diff --git a/app/start.go b/app/start.go index dad9636..ec50afa 100644 --- a/app/start.go +++ b/app/start.go @@ -32,6 +32,7 @@ func Start(conf common.Conf, db *sql.DB) *gin.Engine { gv1.GET("/users/whatid", Method(v1.UserWhatsTheIDGET, db, common.PrivilegeRead)) gv1.GET("/users/full", Method(v1.UserFullGET, db, common.PrivilegeRead)) gv1.GET("/users/userpage", Method(v1.UserUserpageGET, db, common.PrivilegeRead)) + gv1.GET("/users/lookup", Method(v1.UserLookupGET, db, common.PrivilegeRead)) gv1.GET("/badges", Method(v1.BadgesGET, db, common.PrivilegeRead)) // ReadConfidential privilege required diff --git a/app/v1/user.go b/app/v1/user.go index 3d5f425..807816c 100644 --- a/app/v1/user.go +++ b/app/v1/user.go @@ -275,3 +275,44 @@ func whereClauseUser(md common.MethodData, tableName string) (*common.CodeMessag a := common.SimpleResponse(400, "you need to pass either querystring parameters name or id") return &a, "", nil } + +type userLookupResponse struct { + common.ResponseBase + Users []lookupUser `json:"users"` +} +type lookupUser struct { + ID int `json:"id"` + Username string `json:"username"` +} + +// UserLookupGET does a quick lookup of users beginning with the passed +// querystring value name. +func UserLookupGET(md common.MethodData) common.CodeMessager { + name := strings.NewReplacer( + "%", "\\%", + "_", "\\_", + ).Replace(md.C.Query("name")) + if name == "" { + return common.SimpleResponse(400, "please provide an username to start searching") + } + name += "%" + rows, err := md.DB.Query("SELECT users.id, users.username FROM users WHERE username LIKE ? AND allowed = '1' LIMIT 25", name) + if err != nil { + md.Err(err) + return Err500 + } + + var r userLookupResponse + + for rows.Next() { + var l lookupUser + err := rows.Scan(&l.ID, &l.Username) + if err != nil { + continue // can't be bothered to handle properly + } + r.Users = append(r.Users, l) + } + + r.Code = 200 + return r +}