[FIX] users.info endpoint not handling the error if the user does not exist (#16495)

* Prevent user to be undefined * Move findById to Base model Co-authored-by: Diego Sampaio <chinello@gmail.com>
6 years ago · af75981fb3
parent f69130e9fd
commit af75981fb3
6 changed files with 31 additions and 7 deletions
--- a/app/api/server/v1/users.js
+++ b/app/api/server/v1/users.js
@ -166,7 +166,7 @@ API.v1.addRoute('users.info', { authRequired: true }, {
 			: getFullUserData(params);

 		if (!result || result.count() !== 1) {
-			return API.v1.failure(`Failed to get the user data for the userId of "${ this.userId }".`);
+			return API.v1.failure('User not found.');
 		}
 		const [user] = result.fetch();
 		const myself = user._id === this.userId;
--- a/app/lib/server/functions/getFullUserData.js
+++ b/app/lib/server/functions/getFullUserData.js
@ -78,6 +78,9 @@ export function getFullUserDataById({ userId, filterId }) {
 export const getFullUserData = function({ userId, filter, limit: l }) {
 	const username = s.trim(filter);
 	const userToRetrieveFullUserData = username && Users.findOneByUsername(username, { fields: { username: 1 } });
+	if (!userToRetrieveFullUserData) {
+		return;
+	}

 	const isMyOwnInfo = userToRetrieveFullUserData && userToRetrieveFullUserData._id === userId;
 	const viewFullOtherUserInfo = hasPermission(userId, 'view-full-other-user-info');
--- a/app/models/server/models/Users.js
+++ b/app/models/server/models/Users.js
@ -493,12 +493,6 @@ export class Users extends Base {
 	}

 	// FIND
-	findById(userId) {
-		const query = { _id: userId };
-
-		return this.find(query);
-	}
-
 	findByIds(users, options) {
 		const query = { _id: { $in: users } };
 		return this.find(query, options);
--- a/app/models/server/models/_Base.js
+++ b/app/models/server/models/_Base.js
@ -119,6 +119,14 @@ export class Base {
 		}
 	}

+	findById(...args) {
+		try {
+			return this[this.origin].findById(...args);
+		} catch (e) {
+			console.error('Exception on find', e, ...args);
+		}
+	}
+
 	findOne(...args) {
 		try {
 			return this[this.origin].findOne(...args);
--- a/app/models/server/models/_BaseDb.js
+++ b/app/models/server/models/_BaseDb.js
@ -130,6 +130,10 @@ export class BaseDb extends EventEmitter {
 		return this.model.find(...args);
 	}

+	findById(_id, options) {
+		return this.find({ _id }, options);
+	}
+
 	findOne(...args) {
 		this._doNotMixInclusionAndExclusionFields(args[1]);
 		return this.model.findOne(...args);
--- a/tests/end-to-end/api/01-users.js
+++ b/tests/end-to-end/api/01-users.js
@ -198,6 +198,21 @@ describe('[Users]', function() {
 	describe('[/users.info]', () => {
 		after(() => updatePermission('view-other-user-channels', ['admin']));

+		it('should return an error when the user does not exist', (done) => {
+			request.get(api('users.info'))
+				.set(credentials)
+				.query({
+					username: 'invalid-username',
+				})
+				.expect('Content-Type', 'application/json')
+				.expect(400)
+				.expect((res) => {
+					expect(res.body).to.have.property('success', false);
+					expect(res.body).to.have.property('error').and.to.be.equal('User not found.');
+				})
+				.end(done);
+		});
+
 		it('should query information about a user by userId', (done) => {
 			request.get(api('users.info'))
 				.set(credentials)