Allow for searching user by email for users with ManageUser

This commit is contained in:
Morgan Bazalgette 2016-12-12 21:35:18 +01:00
parent e4af28b8ff
commit 62612cfdb8
2 changed files with 12 additions and 4 deletions

View File

@ -29,10 +29,11 @@ WHERE token = ? LIMIT 1`,
)
updateTokens <- t.ID
if priv8 {
tokenPrivsRaw = common.PrivilegeReadConfidential | common.PrivilegeWrite
// all privileges, they'll get removed by canOnly anyway.
tokenPrivsRaw = (common.PrivilegeBeatmap << 1) - 1
}
t.TokenPrivileges = common.Privileges(tokenPrivsRaw)
t.UserPrivileges = common.UserPrivileges(userPrivsRaw)
t.TokenPrivileges = common.Privileges(tokenPrivsRaw).CanOnly(t.UserPrivileges)
switch {
case err == sql.ErrNoRows:
return common.Token{}, false

View File

@ -395,8 +395,15 @@ func UserLookupGET(md common.MethodData) common.CodeMessager {
}
name = "%" + name + "%"
rows, err := md.DB.Query("SELECT users.id, users.username FROM users WHERE username_safe LIKE ? AND "+
md.User.OnlyUserPublic(true)+" LIMIT 25", name)
var email string
if md.User.TokenPrivileges&common.PrivilegeManageUser != 0 &&
strings.Contains(md.Query("name"), "@") {
email = md.Query("name")
}
rows, err := md.DB.Query("SELECT users.id, users.username FROM users WHERE "+
"(username_safe LIKE ? OR email = ?) AND "+
md.User.OnlyUserPublic(true)+" LIMIT 25", name, email)
if err != nil {
md.Err(err)
return Err500