add:(user research)#53
Merged
Merged
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds a user research feature that allows users to search for other users by username while also applying the same filtering and sorting capabilities as the existing browsing feature.
Key changes:
- Added a new
researchUsersendpoint that accepts a username parameter - Modified the
getUsersFromCoordsAndRadiusmethod to support username filtering with parameterized SQL queries - Added comprehensive test coverage for the username research functionality
Reviewed changes
Copilot reviewed 5 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| fastify/assets/test/integration/ws/browsing.test.ts | Removed unused import and added test case for username research functionality |
| fastify/assets/srcs/services/BrowsingService.ts | Modified private method to accept username parameter and added new public researchUsers method with ILIKE filtering |
| fastify/assets/srcs/routes/private/research/index.ts | Created new research route with schema validation for username-based user search |
| fastify/assets/srcs/routes/private/index.ts | Registered the new research routes under /research prefix |
| fastify/assets/srcs/controllers/private/research/index.ts | Implemented controller handler for research endpoint with parameter processing |
| fastify/assets/@types/fastify.d.ts | Added TypeScript definitions for the new researchUsers method |
Comments suppressed due to low confidence (1)
fastify/assets/srcs/services/BrowsingService.ts:253
- The
researchUsersmethod duplicates most of the logic frombrowseUsers(lines 187-218). Consider extracting the common logic into a shared private method to reduce code duplication and improve maintainability.
public async researchUsers(userId: number, username: string, limit: number = 5, offset: number = 0, radius: number = 25, filters?: BrowsingFilter, sort?: BrowsingSort): Promise<Array<BrowsingUser>> {
const user = await this.fastify.userService.getMe(userId);
const lat = filters?.location?.latitude ?? user.location?.latitude;
const lng = filters?.location?.longitude ?? user.location?.longitude;
if (filters?.tags && filters.tags.length === 0) {
delete filters.tags;
}
const bornAt = user.bornAt;
const fameRate = user.fameRate;
const tags = user.tags;
if (lat === undefined || lng === undefined)
throw new BadRequestError();
let gender: string | undefined = undefined;
if (user.orientation === 'heterosexual') {
gender = user.gender === 'men' ? 'women' : 'men';
} else if (user.orientation === 'homosexual') {
gender = user.gender;
}
const userRows = await this.getUsersFromCoordsAndRadius(userId, username, lat, lng, limit, offset, radius, gender, filters);
switch (sort) {
case 'distance':
return this.sortByDistance(userRows);
case 'age':
return this.sortByAge(userRows, bornAt);
case 'fameRate':
return this.sortByFameRate(userRows);
case 'tags':
return this.sortByTags(userRows, tags);
default:
return this.sortByAll(userRows, bornAt, tags, fameRate ?? 0);
}
}
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| }; | ||
| if (!(lat < -90 || lat > 90 || lng < -180 || lng > 180)) | ||
| requestFilters.location = { latitude: lat, longitude: lng }; | ||
| console.log('Username in researchUsersHandler:', username); |
There was a problem hiding this comment.
Debug console.log statement should be removed before merging to production. This appears to be leftover debugging code.
Suggested change
| console.log('Username in researchUsersHandler:', username); |
|
|
||
| if (username) { | ||
| // pass wildcard in parameter to avoid concatenation in SQL | ||
| parameters.push(`%${username}%`); |
There was a problem hiding this comment.
The username parameter is being used with ILIKE and wildcards, which could be exploited for SQL injection if the username contains special characters like %, _, or . Consider sanitizing the username to escape these special SQL LIKE wildcard characters before adding the % wildcards.
| this.timeout(5000); | ||
| const token1 = await createUserWithProfile(app, 'researchtestuser1', 'researchtestuser1@gmail.com', 'Test@1234!fjfsfas', 'Test', 'TestUser1', 'I am browsing test user 1', ['music', 'sport', 'travel', 'art'], '1995-06-15', 'heterosexual', 'women'); | ||
| await setLocalisation(app, token1, 89.8566, 52.3522); | ||
| const { userData: data2, token: token2 } = await quickUser(app); |
There was a problem hiding this comment.
Unused variable data2.
Suggested change
| const { userData: data2, token: token2 } = await quickUser(app); | |
| const { token: token2 } = await quickUser(app); |
| await setTags(app, token2, ['music', 'sport', 'travel']); | ||
| await setBirthDate(app, token2, '1994-08-20'); | ||
| await setLocalisation(app, token2, 89.8566, 52.3622); | ||
| const { userData: data3, token: token3 } = await quickUser(app); |
There was a problem hiding this comment.
Unused variable data3.
Suggested change
| const { userData: data3, token: token3 } = await quickUser(app); | |
| const { token: token3 } = await quickUser(app); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.