Skip to content

Commit

Permalink
feat: displayName internal route and optoutPublicName field
Browse files Browse the repository at this point in the history
  • Loading branch information
@ahnl
ahnl committed Jul 6, 2024
1 parent 0a5ff6f commit 07cc163
Show file tree
Hide file tree
Showing 5 changed files with 49 additions and 2 deletions.
1 change: 1 addition & 0 deletions .env.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,4 @@ TESTAUSKOIRA_MARIADB=
SESSION_SECRET=
NODE_ENV=development
COAL_REDIRECT_URI=http://localhost:3001/api/authorized
INTERNAL_API_SECRET=
1 change: 1 addition & 0 deletions src/database/schemas/userInfo.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ const SchemaUserInfo = new Schema({
},
timestamp: Number
},
optoutPublicName: Boolean,
internalNotices: String
})

Expand Down
11 changes: 11 additions & 0 deletions src/middleware/internalApi.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
/* This middleware is used to restrict access to certain API routes, that are used internally by Testausserveri's other systems */
/* Must be only used to avoid abuse use, not as a data protection measure */

export default function internalApiMiddleware(req, res, next) {
res.setHeader('X-Testausapis-Internal-Api-Middleware', 'hit');
if (process.env.INTERNAL_API_SECRET != req.get('X-Testausapis-Secret')) {
res.status(403).json({error: "Unauthorized"}).end()
return
}
next()
}
34 changes: 34 additions & 0 deletions src/routes/misc.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
import express, { Router } from "express"
import database from "../database/database.js"
import internalApiMiddleware from "../middleware/internalApi.js"

// eslint-disable-next-line new-cap
const router = Router()
Expand All @@ -12,4 +14,36 @@ router.use("/media", (req, res, next) => {
next()
}, express.static("media"))

router.get("/displayName", internalApiMiddleware, async (req, res) => {
const id = req.query.id;
if (!id) return res.status(400).json({error: "Missing id query parameter"})
if (!/^[a-f\d]{24}$/i.test(id)) return res.status(400).json({error: "Invalid id"})

const member = await database.UserInfo.findOne({ _id: req.query.id }, "associationMembership.firstName associationMembership.lastName username nickname optoutPublicName")

/*
Display name is sourced from in the following order:
1. first name & last name initial
2. nickname
3. username
4. id
*/

let displayName = id;
let kind = 4;

if (member?.associationMembership?.firstName && member?.associationMembership?.lastName && member?.optoutPublicName != true) {
displayName = `${member.associationMembership.firstName} ${member.associationMembership.lastName[0]}.`
kind = 1;
} else if (member?.nickname) {
displayName = member.nickname;
kind = 2;
} else if (member?.username) {
displayName = member.username;
kind = 3;
}

return res.json({ displayName, kind })
})

export default router
4 changes: 2 additions & 2 deletions src/routes/projects.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ router.get("/", async (req, res) => {
let task = database.Projects.find({ publishState: "PUBLISHED" }, req.query.slugs ? "slug" : null)

if (!req.query.slugs) {
task = task.populate("members", "nickname username associationMembership.firstName associationMembership.lastName")
task = task.populate("members", "nickname username associationMembership.firstName associationMembership.lastName optoutPublicName")
.populate("tags", "name")
}

Expand Down Expand Up @@ -38,7 +38,7 @@ router.get("/", async (req, res) => {
_id, associationMembership, nickname, username
}) => ({
_id,
name: associationMembership?.lastName ?
name: (associationMembership?.lastName && associationMembership?.optoutPublicName != true) ?
`${associationMembership.firstName} ${associationMembership.lastName[0]}.` :
(nickname || username)
})),
Expand Down

0 comments on commit 07cc163

Please sign in to comment.