Update email check exist (#7899)

* throw a 401 error if user tries to update his/her email to an email that exists already

* Make error message generic so we don't violate users' privacy.  Added test case.

* Syntax fixes

* select only the _id field when searching for users with the same email.  Return found document as javascript object.

test/api/v3/integration/user/auth/PUT-user_update_email.test.js

@@ -55,6 +55,17 @@ describe('PUT /user/auth/update-email', () => {
       await user.sync();
       expect(user.auth.local.email).to.eql(newEmail);
     });
+
+    it('rejects if email is already taken', async () => {
+      await expect(user.put(ENDPOINT, {
+        newEmail: user.auth.local.email,
+        password: oldPassword,
+      })).to.eventually.be.rejected.and.eql({
+        code: 401,
+        error: 'NotAuthorized',
+        message: t('cannotFulfillReq'),
+      });
+    });
   });
 
   context('Social Login User', async () => {