http.StatusInternalServerError, httpapi.Response{`
`52`		`-Message:fmt.Sprintf("get user: %s",err.Error()),`
`53`		`-})`
`54`		`-}`
`55`		`-`
`56`	`87`	`ctx:=context.WithValue(r.Context(),userParamContextKey{},user)`
`57`	`88`	`next.ServeHTTP(rw,r.WithContext(ctx))`
`58`	`89`	`})`

`‎coderd/httpmw/userparam_test.go`

Lines changed: 3 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,9 @@ func TestUserParam(t *testing.T) {`
`34`	`34`	`})`
`35`	`35`
`36`	`36`	`user,err:=db.InsertUser(r.Context(), database.InsertUserParams{`
`37`		`-ID:uuid.New(),`
	`37`	`+ID:uuid.New(),`
	`38`	`+Email:"admin@email.com",`
	`39`	`+Username:"admin",`
`38`	`40`	`})`
`39`	`41`	`require.NoError(t,err)`
`40`	`42`

`‎coderd/users_test.go`

Lines changed: 37 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -431,14 +431,45 @@ func TestPutUserSuspend(t *testing.T) {`
`431`	`431`	`})`
`432`	`432`	`}`
`433`	`433`
`434`		`-funcTestUserByName(t*testing.T) {`
	`434`	`+funcTestGetUser(t*testing.T) {`
`435`	`435`	`t.Parallel()`
`436`		`-client:=coderdtest.New(t,nil)`
`437`		`-firstUser:=coderdtest.CreateFirstUser(t,client)`
`438`		`-user,err:=client.User(context.Background(),codersdk.Me)`
`439`	`436`
`440`		`-require.NoError(t,err)`
`441`		`-require.Equal(t,firstUser.OrganizationID,user.OrganizationIDs[0])`
	`437`	`+t.Run("ByMe",func(t*testing.T) {`
	`438`	`+t.Parallel()`
	`439`	`+`
	`440`	`+client:=coderdtest.New(t,nil)`
	`441`	`+firstUser:=coderdtest.CreateFirstUser(t,client)`
	`442`	`+`
	`443`	`+user,err:=client.User(context.Background(),codersdk.Me)`
	`444`	`+require.NoError(t,err)`
	`445`	`+require.Equal(t,firstUser.UserID,user.ID)`
	`446`	`+require.Equal(t,firstUser.OrganizationID,user.OrganizationIDs[0])`
	`447`	`+})`
	`448`	`+`
	`449`	`+t.Run("ByID",func(t*testing.T) {`
	`450`	`+t.Parallel()`
	`451`	`+`
	`452`	`+client:=coderdtest.New(t,nil)`
	`453`	`+firstUser:=coderdtest.CreateFirstUser(t,client)`
	`454`	`+`
	`455`	`+user,err:=client.User(context.Background(),firstUser.UserID)`
	`456`	`+require.NoError(t,err)`
	`457`	`+require.Equal(t,firstUser.UserID,user.ID)`
	`458`	`+require.Equal(t,firstUser.OrganizationID,user.OrganizationIDs[0])`
	`459`	`+})`
	`460`	`+`
	`461`	`+t.Run("ByUsername",func(t*testing.T) {`
	`462`	`+t.Parallel()`
	`463`	`+`
	`464`	`+client:=coderdtest.New(t,nil)`
	`465`	`+firstUser:=coderdtest.CreateFirstUser(t,client)`
	`466`	`+exp,err:=client.User(context.Background(),firstUser.UserID)`
	`467`	`+require.NoError(t,err)`
	`468`	`+`
	`469`	`+user,err:=client.UserByUsername(context.Background(),exp.Username)`
	`470`	`+require.NoError(t,err)`
	`471`	`+require.Equal(t,exp,user)`
	`472`	`+})`
`442`	`473`	`}`
`443`	`474`
`444`	`475`	`funcTestGetUsers(t*testing.T) {`

`‎codersdk/users.go`

Lines changed: 10 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -274,7 +274,16 @@ func (c *Client) Logout(ctx context.Context) error {`
`274`	`274`	`// User returns a user for the ID provided.`
`275`	`275`	`// If the uuid is nil, the current user will be returned.`
`276`	`276`	`func (c*Client)User(ctx context.Context,id uuid.UUID) (User,error) {`
`277`		`-res,err:=c.request(ctx,http.MethodGet,fmt.Sprintf("/api/v2/users/%s",uuidOrMe(id)),nil)`
	`277`	`+returnc.userByIdentifier(ctx,uuidOrMe(id))`
	`278`	`+}`
	`279`	`+`
	`280`	`+// UserByUsername returns a user for the username provided.`
	`281`	`+func (c*Client)UserByUsername(ctx context.Context,usernamestring) (User,error) {`
	`282`	`+returnc.userByIdentifier(ctx,username)`
	`283`	`+}`
	`284`	`+`
	`285`	`+func (c*Client)userByIdentifier(ctx context.Context,identstring) (User,error) {`
	`286`	`+res,err:=c.request(ctx,http.MethodGet,fmt.Sprintf("/api/v2/users/%s",ident),nil)`
`278`	`287`	`iferr!=nil {`
`279`	`288`	`returnUser{},err`
`280`	`289`	`}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit1a06c13

File tree

4 files changed

4 files changed

`‎coderd/httpmw/userparam.go`

`‎coderd/httpmw/userparam_test.go`

`‎coderd/users_test.go`

`‎codersdk/users.go`

0 commit comments