feat(server): get public user by id (#10434)

close CLOUD-160

packages/backend/server/src/__tests__/models/user.spec.ts

@@ -152,6 +152,7 @@ test('should get public user by id', async t => {
   t.not(publicUser, null);
   t.is(publicUser!.id, user.id);
   t.true(!('password' in publicUser!));
+  t.true(!('email' in publicUser!));
 });
 
 test('should get public user by email', async t => {
@@ -164,6 +165,35 @@ test('should get public user by email', async t => {
   t.not(publicUser, null);
   t.is(publicUser!.id, user.id);
   t.true(!('password' in publicUser!));
+  t.true(!('email' in publicUser!));
+});
+
+test('should get workspace user by id', async t => {
+  const user = await t.context.user.create({
+    email: 'test@affine.pro',
+  });
+
+  const workspaceUser = await t.context.user.getWorkspaceUser(user.id);
+
+  t.not(workspaceUser, null);
+  t.is(workspaceUser!.id, user.id);
+  t.true(!('password' in workspaceUser!));
+  t.is(workspaceUser!.email, user.email);
+});
+
+test('should get workspace user by email', async t => {
+  const user = await t.context.user.create({
+    email: 'test@affine.pro',
+  });
+
+  const workspaceUser = await t.context.user.getWorkspaceUserByEmail(
+    user.email
+  );
+
+  t.not(workspaceUser, null);
+  t.is(workspaceUser!.id, user.id);
+  t.true(!('password' in workspaceUser!));
+  t.is(workspaceUser!.email, user.email);
 });
 
 test('should get user by email', async t => {

packages/backend/server/src/__tests__/user/user.e2e.ts

@@ -1,7 +1,14 @@
+import { randomUUID } from 'node:crypto';
+
 import type { TestFn } from 'ava';
 import ava from 'ava';
 
-import { createTestingApp, TestingApp, updateAvatar } from '../utils';
+import {
+  createTestingApp,
+  getPublicUserById,
+  TestingApp,
+  updateAvatar,
+} from '../utils';
 
 const test = ava as TestFn<{
   app: TestingApp;
@@ -57,3 +64,43 @@ test('should be able to update user avatar, and invalidate old avatar url', asyn
   const newAvatarRes = await app.GET(new URL(newAvatarUrl).pathname);
   t.deepEqual(newAvatarRes.body, Buffer.from('new'));
 });
+
+test('should be able to get public user by id', async t => {
+  const { app } = t.context;
+
+  const u1 = await app.signup();
+  const avatar = Buffer.from('test');
+  await updateAvatar(app, avatar);
+  const u2 = await app.signup();
+
+  // login user can access
+  let user1 = await getPublicUserById(app, u1.id);
+  t.truthy(user1);
+  t.is(user1!.id, u1.id);
+  t.is(user1!.name, u1.name);
+  t.truthy(user1!.avatarUrl);
+  let user2 = await getPublicUserById(app, u2.id);
+  t.deepEqual(user2, {
+    id: u2.id,
+    name: u2.name,
+    avatarUrl: null,
+  });
+  let user3 = await getPublicUserById(app, randomUUID());
+  t.is(user3, null);
+
+  // anonymous user can access
+  await app.logout();
+  user1 = await getPublicUserById(app, u1.id);
+  t.truthy(user1);
+  t.is(user1!.id, u1.id);
+  t.is(user1!.name, u1.name);
+  t.truthy(user1!.avatarUrl);
+  user2 = await getPublicUserById(app, u2.id);
+  t.deepEqual(user2, {
+    id: u2.id,
+    name: u2.name,
+    avatarUrl: null,
+  });
+  user3 = await getPublicUserById(app, randomUUID());
+  t.is(user3, null);
+});

packages/backend/server/src/__tests__/utils/user.ts

@@ -1,3 +1,4 @@
+import { PublicUserType } from '../../core/user';
 import { TestingApp } from './testing-app';
 
 export async function currentUser(app: TestingApp) {
@@ -12,6 +13,25 @@ export async function currentUser(app: TestingApp) {
   return res.currentUser;
 }
 
+export async function getPublicUserById(
+  app: TestingApp,
+  id: string
+): Promise<PublicUserType | null> {
+  const res = await app.gql(
+    `
+    query getPublicUserById($id: String!) {
+      publicUserById(id: $id) {
+        id
+        name
+        avatarUrl
+      }
+    }
+    `,
+    { id }
+  );
+  return res.publicUserById;
+}
+
 export async function sendChangeEmail(
   app: TestingApp,
   email: string,