(core) make treatment of emails consistent across /access endpoints

Summary:
Access endpoints were supposed to provide display versions of emails,
but in fact only the org endpoint was doing so.  This brings the
workspaces and docs endpoints into line, and adds tests.

Full user information is tweaked slightly to return an anonymous
flag only when anonymous.  This was already anticipated in the
FullUser type.

Test Plan: extended test

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2999
This commit is contained in:
Paul Fitzpatrick 2021-08-26 18:03:41 -04:00
parent a6e08883e0
commit 8b1ad588e9
2 changed files with 10 additions and 15 deletions

View File

@ -167,6 +167,7 @@ export interface UserAccessData {
// access to the resource. Lack of access to the parent resource is represented by a null value. // access to the resource. Lack of access to the parent resource is represented by a null value.
// If parent has non-inheritable access, this should be null. // If parent has non-inheritable access, this should be null.
parentAccess?: roles.BasicRole|null; parentAccess?: roles.BasicRole|null;
anonymous?: boolean; // If set to true, the user is the anonymous user.
} }
/** /**

View File

@ -375,16 +375,19 @@ export class HomeDBManager extends EventEmitter {
* Convert a user record into the format specified in api. * Convert a user record into the format specified in api.
*/ */
public makeFullUser(user: User): FullUser { public makeFullUser(user: User): FullUser {
if (!(user.logins && user.logins[0].displayEmail)) { if (!user.logins?.[0]?.displayEmail) {
throw new ApiError("unable to find mandatory user email", 400); throw new ApiError("unable to find mandatory user email", 400);
} }
return { const result: FullUser = {
id: user.id, id: user.id,
email: user.logins[0].displayEmail, email: user.logins[0].displayEmail,
name: user.name, name: user.name,
picture: user.picture, picture: user.picture,
anonymous: this.getAnonymousUserId() === user.id
}; };
if (this.getAnonymousUserId() === user.id) {
result.anonymous = true;
}
return result;
} }
public async updateUser(userId: number, props: UserProfileChange): Promise<void> { public async updateUser(userId: number, props: UserProfileChange): Promise<void> {
@ -1915,10 +1918,7 @@ export class HomeDBManager extends EventEmitter {
const org: Organization = queryResult.data; const org: Organization = queryResult.data;
const userRoleMap = getMemberUserRoles(org, this.defaultGroupNames); const userRoleMap = getMemberUserRoles(org, this.defaultGroupNames);
const users = getResourceUsers(org).filter(u => userRoleMap[u.id]).map(u => ({ const users = getResourceUsers(org).filter(u => userRoleMap[u.id]).map(u => ({
id: u.id, ...this.makeFullUser(u),
name: u.name,
email: u.logins.map((login: Login) => login.displayEmail)[0],
picture: u.picture,
access: userRoleMap[u.id] access: userRoleMap[u.id]
})); }));
return { return {
@ -1960,10 +1960,7 @@ export class HomeDBManager extends EventEmitter {
// Iterate through the org since all users will be in the org. // Iterate through the org since all users will be in the org.
const users: UserAccessData[] = getResourceUsers([workspace, workspace.org]).map(u => { const users: UserAccessData[] = getResourceUsers([workspace, workspace.org]).map(u => {
return { return {
id: u.id, ...this.makeFullUser(u),
name: u.name,
email: u.logins.map((login: Login) => login.email)[0],
picture: u.picture,
access: wsMap[u.id] || null, access: wsMap[u.id] || null,
parentAccess: roles.getEffectiveRole(orgMap[u.id] || null) parentAccess: roles.getEffectiveRole(orgMap[u.id] || null)
}; };
@ -1998,10 +1995,7 @@ export class HomeDBManager extends EventEmitter {
// resource access levels must be tempered by the maxInheritedRole values of their children. // resource access levels must be tempered by the maxInheritedRole values of their children.
const inheritFromOrg = roles.getWeakestRole(orgMap[u.id] || null, wsMaxInheritedRole); const inheritFromOrg = roles.getWeakestRole(orgMap[u.id] || null, wsMaxInheritedRole);
return { return {
id: u.id, ...this.makeFullUser(u),
name: u.name,
email: u.logins.map((login: Login) => login.email)[0],
picture: u.picture,
access: docMap[u.id] || null, access: docMap[u.id] || null,
parentAccess: roles.getEffectiveRole( parentAccess: roles.getEffectiveRole(
roles.getStrongestRole(wsMap[u.id] || null, inheritFromOrg) roles.getStrongestRole(wsMap[u.id] || null, inheritFromOrg)