Added route to get full profile of a friend

3 files changed, 59 insertions, 4 deletions

diff --git a/src/controller/friend.ts b/src/controller/friend.ts
index f528858..5d76350 100644
--- a/src/controller/friend.ts
+++ b/src/controller/friend.ts
@@ -17,7 +17,7 @@
 
 import { Request, Response } from "express";
 import { getFriendToken } from "../util/auth";
-import { friend, unfriend, list } from "../service/friend";
+import { friend, unfriend, list, get } from "../service/friend";
 import jwt from "jsonwebtoken";
 import {readById} from "../service/user";
 
@@ -117,9 +117,27 @@ const listFriends = async (req: Request, res: Response) => {
     }
 }
 
+const getFriend = async (req: Request, res: Response) => {
+    try {
+        // @ts-ignore
+        const friend = await get(req.userId, parseInt(req.params.friendId)) // TODO: handle non int value passed (bad req)
+        // @ts-ignore
+        res.status(200).json({ friend: friend });
+    } catch(error) {
+        // @ts-ignore
+        if (error.message == "forbidden") {
+            res.status(403).json({ error: "You are not allowed to view this profile." });
+        } else {
+            res.status(500).json({ error: "Internal Server Error" });
+            console.error(error);
+        }
+    }
+}
+
 export {
     friendRequest,
     addFriend,
     removeFriend,
-    listFriends
+    listFriends,
+    getFriend
 }
diff --git a/src/route/friend.ts b/src/route/friend.ts
index f477c23..31a51d3 100644
--- a/src/route/friend.ts
+++ b/src/route/friend.ts
@@ -16,11 +16,12 @@
  */
 
 import { Router } from "express";
-import { listFriends, friendRequest, addFriend, removeFriend } from "../controller/friend";
+import { listFriends, getFriend, friendRequest, addFriend, removeFriend } from "../controller/friend";
 
 const router: Router = Router();
 
 router.get("/", listFriends);
+router.get("/:friendId", getFriend);
 router.get("/code", friendRequest);
 router.post("/", addFriend);
 router.delete("/", removeFriend);
diff --git a/src/service/friend.ts b/src/service/friend.ts
index 8b5ab38..8266323 100644
--- a/src/service/friend.ts
+++ b/src/service/friend.ts
@@ -66,8 +66,44 @@ const list = async (userId: Number) => {
     })
 }
 
+const get = async (userId: Number, friendId: Number) => {
+    // Verify that users are friends. Seeing a non-friend's profile isn't allowed
+    const friendship = await prisma.friend.findFirst({
+        // @ts-ignore
+        where: {
+            AND: [
+                // @ts-ignore
+                { userId: userId },
+                // @ts-ignore
+                { friendId: friendId },
+            ]
+        }
+    })
+
+    if (friendship == null) {
+        // user isn't friends with them
+        throw new Error("forbidden");
+    }
+
+    const friend = await prisma.user.findUnique({
+        // @ts-ignore
+        where: { id: friendId }
+    })
+    // @ts-ignore
+    delete friend["password"];
+    // @ts-ignore
+    delete friend["refreshTokenVersion"];
+    // @ts-ignore
+    delete friend["createdAt"];
+    // @ts-ignore
+    delete friend["updatedAt"];
+
+    return friend;
+}
+
 export {
     friend,
     unfriend,
-    list
+    list,
+    get
 }
\ No newline at end of file