krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-18 15:17:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added query option to limit query fields (#9642)

Browse Source 
* Added query option to limit query fields

* Removed only
This commit is contained in:
Keith Holliday
2017-12-11 10:24:19 -06:00
committed by GitHub
parent 1750a0c2e6
commit a7c115877f
3 changed files with 29 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
test/api/v3/integration/user/GET-user.test.js
View File

@@ -27,4 +27,13 @@ describe('GET /user', () => {
expect(returnedUser.auth.local.salt).to.not.exist; expect(returnedUser.auth.local.salt).to.not.exist;
expect(returnedUser.apiToken).to.not.exist; expect(returnedUser.apiToken).to.not.exist;
}); });
it('returns only user properties requested', async () => {
let returnedUser = await user.get('/user?userFields=achievements,items.mounts');
expect(returnedUser._id).to.equal(user._id);
expect(returnedUser.achievements).to.exist;
expect(returnedUser.items.mounts).to.exist;
expect(returnedUser.stats).to.not.exist;
});
}); });

4
website/server/controllers/api-v3/user.js
View File

@@ -80,11 +80,13 @@ api.getUser = {
// Remove apiToken from response TODO make it private at the user level? returned in signup/login // Remove apiToken from response TODO make it private at the user level? returned in signup/login
delete userToJSON.apiToken; delete userToJSON.apiToken;
if (!req.query.userFields) {
let {daysMissed} = user.daysUserHasMissed(new Date(), req); let {daysMissed} = user.daysUserHasMissed(new Date(), req);
userToJSON.needsCron = false; userToJSON.needsCron = false;
if (daysMissed > 0) userToJSON.needsCron = true; if (daysMissed > 0) userToJSON.needsCron = true;
user.addComputedStatsToJSONObj(userToJSON.stats); user.addComputedStatsToJSONObj(userToJSON.stats);
}
return res.respond(200, userToJSON); return res.respond(200, userToJSON);
}, },
}; };

16
website/server/middlewares/auth.js
View File

@@ -5,9 +5,22 @@ import {
model as User, model as User,
} from '../models/user'; } from '../models/user';
import nconf from 'nconf'; import nconf from 'nconf';
import url from 'url';
const COMMUNITY_MANAGER_EMAIL = nconf.get('EMAILS:COMMUNITY_MANAGER_EMAIL'); const COMMUNITY_MANAGER_EMAIL = nconf.get('EMAILS:COMMUNITY_MANAGER_EMAIL');
function getUserFields (userFieldProjection, req) {
if (userFieldProjection) return `notifications ${userFieldProjection}`;
const urlPath = url.parse(req.url).pathname;
if (!req.query.userFields || urlPath !== '/user') return '';
const userFieldOptions = req.query.userFields.split(',');
if (userFieldOptions.length === 0) return '';
return `notifications ${userFieldOptions.join(' ')}`;
}
// Strins won't be translated here because getUserLanguage has not run yet // Strins won't be translated here because getUserLanguage has not run yet
// Authenticate a request through the x-api-user and x-api key header // Authenticate a request through the x-api-user and x-api key header
@@ -27,8 +40,7 @@ export function authWithHeaders (optional = false, userFieldProjection = '') {
apiToken, apiToken,
}; };
let fields = ''; const fields = getUserFields(userFieldProjection, req);
if (userFieldProjection) fields = `notifications ${userFieldProjection}`;
const findPromise = fields ? User.findOne(userQuery, fields) : User.findOne(userQuery); const findPromise = fields ? User.findOne(userQuery, fields) : User.findOne(userQuery);
return findPromise return findPromise