Updated /users/:userId PATCH Endpoint (#2316)

* updated userId route for self patch request based on userid * removed console line * added feature flag * return res fix
Real-Dev-Squad · Dec 27, 2024 · 439658f · 439658f
1 parent 7269b1f
commit 439658f
Show file tree

Hide file tree

Showing 5 changed files with 474 additions and 15 deletions.
diff --git a/controllers/users.js b/controllers/users.js
@@ -36,6 +36,7 @@ const config = require("config");
 const { generateUniqueUsername } = require("../services/users");
 const userService = require("../services/users");
 const discordDeveloperRoleId = config.get("discordDeveloperRoleId");
+const usersCollection = firestore.collection("users");
 
 const verifyUser = async (req, res) => {
   const userId = req.userData.id;
@@ -714,6 +715,12 @@ const updateUser = async (req, res) => {
     const { id: profileDiffId, message } = req.body;
     const devFeatureFlag = req.query.dev === "true";
     let profileDiffData;
+
+    const userDoc = await usersCollection.doc(req.params.userId).get();
+    if (!userDoc.exists) {
+      return res.boom.notFound("The User doesn't exist.");
+    }
+
     if (devFeatureFlag) {
       profileDiffData = await profileDiffsQuery.fetchProfileDiffUnobfuscated(profileDiffId);
     } else {
@@ -1096,6 +1103,26 @@ const updateUsernames = async (req, res) => {
   }
 };
 
+const updateProfile = async (req, res) => {
+  try {
+    const { id: currentUserId, roles = {} } = req.userData;
+    const isSelf = req.params.userId === currentUserId;
+    const isSuperUser = roles[ROLES.SUPERUSER];
+    const profile = req.query.profile === "true";
+
+    if (isSelf && profile && req.query.dev === "true") {
+      return await updateSelf(req, res);
+    } else if (isSuperUser) {
+      return await updateUser(req, res);
+    }
+
+    return res.boom.badRequest("Invalid Request.");
+  } catch (err) {
+    logger.error(`Error in updateUserStatusController: ${err}`);
+    return res.boom.badImplementation("An unexpected error occurred.");
+  }
+};
+
 module.exports = {
   verifyUser,
   generateChaincode,
@@ -1128,4 +1155,5 @@ module.exports = {
   isDeveloper,
   getIdentityStats,
   updateUsernames,
+  updateProfile,
 };
diff --git a/middlewares/conditionalMiddleware.ts b/middlewares/conditionalMiddleware.ts
@@ -0,0 +1,10 @@
+const conditionalMiddleware = (validator) => {
+  return async (req, res, next) => {
+    if (req.params.userId === req.userData.id && req.query.profile === "true") {
+      return validator(req, res, next);
+    }
+    next();
+  };
+};
+
+module.exports = conditionalMiddleware;
diff --git a/routes/users.js b/routes/users.js
@@ -14,12 +14,13 @@ const { Services } = require("../constants/bot");
 const authenticateProfile = require("../middlewares/authenticateProfile");
 const { devFlagMiddleware } = require("../middlewares/devFlag");
 const { userAuthorization } = require("../middlewares/userAuthorization");
+const conditionalMiddleware = require("../middlewares/conditionalMiddleware");
 
 router.post("/", authorizeAndAuthenticate([ROLES.SUPERUSER], [Services.CRON_JOB_HANDLER]), users.markUnverified);
 router.post("/update-in-discord", authenticate, authorizeRoles([SUPERUSER]), users.setInDiscordScript);
 router.post("/verify", authenticate, users.verifyUser);
 router.get("/userId/:userId", users.getUserById);
-router.patch("/self", authenticate, userValidator.updateUser, users.updateSelf);
+router.patch("/self", authenticate, userValidator.updateUser, users.updateSelf); // this route is being deprecated soon, please use alternate available `/users/:userId?profile=true` PATCH endpoint.
 router.get("/", authenticateProfile(authenticate), userValidator.getUsers, users.getUsers);
 router.get("/self", authenticate, users.getSelfDetails);
 router.get("/isDeveloper", authenticate, users.isDeveloper);
@@ -75,7 +76,7 @@ router.patch(
 router.get("/picture/:id", authenticate, authorizeRoles([SUPERUSER]), users.getUserImageForVerification);
 router.patch("/profileURL", authenticate, userValidator.updateProfileURL, users.profileURL);
 router.patch("/rejectDiff", authenticate, authorizeRoles([SUPERUSER]), users.rejectProfileDiff);
-router.patch("/:userId", authenticate, authorizeRoles([SUPERUSER]), users.updateUser);
+router.patch("/:userId", authenticate, conditionalMiddleware(userValidator.updateUser), users.updateProfile);
 router.get("/suggestedUsers/:skillId", authenticate, authorizeRoles([SUPERUSER]), users.getSuggestedUsers);
 module.exports = router;
 router.post("/batch-username-update", authenticate, authorizeRoles([SUPERUSER]), users.updateUsernames);