From 0371588ef8c1db8fe0bb08415338116d572284fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Mon, 16 Nov 2015 14:08:19 +0100
Subject: [PATCH] api: extend /api/users/{value}/ to also look within name
 identifiers (#8994)

---
 tests/test_api.py |  8 ++++++++
 wcs/api.py        | 12 +++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/tests/test_api.py b/tests/test_api.py
index 5b5c0bd..1feeff9 100644
--- a/tests/test_api.py
+++ b/tests/test_api.py
@@ -506,6 +506,14 @@ def test_formdata(pub, local_user):
     assert [x.get('id') for x in resp.json['roles']['concerned']] == [str(role.id), str(another_role.id)]
     assert [x.get('id') for x in resp.json['roles']['actions']] == [str(role.id)]
 
+def test_user_by_nameid(pub, local_user):
+    resp = get_app(pub).get(sign_uri('/api/users/xyz/', user=local_user),
+            status=404)
+    local_user.name_identifiers = ['xyz']
+    local_user.store()
+    resp = get_app(pub).get(sign_uri('/api/users/xyz/', user=local_user))
+    assert str(resp.json['id']) == str(local_user.id)
+
 def test_user_forms(pub, local_user):
     FormDef.wipe()
     formdef = FormDef()
diff --git a/wcs/api.py b/wcs/api.py
index 7092b9c..c63607a 100644
--- a/wcs/api.py
+++ b/wcs/api.py
@@ -412,6 +412,7 @@ class ApiUserDirectory(Directory):
             raise AccessForbiddenError('no user specified')
         user_info = user.get_substitution_variables(prefix='')
         del user_info['user']
+        user_info['id'] = user.id
         user_info['user_roles'] = [
                 Role.get(x).get_json_export_dict() for x in user.roles or []]
         return json.dumps(user_info)
@@ -537,7 +538,16 @@ class ApiUsersDirectory(Directory):
         if not (is_url_signed() or (
                 get_request().user and get_request().user.can_go_in_admin())):
             raise AccessForbiddenError()
-        return ApiUserDirectory(get_publisher().user_class.get(component))
+        user_class = get_publisher().user_class
+        try:
+            int(component) # makes sure this is an id
+            user = user_class.get(component)
+        except (KeyError, ValueError):
+            try:
+                user = user_class.get_users_with_name_identifier(component)[0]
+            except IndexError:
+                raise TraversalError()
+        return ApiUserDirectory(user)
 
 
 class ApiDirectory(Directory):
-- 
2.6.2