krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-18 07:07:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added query option to limit query fields (#9642)

Browse Source 
* Added query option to limit query fields

* Removed only
This commit is contained in:
Keith Holliday
2017-12-11 10:24:19 -06:00
committed by GitHub
parent 1750a0c2e6
commit a7c115877f
3 changed files with 29 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
test/api/v3/integration/user/GET-user.test.js
View File

@@ -27,4 +27,13 @@ describe('GET /user', () => {
expect(returnedUser.auth.local.salt).to.not.exist;
expect(returnedUser.apiToken).to.not.exist;
});
it('returns only user properties requested', async () => {
let returnedUser = await user.get('/user?userFields=achievements,items.mounts');
expect(returnedUser._id).to.equal(user._id);
expect(returnedUser.achievements).to.exist;
expect(returnedUser.items.mounts).to.exist;
expect(returnedUser.stats).to.not.exist;
});
});

4
website/server/controllers/api-v3/user.js
View File

@@ -80,11 +80,13 @@ api.getUser = {
// Remove apiToken from response TODO make it private at the user level? returned in signup/login
delete userToJSON.apiToken;
if (!req.query.userFields) {
let {daysMissed} = user.daysUserHasMissed(new Date(), req);
userToJSON.needsCron = false;
if (daysMissed > 0) userToJSON.needsCron = true;
user.addComputedStatsToJSONObj(userToJSON.stats);
}
return res.respond(200, userToJSON);
},
};

16
website/server/middlewares/auth.js
View File

@@ -5,9 +5,22 @@ import {
model as User,
} from '../models/user';
import nconf from 'nconf';
import url from 'url';
const COMMUNITY_MANAGER_EMAIL = nconf.get('EMAILS:COMMUNITY_MANAGER_EMAIL');
function getUserFields (userFieldProjection, req) {
if (userFieldProjection) return `notifications ${userFieldProjection}`;
const urlPath = url.parse(req.url).pathname;
if (!req.query.userFields || urlPath !== '/user') return '';
const userFieldOptions = req.query.userFields.split(',');
if (userFieldOptions.length === 0) return '';
return `notifications ${userFieldOptions.join(' ')}`;
}
// Strins won't be translated here because getUserLanguage has not run yet
// Authenticate a request through the x-api-user and x-api key header
@@ -27,8 +40,7 @@ export function authWithHeaders (optional = false, userFieldProjection = '') {
apiToken,
};
let fields = '';
if (userFieldProjection) fields = `notifications ${userFieldProjection}`;
const fields = getUserFields(userFieldProjection, req);
const findPromise = fields ? User.findOne(userQuery, fields) : User.findOne(userQuery);
return findPromise