kuzzleio · Aschen · Feb 13, 2020 · Nov 15, 2019 · Nov 15, 2019 · Nov 15, 2019
diff --git a/doc/7/controllers/document/m-get/index.md b/doc/7/controllers/document/m-get/index.md
@@ -15,6 +15,7 @@ Gets multiple documents.
 mGet(index, collection, ids, [options]);
 ```
 
+
 | Argument     | Type            | Description     |
 | ------------ | --------------- | --------------- |
 | `index`      | <pre>string</pre>        | Index name      |
@@ -29,6 +30,12 @@ Additional query options
 | Options    | Type<br/>(default)     | Description                                                                  |
 | ---------- | ---------------------- | ---------------------------------------------------------------------------- |
 | `queuable` | <pre>boolean</pre><br/>(`true`) | If true, queues the request during downtime, until connected to Kuzzle again |
+| `verb`     | <pre>string</pre>      | (HTTP only) Forces the verb of the route |
+
+#### verb
+
+When instantiated with a HTTP protocol object, the SDK uses the GET API by default for this API route.
+You can set the `verb` option to `POST` to force the SDK to use the POST API instead.
 
 ## Resolves
 

diff --git a/doc/7/controllers/security/m-get-users/index.md b/doc/7/controllers/security/m-get-users/index.md
@@ -0,0 +1,43 @@
+---
+code: true
+type: page
+title: mGetUsers
+description: Gets multiple security users
+---
+
+# mGetUsers
+
+Gets multiple security users.
+
+<br />
+
+```js
+mGetUsers(kuids, [options]);
+```
+
+<br />
+
+| Property | Type | Description |
+|--- |--- |--- |
+| `ids` | <pre>string[]</pre> | User identifiers |
+| `options` | <pre>object</pre> | Query options |
+
+### options
+
+| Property | Type | Description |
+| --- | --- | --- |
+| `queuable` | <pre>boolean</pre> | If true, queues the request during downtime, until connected to Kuzzle again |
+| `verb`     | <pre>string</pre> | (HTTP only) Forces the verb of the API route |
+
+#### verb
+
+When instantiated with a HTTP protocol object, the SDK uses the GET API by default for this API route.
+You can set the `verb` option to `POST` to force the SDK to use the POST API instead.
+
+## Resolves
+
+An array of retrieved [`User`](/sdk/js/7/core-classes/user/introduction) objects.
+
+## Usage
+
+<<< ./snippets/m-get-users.js
diff --git a/doc/7/controllers/security/m-get-users/snippets/m-get-users.js b/doc/7/controllers/security/m-get-users/snippets/m-get-users.js
@@ -0,0 +1,22 @@
+try {
+  const response = await kuzzle.security.mGetUsers([
+    'user1',
+    'user2',
+    'user3'
+  ]);
+
+  console.log(response);
+  /*
+  [ User {
+      _id: 'user1',
+      profileIds: ['profile1'],
+    User {
+      _id: 'user2',
+      profileIds: ['profile2'],
+    User {
+      _id: 'user3',
+      profileIds: ['profile3'] ]
+   */
+} catch (e) {
+  console.error(e);
+}
diff --git a/doc/7/controllers/security/m-get-users/snippets/m-get-users.test.yml b/doc/7/controllers/security/m-get-users/snippets/m-get-users.test.yml
@@ -0,0 +1,24 @@
+name: security#mGetUsers
+description: mget users
+hooks:
+  before: |
+    for i in 1 2 3; do
+      curl -H "Content-type: application/json" -d '{
+      "content": {
+        "profileIds": ["default"],
+        "fullname": "user'${i}'"
+      },
+      "credentials": {
+        "local": {
+          "username": "user'${i}'",
+          "password": "bar"
+        }
+      }
+    }' kuzzle:7512/users/user${i}/_create
+    done
+  after: |
+    for i in 1 2 3; do
+      curl -XDELETE kuzzle:7512/users/user${i}
+    done
+template: default
+expected: '^    _id: ''user3'',$'
diff --git a/doc/7/controllers/server/get-all-stats/snippets/get-all-stats.test.yml b/doc/7/controllers/server/get-all-stats/snippets/get-all-stats.test.yml
@@ -4,4 +4,4 @@ hooks:
   before:
   after:
 template: default
-expected: ongoingRequests
+expected: ongoingRequests
diff --git a/src/Kuzzle.js b/src/Kuzzle.js
@@ -458,7 +458,7 @@ class Kuzzle extends KuzzleEventEmitter {
 Discarded request: ${JSON.stringify(request)}`));
     }
 
-    return this.protocol.query(request);
+    return this.protocol.query(request, options);
   }
 
   /**

diff --git a/src/controllers/auth.js b/src/controllers/auth.js
@@ -247,7 +247,7 @@ class AuthController extends BaseController {
       action: 'login'
     };
 
-    return this.query(request, {queuable: false})
+    return this.query(request, {queuable: false, verb: 'POST'})
       .then(response => {
         try {
           this._authenticationToken = new Jwt(response.result.jwt);

diff --git a/src/controllers/document.js b/src/controllers/document.js
@@ -136,10 +136,15 @@ class DocumentController extends BaseController {
     const request = {
       index,
       collection,
-      body: {ids},
       action: 'mGet'
     };
 
+    if (options.verb === 'POST') {
+      request.body = {ids};
+    }
+    else {
+      request.ids = ids.join();
+    }
     return this.query(request, options)
       .then(response => response.result);
   }

diff --git a/src/controllers/security/index.js b/src/controllers/security/index.js
@@ -355,6 +355,22 @@ class SecurityController extends BaseController {
       .then(response => response.result.hits.map(hit => new Profile(this.kuzzle, hit._id , hit._source.policies)));
   }
 
+  mGetUsers (ids, options = {}) {
+    const request = {
+      action: 'mGetUsers'
+    };
+
+    if (options.verb === 'POST') {
+      request.body = { ids };
+    }
+    else {
+      request.ids = ids.join();
+    }
+
+    return this.query(request, options)
+      .then(response => response.result.hits.map(hit => new User(this.kuzzle, hit._id, hit._source)));
+  }
+
   mGetRoles (ids, options = {}) {
     return this.query({
       action: 'mGetRoles',

diff --git a/src/protocols/abstract/common.js b/src/protocols/abstract/common.js
@@ -81,7 +81,7 @@ class AbstractWrapper extends KuzzleEventEmitter {
     this.clear();
   }
 
-  query (request) {
+  query (request, options) {
     if (!this.isReady()) {
       this.emit('discarded', request);
       return Promise.reject(new Error(`Unable to execute request: not connected to a Kuzzle server.
@@ -109,7 +109,7 @@ Discarded request: ${JSON.stringify(request)}`));
       pending.resolve(response);
     });
 
-    this.send(request);
+    this.send(request, options);
 
     return pending.promise;
   }

diff --git a/src/protocols/http.js b/src/protocols/http.js
@@ -135,7 +135,7 @@ class HttpWrapper extends KuzzleAbstractProtocol {
    * @param {Object} data
    * @returns {Promise<any>}
    */
-  send (data) {
+  send (data, options = {}) {
     const
       payload = {
         action: undefined,
@@ -183,7 +183,7 @@ class HttpWrapper extends KuzzleAbstractProtocol {
     }
 
     const
-      method = route.verb,
+      method = options.verb || route.verb,
       regex = /\/:([^/]*)/;
 
     let
@@ -331,7 +331,7 @@ class HttpWrapper extends KuzzleAbstractProtocol {
 function getCorrectRoute (routes) {
   let
     shortestRoute = routes[0],
-    postRoute,
+    getRoute,
     minLength = routes[0].url.length,
     sameLength = true;
 
@@ -345,19 +345,15 @@ function getCorrectRoute (routes) {
       minLength = route.url.length;
     }
 
-    if (route.verb === 'POST') {
-      postRoute = route;
+    if (route.verb === 'GET') {
+      getRoute = route;
     }
   }
 
-  if (sameLength) {
-    // with same URL size, we keep the POST route
-    return postRoute;
-  }
-
+  // with same URL size, we keep the GET route
   // with differents URL sizes, we keep the shortest because URL params
   // will be in the query string
-  return shortestRoute;
+  return sameLength ? getRoute : shortestRoute;
 }
 
 module.exports = HttpWrapper;
diff --git a/test/controllers/auth.test.js b/test/controllers/auth.test.js
@@ -302,7 +302,7 @@ describe('Auth Controller', () => {
               strategy: 'strategy',
               expiresIn: 'expiresIn',
               body: credentials
-            }, {queuable: false});
+            }, {queuable: false, verb: 'POST'});
 
           should(res).be.equal(jwt);
         });

diff --git a/test/controllers/document.test.js b/test/controllers/document.test.js
@@ -249,16 +249,16 @@ describe('Document Controller', () => {
   });
 
   describe('mGet', () => {
-    it('should call document/mGet query and return a Promise which resolves the list of documents', () => {
-      const result = {
-        hits: [
-          {_id: 'document1', _version: 1, _source: {foo: 'bar'}},
-          {_id: 'document2', _version: 3, _source: {foo: 'baz'}}
-        ],
-        total: 2
-      };
+    const result = {
+      hits: [
+        { _id: 'document1', _version: 1, _source: { foo: 'bar' } },
+        { _id: 'document2', _version: 3, _source: { foo: 'baz' } }
+      ],
+      total: 2
+    };
+    it('should call document/mGet POST query and return a Promise which resolves the list of documents', () => {
       kuzzle.query.resolves({result});
-
+      options.verb = 'POST';
       return kuzzle.document.mGet('index', 'collection', ['document1', 'document2'], options)
         .then(res => {
           should(kuzzle.query)
@@ -274,6 +274,24 @@ describe('Document Controller', () => {
           should(res).be.equal(result);
         });
     });
+    it('should call document/mGet GET query and return a Promise which resolves the list of documents', () => {
+      kuzzle.query.resolves({ result });
+      options.verb = undefined;
+      return kuzzle.document.mGet('index', 'collection', ['document1', 'document2'], options)
+        .then(res => {
+          should(kuzzle.query)
+            .be.calledOnce()
+            .be.calledWith({
+              controller: 'document',
+              action: 'mGet',
+              index: 'index',
+              collection: 'collection',
+              ids: 'document1,document2'
+            }, options);
+
+          should(res).be.equal(result);
+        });
+    });
   });
 
   describe('mReplace', () => {

diff --git a/test/protocol/http.test.js b/test/protocol/http.test.js
@@ -709,6 +709,12 @@ describe('HTTP networking module', () => {
               { verb: 'POST', url: '/:index/:collection/:_id/_create' }
             ]
           },
+          mGet: {
+            http: [
+              { verb: 'GET', url: '/:index/:collection/_mGet' },
+              { verb: 'POST', url: '/:index/:collection/_mGet' }
+            ]
+          },
           subscribe: {},
           list: {
             http: [ { verb: 'GET', url: '/:index/_list' } ]
@@ -722,9 +728,14 @@ describe('HTTP networking module', () => {
       should(routes.foo.list.url).be.eql('/:index/_list');
       should(routes.foo.list.verb).be.eql('GET');
 
-      // with same URL size, we keep the POST route
+      // with same URL size, we keep the GET route
       should(routes.foo.login.url).be.eql('/_login/:strategy');
-      should(routes.foo.login.verb).be.eql('POST');
+      should(routes.foo.login.verb).be.eql('GET');
+
+      // with same URL size, we keep the GET route
+      should(routes.foo.mGet.url).be.eql('/:index/:collection/_mGet');
+      should(routes.foo.mGet.verb).be.eql('GET');
+
 
       // with differents URL sizes, we keep the shortest because URL params
       // will be in the query string
-Original file line number
+Diff line change
@@ Expand Up / @@ -458,7 +458,7 @@ class Kuzzle extends KuzzleEventEmitter { @@
     Discarded request: ${JSON.stringify(request)}`));
         }
-        return this.protocol.query(request);
+        return this.protocol.query(request, options);
       }
       /**
@@ Expand Down @@