Add support for searching users by email (#30908)

Fix #30898

we have an option `SearchByEmail`, so enable it, then we can search user
by email.
Also added a test for it.

(cherry picked from commit 5d6d025c9b8d2abca9ec2bfdc795d1f0c1c6592d)
This commit is contained in:
yp05327 2024-10-05 02:45:06 +09:00 committed by Earl Warren
parent 1dfe58ad11
commit af901ac7bb
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
3 changed files with 55 additions and 6 deletions

View file

@ -69,7 +69,19 @@ func (opts *SearchUserOptions) toSearchQueryBase(ctx context.Context) *xorm.Sess
builder.Like{"LOWER(full_name)", lowerKeyword},
)
if opts.SearchByEmail {
keywordCond = keywordCond.Or(builder.Like{"LOWER(email)", lowerKeyword})
var emailCond builder.Cond
emailCond = builder.Like{"LOWER(email)", lowerKeyword}
if opts.Actor == nil {
emailCond = emailCond.And(builder.Eq{"keep_email_private": false})
} else if !opts.Actor.IsAdmin {
emailCond = emailCond.And(
builder.Or(
builder.Eq{"keep_email_private": false},
builder.Eq{"id": opts.Actor.ID},
),
)
}
keywordCond = keywordCond.Or(emailCond)
}
cond = cond.And(keywordCond)

View file

@ -69,11 +69,12 @@ func Search(ctx *context.APIContext) {
users = []*user_model.User{user_model.NewActionsUser()}
default:
users, maxResults, err = user_model.SearchUsers(ctx, &user_model.SearchUserOptions{
Actor: ctx.Doer,
Keyword: ctx.FormTrim("q"),
UID: uid,
Type: user_model.UserTypeIndividual,
ListOptions: listOptions,
Actor: ctx.Doer,
Keyword: ctx.FormTrim("q"),
UID: uid,
Type: user_model.UserTypeIndividual,
SearchByEmail: true,
ListOptions: listOptions,
})
if err != nil {
ctx.JSON(http.StatusInternalServerError, map[string]any{

View file

@ -130,3 +130,39 @@ func TestAPIUserSearchNotLoggedInUserHidden(t *testing.T) {
DecodeJSON(t, resp, &results)
assert.Empty(t, results.Data)
}
func TestAPIUserSearchByEmail(t *testing.T) {
defer tests.PrepareTestEnv(t)()
// admin can search user with private email
adminUsername := "user1"
session := loginUser(t, adminUsername)
token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser)
query := "user2@example.com"
req := NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query).
AddTokenAuth(token)
resp := MakeRequest(t, req, http.StatusOK)
var results SearchResults
DecodeJSON(t, resp, &results)
assert.Equal(t, 1, len(results.Data))
assert.Equal(t, query, results.Data[0].Email)
// no login user can not search user with private email
req = NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query)
resp = MakeRequest(t, req, http.StatusOK)
DecodeJSON(t, resp, &results)
assert.Empty(t, results.Data)
// user can search self with private email
user2 := "user2"
session = loginUser(t, user2)
token = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser)
req = NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query).
AddTokenAuth(token)
resp = MakeRequest(t, req, http.StatusOK)
DecodeJSON(t, resp, &results)
assert.Equal(t, 1, len(results.Data))
assert.Equal(t, query, results.Data[0].Email)
}