Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-02-27 17:11:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: api v3 route to add email to user, optionally bypassing validation email, closes #11009

Browse Source
This commit is contained in:
Julian Lam
2023-01-05 15:59:45 -05:00
parent aa873e805f
commit fdc41646d1
3 changed files with 70 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
public/openapi/write/users/uid/emails.yaml
View File

@@ -16,6 +16,57 @@ get:
responses: responses:
'200': '200':
description: user emails successfully listed description: user emails successfully listed
content:
application/json:
schema:
type: object
properties:
status:
$ref: ../../../components/schemas/Status.yaml#/Status
response:
type: object
properties:
emails:
type: array
items:
type: string
description: An email address
post:
tags:
- users
summary: add email to user
description: |
This operation adds an email to the user account, optionally bypassing the confirmation step if requested.
**Note**: The confirmation bypass can only be called by super administrators or users with the `admin:users` privilege.
parameters:
- in: path
name: uid
schema:
type: integer
required: true
description: uid of the account to add the email
example: 1
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
email:
type: string
description: A single email address
example: test@example.org
skipConfirmation:
type: boolean
description: If truthy, will automatically confirm the user's email.
example: 1
required:
- email
responses:
'200':
description: email successfully added to user account
content: content:
application/json: application/json:
schema: schema:

18
src/controllers/write/users.js
View File

@@ -253,6 +253,24 @@ Users.getInviteGroups = async function (req, res) {
return helpers.formatApiResponse(200, res, userInviteGroups.map(group => group.displayName)); return helpers.formatApiResponse(200, res, userInviteGroups.map(group => group.displayName));
}; };
Users.addEmail = async (req, res) => {
const canManageUsers = await privileges.admin.can('admin:users', req.uid);
const skipConfirmation = canManageUsers && req.body.skipConfirmation;
if (skipConfirmation) {
await user.setUserField(req.params.uid, 'email', req.body.email);
await user.email.confirmByUid(req.params.uid);
} else {
await api.users.update(req, {
uid: req.params.uid,
email: req.body.email,
});
}
const emails = await db.getSortedSetRangeByScore('email:uid', 0, 500, req.params.uid, req.params.uid);
helpers.formatApiResponse(200, res, { emails });
};
Users.listEmails = async (req, res) => { Users.listEmails = async (req, res) => {
const [isPrivileged, { showemail }] = await Promise.all([ const [isPrivileged, { showemail }] = await Promise.all([
user.isPrivileged(req.uid), user.isPrivileged(req.uid),

1
src/routes/write/users.js
View File

@@ -48,6 +48,7 @@ function authenticatedRoutes() {
setupApiRoute(router, 'get', '/:uid/invites/groups', [...middlewares, middleware.assert.user], controllers.write.users.getInviteGroups); setupApiRoute(router, 'get', '/:uid/invites/groups', [...middlewares, middleware.assert.user], controllers.write.users.getInviteGroups);
setupApiRoute(router, 'get', '/:uid/emails', [...middlewares, middleware.assert.user], controllers.write.users.listEmails); setupApiRoute(router, 'get', '/:uid/emails', [...middlewares, middleware.assert.user], controllers.write.users.listEmails);
setupApiRoute(router, 'post', '/:uid/emails', [...middlewares, middleware.assert.user], controllers.write.users.addEmail);
setupApiRoute(router, 'get', '/:uid/emails/:email', [...middlewares, middleware.assert.user], controllers.write.users.getEmail); setupApiRoute(router, 'get', '/:uid/emails/:email', [...middlewares, middleware.assert.user], controllers.write.users.getEmail);
setupApiRoute(router, 'post', '/:uid/emails/:email/confirm', [...middlewares, middleware.assert.user], controllers.write.users.confirmEmail); setupApiRoute(router, 'post', '/:uid/emails/:email/confirm', [...middlewares, middleware.assert.user], controllers.write.users.confirmEmail);