Add /api/v1/profile and /api/v1/profile/:accountId

Add documentation for same.

docs/API-Profiles.md

@@ -0,0 +1,74 @@
+# MetaverseAPI - Account Profiles
+
+## Profiles
+
+"Profiles" is information about accounts that describes the personality
+and personal information about the account.
+Profiles can be fetched without logging into a metaverse-server account
+thus only accounts that are marked "availability=all" are returned
+as profiles.
+
+## GET /api/v1/profiles
+
+Get a list of account profiles.
+The requestor does not need to be logged in thus only accounts that
+have "availability" set to "all" are returned.
+
+- per_page: maximum number of entries to return
+- page: the group of "per_page" to return. For instance, if there are 100 users and `per_page=10` and `page=2`, the request will return entries 11 thru 20.
+- status: status of user. A comma separated list of "online"
+- asAdmin=true: if logged in account is administrator, list all accounts. Value is optional.
+
+```
+    {
+        "status": "success",
+        "data": {
+            "profiles": [
+                {
+                    "accountId": "uniqueAccountId",
+                    "username: "username",
+                    "images": {
+                        "hero": stringUrlToImage,
+                        "thumbnail": stringUrlToImage,
+                        "tiny": stringUrlToImage
+                    },
+                    "location": {
+                        "connected": false,             // whether currently active
+                        "path": "/X,Y,Z/X,Y,Z,W",
+                        "placeid": stringIdOfPlace,
+                        "domainid": stringIdOfDomain,
+                        "availability": stringWhoCanSee // one of "all", "none", "connections", "friends"
+                    },
+                    "profile_detail": {},               // account detail information
+                    "friends": [ "friendName", "friendName", ... ],
+                    "connections": [ "connectionName", "connectionName", ...],
+                    "when_account_created": "YYYY-MM-DDTHH:MM:SS.MMMZ",
+                    "time_of_last_heartbeat": "YYYY-MM-DDTHH:MM:SS.MMMZ"
+                },
+                ...
+            ]
+        }
+    }
+```
+
+## GET /api/v1/profile/{accountId}
+
+Get the information for one account profile.
+
+The passed "accountId" can be either the accountId (exact string as returned by
+`/api/v1/profiles` or other requests) or the account's username (URI encoded string).
+
+The information returned is the same as in the "/api/v1/profiles" but just
+for one account so the information is for "account" and is not enclosed
+in an array.
+
+```
+    {
+        "status": "success",
+        "data": {
+            "profile": {
+                INFORMATION AS DESCRIBED ABOVE
+            }
+        }
+    }
+```

docs/API.md

@@ -26,6 +26,7 @@ Documentation referenced below is available for the
 [Places](./API-Places.md),
 [Tokens](./API-Tokens.md),
 [User](./API-Users.md),
+[Profiles](./API-Profiles.md),
 and
 [Monitoring](./API-Monitoring.md),
 categories.
@@ -78,6 +79,8 @@ The API requests to the metaverse-server are:
 | POST   | /api/v1/users                   | [doc](./API-Users.md#post-apiv1users) create account |
 | GET    | /api/v1/users/:username/location  | [doc](./API-Users.md#) fetch a particular user's location |
 | GET    | /api/v1/users/:username/public_key | [doc](./API-Users.md#) fetch a particular user's public_key |
+| GET    | /api/v1/profiles                | [doc](./API-Profiles.md#) fetch account profiles |
+| GET    | /api/v1/profile/:accountId      | [doc](./API-Profiles.md#get-apiv1profileaccountId) fetch specific account profile |
 | POST   | /api/v1/user_activities         | update the user activitiy state |
 | GET    | /api/v1/user_stories            | fetch stories |
 | POST   | /oauth/token                    | [doc](./API-Tokens.md#post-oauthtoken) OAUTH2 login |

src/routes/api/v1/profile/accountId.ts

@@ -0,0 +1,57 @@
+//   Copyright 2020 Vircadia Contributors
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+
+'use strict'
+
+import { Router, RequestHandler, Request, Response, NextFunction } from 'express';
+import { setupMetaverseAPI, finishMetaverseAPI } from '@Route-Tools/middleware';
+import { accountFromAuthToken, accountFromParams } from '@Route-Tools/middleware';
+
+import { Perm } from '@Route-Tools/Perm';
+import { checkAccessToEntity } from '@Route-Tools/Permissions';
+import { buildAccountProfile } from '@Route-Tools/Util';
+
+import { Accounts } from '@Entities/Accounts';
+
+import { VKeyedCollection } from '@Tools/vTypes';
+import { Logger } from '@Tools/Logging';
+
+// metaverseServerApp.use(express.urlencoded({ extended: false }));
+
+const procGetProfileAccountId: RequestHandler = async (req: Request, resp: Response, next: NextFunction) => {
+  if (req.vAccount) {
+    if (checkAccessToEntity(req.vAuthToken, req.vAccount, [ Perm.PUBLIC, Perm.OWNER, Perm.ADMIN ])) {
+      req.vRestResp.Data = {
+        account: await buildAccountProfile(req, req.vAccount)
+      };
+    }
+    else {
+      req.vRestResp.respondFailure('Unauthorized');
+    };
+  }
+  else {
+    req.vRestResp.respondFailure('No such account');
+  };
+
+  next();
+};
+
+export const name = '/api/v1/profile/:accountId';
+
+export const router = Router();
+
+router.get(  '/api/v1/profile/:accountId',        [ setupMetaverseAPI,  // req.vRestResp
+                                                    accountFromParams,  // req.vAccount
+                                                    procGetProfileAccountId,
+                                                    finishMetaverseAPI ] );

src/routes/api/v1/profiles.ts

@@ -0,0 +1,60 @@
+//   Copyright 2020 Vircadia Contributors
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+
+'use strict'
+
+import { Router, RequestHandler, Request, Response, NextFunction } from 'express';
+import { setupMetaverseAPI, finishMetaverseAPI } from '@Route-Tools/middleware';
+import { buildAccountProfile } from '@Route-Tools/Util';
+
+import { Accounts } from '@Entities/Accounts';
+
+import { Availability } from '@Entities/Sets/Availability';
+
+import { PaginationInfo } from '@Entities/EntityFilters/PaginationInfo';
+
+import { Logger } from '@Tools/Logging';
+import { GenericFilter } from '@Entities/EntityFilters/GenericFilter';
+
+// Return account information
+// The accounts returned depend on the scope (whether admin) and the search criteria (infoer)
+const procGetProfiles: RequestHandler = async (req: Request, resp: Response, next: NextFunction) => {
+  const pager = new PaginationInfo();
+  // Can only see accounts that have unspecified availability or "all"
+  const scoper = new GenericFilter( { "$or": [ { "availability": { "$exists": false }},
+                                               { "availability": Availability.ALL },
+                                             ] } );
+  pager.parametersFromRequest(req);
+
+  // Loop through all the filtered accounts and create array of info
+  const accts: any[] = [];
+  for await (const acct of Accounts.enumerateAsync(scoper, pager)) {
+    accts.push(await buildAccountProfile(req, acct));
+  };
+
+  req.vRestResp.Data = {
+    profiles: accts
+  };
+  pager.addResponseFields(req);
+
+  next();
+};
+
+export const name = '/api/v1/profiles';
+
+export const router = Router();
+
+router.get(   '/api/v1/profiles',                 [ setupMetaverseAPI,      // req.vRestResp
+                                                    procGetProfiles,
+                                                    finishMetaverseAPI ] );