mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-17 22:57:21 +01:00
379afa9554
* log armoire, quoest response and cron events to history * show user history in admin panel * allow stats to be edited from admin panel * Improve admin panel stats input * improve setting client in history * fix tests * fix lint * fix armoire buying issue * Improve hero saving * Formatting fix * Improve user history logging * allow class to be changed from admin panel * make terminating subscriptions easier * support decimal extraMonths * Fix editing some achievements in admin panel * log if a user invites party to quest * Log more quest events into user history * make userhistory length configurable * fix some numbered achievements * fix extraMonths field * Automatically set up group plan subs with admin panel * show party info nicer in admin panel * improve admin panel sub handling * add missing brace * display when there are unsaved changes * fix setting group plan * fix showing group id * Display group plan info in admin panel * fix setting hourglass promo date * Improve termination handling in admin panel * reload data after certain save events in admin panel * remove console * fix plan.extraMonths not being reset if terminating a sub * add more options when cancelling subs * reload data after group plan change * Add a way to remove users from a party * fix issue with removing user from party * pass party id correctly * correctly call async function * Improve sub display in admin panel * fix line length * fix line * shorter * plaid * fix(lint): vue code style --------- Co-authored-by: Kalista Payne <sabrecat@gmail.com>
120 lines
3.3 KiB
JavaScript
120 lines
3.3 KiB
JavaScript
import validator from 'validator';
|
|
import { authWithHeaders } from '../../middlewares/auth';
|
|
import { ensurePermission } from '../../middlewares/ensureAccessRight';
|
|
import { model as User } from '../../models/user';
|
|
import { model as UserHistory } from '../../models/userHistory';
|
|
import {
|
|
NotFound,
|
|
} from '../../libs/errors';
|
|
|
|
const api = {};
|
|
|
|
/**
|
|
* @api {get} /api/v4/admin/search/:userIdentifier Search for users by username or email
|
|
* @apiParam (Path) {String} userIdentifier The username or email of the user to search for
|
|
* @apiName SearchUsers
|
|
* @apiGroup Admin
|
|
* @apiPermission Admin
|
|
*
|
|
* @apiDescription Returns a list of users that match the search criteria
|
|
*
|
|
* @apiSuccess {Object} data The User list
|
|
*
|
|
* @apiUse NoAuthHeaders
|
|
* @apiUse NoAccount
|
|
* @apiUse NoUser
|
|
* @apiUse NotAdmin
|
|
*/
|
|
api.searchHero = {
|
|
method: 'GET',
|
|
url: '/admin/search/:userIdentifier',
|
|
middlewares: [authWithHeaders(), ensurePermission('userSupport')],
|
|
async handler (req, res) {
|
|
req.checkParams('userIdentifier', res.t('userIdentifierRequired')).notEmpty();
|
|
|
|
const validationErrors = req.validationErrors();
|
|
if (validationErrors) throw validationErrors;
|
|
|
|
const { userIdentifier } = req.params;
|
|
|
|
const re = new RegExp(String.raw`^${userIdentifier.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}`);
|
|
|
|
let query;
|
|
let users = [];
|
|
if (validator.isUUID(userIdentifier)) {
|
|
query = { _id: userIdentifier };
|
|
} else if (validator.isEmail(userIdentifier)) {
|
|
const emailFields = [
|
|
'auth.local.email',
|
|
'auth.google.emails.value',
|
|
'auth.apple.emails.value',
|
|
'auth.facebook.emails.value',
|
|
];
|
|
for (const field of emailFields) {
|
|
const emailQuery = { [field]: userIdentifier };
|
|
// eslint-disable-next-line no-await-in-loop
|
|
const found = await User.findOne(emailQuery)
|
|
.select('contributor backer profile auth')
|
|
.lean()
|
|
.exec();
|
|
if (found) {
|
|
users.push(found);
|
|
}
|
|
}
|
|
} else {
|
|
query = { 'auth.local.lowerCaseUsername': { $regex: re, $options: 'i' } };
|
|
}
|
|
|
|
if (query) {
|
|
users = await User
|
|
.find(query)
|
|
.select('contributor backer profile auth')
|
|
.limit(30)
|
|
.lean()
|
|
.exec();
|
|
}
|
|
res.respond(200, users);
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @api {get} /api/v4/admin/user/:userId/history Get the history of a user
|
|
* @apiParam (Path) {String} userIdentifier The username or email of the user
|
|
* @apiName GetUserHistory
|
|
* @apiGroup Admin
|
|
* @apiPermission Admin
|
|
*
|
|
* @apiDescription Returns the history of a user
|
|
*
|
|
* @apiSuccess {Object} data The User history
|
|
*
|
|
* @apiUse NoAuthHeaders
|
|
* @apiUse NoAccount
|
|
* @apiUse NoUser
|
|
* @apiUse NotAdmin
|
|
*/
|
|
api.getUserHistory = {
|
|
method: 'GET',
|
|
url: '/admin/user/:userId/history',
|
|
middlewares: [authWithHeaders(), ensurePermission('userSupport')],
|
|
async handler (req, res) {
|
|
req.checkParams('userId', res.t('heroIdRequired')).notEmpty().isUUID();
|
|
|
|
const validationErrors = req.validationErrors();
|
|
if (validationErrors) throw validationErrors;
|
|
|
|
const { userId } = req.params;
|
|
|
|
const history = await UserHistory
|
|
.findOne({ userId })
|
|
.lean()
|
|
.exec();
|
|
|
|
if (!history) throw new NotFound(res.t('userWithIDNotFound', { userId }));
|
|
|
|
res.respond(200, history);
|
|
},
|
|
};
|
|
|
|
export default api;
|