Merge pull request #3 from tracim/feature/612_get_known_user

backend/tracim_backend/exceptions.py

@@ -203,3 +203,7 @@ class PageOfPreviewNotFound(NotFound):
 
 class PreviewDimNotAllowed(TracimException):
     pass
+
+
+class TooShortAutocompleteString(TracimException):
+    pass

backend/tracim_backend/lib/core/user.py

@@ -3,13 +3,17 @@ from smtplib import SMTPException
 
 import transaction
 import typing as typing
+
+from sqlalchemy import or_
 from sqlalchemy.orm import Session
+from sqlalchemy.orm import Query
 from sqlalchemy.orm.exc import NoResultFound
 
 from tracim_backend import CFG
 from tracim_backend.models.auth import User
 from tracim_backend.models.auth import Group
 from tracim_backend.exceptions import NoUserSetted
+from tracim_backend.exceptions import TooShortAutocompleteString
 from tracim_backend.exceptions import PasswordDoNotMatch
 from tracim_backend.exceptions import EmailValidationFailed
 from tracim_backend.exceptions import UserDoesNotExist
@@ -20,6 +24,7 @@ from tracim_backend.exceptions import UserNotActive
 from tracim_backend.models.context_models import UserInContext
 from tracim_backend.lib.mail_notifier.notifier import get_email_manager
 from tracim_backend.models.context_models import TypeUser
+from tracim_backend.models.data import UserRoleInWorkspace
 
 
 class UserApi(object):
@@ -94,8 +99,41 @@ class UserApi(object):
             raise UserDoesNotExist('There is no current user')
         return self._user
 
+    def _get_all_query(self) -> Query:
+        return self._session.query(User).order_by(User.display_name)
+
     def get_all(self) -> typing.Iterable[User]:
-        return self._session.query(User).order_by(User.display_name).all()
+        return self._get_all_query().all()
+
+    def get_known_user(
+            self,
+            acp: str,
+    ) -> typing.Iterable[User]:
+        """
+        Return list of know user by current UserApi user.
+        :param acp: autocomplete filter by name/email
+        :return: List of found users
+        """
+        if len(acp) < 2:
+            raise TooShortAutocompleteString(
+                '"{acp}" is a too short string, acp string need to have more than one character'.format(acp=acp)  # nopep8
+            )
+        query = self._get_all_query()
+        query = query.filter(or_(User.display_name.ilike('%{}%'.format(acp)), User.email.ilike('%{}%'.format(acp))))  # nopep8
+
+        # INFO - G.M - 2018-07-27 - if user is set and is simple user, we
+        # should show only user in same workspace as user
+        if self._user and self._user.profile.id <= Group.TIM_USER:
+            user_workspaces_id_query = self._session.\
+                query(UserRoleInWorkspace.workspace_id).\
+                distinct(UserRoleInWorkspace.workspace_id).\
+                filter(UserRoleInWorkspace.user_id == self._user.user_id)
+            users_in_workspaces = self._session.\
+                query(UserRoleInWorkspace.user_id).\
+                distinct(UserRoleInWorkspace.user_id).\
+                filter(UserRoleInWorkspace.workspace_id.in_(user_workspaces_id_query.subquery())).subquery()  # nopep8
+            query = query.filter(User.user_id.in_(users_in_workspaces))
+        return query.all()
 
     def find(
             self,
@@ -196,7 +234,7 @@ class UserApi(object):
         )
         if do_save:
             # TODO - G.M - 2018-07-24 - Check why commit is needed here
-            transaction.commit()
+            self.save(user)
         return user
 
     def set_email(

backend/tracim_backend/models/context_models.py

@@ -186,6 +186,14 @@ class CommentPath(object):
         self.comment_id = comment_id
 
 
+class AutocompleteQuery(object):
+    """
+    Autocomplete query model
+    """
+    def __init__(self, acp: str):
+        self.acp = acp
+
+
 class PageQuery(object):
     """
     Page query model

backend/tracim_backend/tests/functional/test_user.py

@@ -2646,6 +2646,390 @@ class TestUserEndpoint(FunctionalTest):
         )
 
 
+class TestUsersEndpoint(FunctionalTest):
+    # -*- coding: utf-8 -*-
+    """
+    Tests for GET /api/v2/users/{user_id}
+    """
+    fixtures = [BaseFixture]
+
+    def test_api__get_user__ok_200__admin(self):
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        uapi.save(test_user)
+        transaction.commit()
+        user_id = int(test_user.user_id)
+
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        res = self.testapp.get(
+            '/api/v2/users',
+            status=200
+        )
+        res = res.json_body
+        assert len(res) == 2
+        assert res[0]['user_id'] == admin.user_id
+        assert res[0]['public_name'] == admin.display_name
+        assert res[0]['avatar_url'] is None
+
+        assert res[1]['user_id'] == test_user.user_id
+        assert res[1]['public_name'] == test_user.display_name
+        assert res[1]['avatar_url'] is None
+
+    def test_api__get_user__err_403__normal_user(self):
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        uapi.save(test_user)
+        transaction.commit()
+        user_id = int(test_user.user_id)
+
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'test@test.test',
+                'pass'
+            )
+        )
+        self.testapp.get(
+            '/api/v2/users',
+            status=403
+        )
+
+
+class TestKnownMembersEndpoint(FunctionalTest):
+    # -*- coding: utf-8 -*-
+    """
+    Tests for GET /api/v2/users/{user_id}
+    """
+    fixtures = [BaseFixture]
+
+    def test_api__get_user__ok_200__admin__by_name(self):
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        test_user2 = uapi.create_user(
+            email='test2@test2.test2',
+            password='pass',
+            name='bob2',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        uapi.save(test_user)
+        uapi.save(test_user2)
+        transaction.commit()
+        user_id = int(admin.user_id)
+
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'acp': 'bob',
+        }
+        res = self.testapp.get(
+            '/api/v2/users/{user_id}/known_members'.format(user_id=user_id),
+            status=200,
+            params=params,
+        )
+        res = res.json_body
+        assert len(res) == 2
+        assert res[0]['user_id'] == test_user.user_id
+        assert res[0]['public_name'] == test_user.display_name
+        assert res[0]['avatar_url'] is None
+
+        assert res[1]['user_id'] == test_user2.user_id
+        assert res[1]['public_name'] == test_user2.display_name
+        assert res[1]['avatar_url'] is None
+
+    def test_api__get_user__ok_200__admin__by_email(self):
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        test_user2 = uapi.create_user(
+            email='test2@test2.test2',
+            password='pass',
+            name='bob2',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        uapi.save(test_user)
+        uapi.save(test_user2)
+        transaction.commit()
+        user_id = int(admin.user_id)
+
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'acp': 'test',
+        }
+        res = self.testapp.get(
+            '/api/v2/users/{user_id}/known_members'.format(user_id=user_id),
+            status=200,
+            params=params,
+        )
+        res = res.json_body
+        assert len(res) == 2
+        assert res[0]['user_id'] == test_user.user_id
+        assert res[0]['public_name'] == test_user.display_name
+        assert res[0]['avatar_url'] is None
+
+        assert res[1]['user_id'] == test_user2.user_id
+        assert res[1]['public_name'] == test_user2.display_name
+        assert res[1]['avatar_url'] is None
+
+    def test_api__get_user__err_403__admin__too_small_acp(self):
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        test_user2 = uapi.create_user(
+            email='test2@test2.test2',
+            password='pass',
+            name='bob2',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        uapi.save(test_user)
+        transaction.commit()
+        user_id = int(admin.user_id)
+
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'admin@admin.admin',
+                'admin@admin.admin'
+            )
+        )
+        params = {
+            'acp': 't',
+        }
+        res = self.testapp.get(
+            '/api/v2/users/{user_id}/known_members'.format(user_id=user_id),
+            status=400,
+            params=params
+        )
+
+    def test_api__get_user__ok_200__normal_user_by_email(self):
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        admin = dbsession.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        gapi = GroupApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        groups = [gapi.get_one_with_name('users')]
+        test_user = uapi.create_user(
+            email='test@test.test',
+            password='pass',
+            name='bob',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        test_user2 = uapi.create_user(
+            email='test2@test2.test2',
+            password='pass',
+            name='bob2',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        test_user3 = uapi.create_user(
+            email='test3@test3.test3',
+            password='pass',
+            name='bob3',
+            groups=groups,
+            timezone='Europe/Paris',
+            do_save=True,
+            do_notify=False,
+        )
+        uapi.save(test_user)
+        uapi.save(test_user2)
+        uapi.save(test_user3)
+        workspace_api = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config
+
+        )
+        workspace = WorkspaceApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        ).create_workspace(
+            'test workspace',
+            save_now=True
+        )
+        role_api = RoleApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
+        role_api.create_one(test_user, workspace, UserRoleInWorkspace.READER, False)
+        role_api.create_one(test_user2, workspace, UserRoleInWorkspace.READER, False)
+        transaction.commit()
+        user_id = int(test_user.user_id)
+
+        self.testapp.authorization = (
+            'Basic',
+            (
+                'test@test.test',
+                'pass'
+            )
+        )
+        params = {
+            'acp': 'test',
+        }
+        res = self.testapp.get(
+            '/api/v2/users/{user_id}/known_members'.format(user_id=user_id),
+            status=200,
+            params=params
+        )
+        res = res.json_body
+        assert len(res) == 2
+        assert res[0]['user_id'] == test_user.user_id
+        assert res[0]['public_name'] == test_user.display_name
+        assert res[0]['avatar_url'] is None
+
+        assert res[1]['user_id'] == test_user2.user_id
+        assert res[1]['public_name'] == test_user2.display_name
+        assert res[1]['avatar_url'] is None
+
+
 class TestSetEmailEndpoint(FunctionalTest):
     # -*- coding: utf-8 -*-
     """
@@ -3025,6 +3409,12 @@ class TestSetPasswordEndpoint(FunctionalTest):
             status=204,
         )
         # Check After
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
         user = uapi.get_one(user_id)
         assert not user.validate_password('pass')
         assert user.validate_password('mynewpassword')
@@ -3080,6 +3470,12 @@ class TestSetPasswordEndpoint(FunctionalTest):
             params=params,
             status=403,
         )
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
         # Check After
         user = uapi.get_one(user_id)
         assert user.validate_password('pass')
@@ -3138,6 +3534,12 @@ class TestSetPasswordEndpoint(FunctionalTest):
             status=400,
         )
         # Check After
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
         user = uapi.get_one(user_id)
         assert user.validate_password('pass')
         assert not user.validate_password('mynewpassword')
@@ -3195,6 +3597,12 @@ class TestSetPasswordEndpoint(FunctionalTest):
             status=204,
         )
         # Check After
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
+        uapi = UserApi(
+            current_user=admin,
+            session=dbsession,
+            config=self.app_config,
+        )
         user = uapi.get_one(user_id)
         assert not user.validate_password('pass')
         assert user.validate_password('mynewpassword')

backend/tracim_backend/tests/library/test_user_api.py

@@ -1,14 +1,19 @@
 # -*- coding: utf-8 -*-
 import pytest
 import transaction
+from tracim_backend import models
 
 from tracim_backend.exceptions import AuthenticationFailed
+from tracim_backend.exceptions import TooShortAutocompleteString
 from tracim_backend.exceptions import UserDoesNotExist
 from tracim_backend.exceptions import UserNotActive
 from tracim_backend.lib.core.group import GroupApi
 from tracim_backend.lib.core.user import UserApi
+from tracim_backend.lib.core.userworkspace import RoleApi
+from tracim_backend.lib.core.workspace import WorkspaceApi
 from tracim_backend.models import User
 from tracim_backend.models.context_models import UserInContext
+from tracim_backend.models.data import UserRoleInWorkspace
 from tracim_backend.tests import DefaultTest
 from tracim_backend.tests import eq_
 
@@ -107,6 +112,184 @@ class TestUserApi(DefaultTest):
         # u1 + Admin user from BaseFixture
         assert 2 == len(users)
 
+    def test_unit__get_known__user__admin__too_short_acp_str(self):
+        api = UserApi(
+            current_user=None,
+            session=self.session,
+            config=self.config,
+        )
+        u1 = api.create_user(
+            email='email@email',
+            name='name',
+            do_notify=False,
+            do_save=True,
+        )
+        with pytest.raises(TooShortAutocompleteString):
+            api.get_known_user('e')
+
+    def test_unit__get_known__user__admin__by_email(self):
+        api = UserApi(
+            current_user=None,
+            session=self.session,
+            config=self.config,
+        )
+        u1 = api.create_user(
+            email='email@email',
+            name='name',
+            do_notify=False,
+            do_save=True,
+        )
+
+        users = api.get_known_user('email')
+        assert len(users) == 1
+        assert users[0] == u1
+
+    def test_unit__get_known__user__user__no_workspace_empty_known_user(self):
+        admin = self.session.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        api = UserApi(
+            current_user=admin,
+            session=self.session,
+            config=self.config,
+        )
+        u1 = api.create_user(
+            email='email@email',
+            name='name',
+            do_notify=False,
+            do_save=True,
+        )
+        api2 = UserApi(
+            current_user=u1,
+            session=self.session,
+            config=self.config,
+        )
+        users = api2.get_known_user('email')
+        assert len(users) == 0
+
+    def test_unit__get_known__user__same_workspaces_users_by_name(self):
+        admin = self.session.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        api = UserApi(
+            current_user=None,
+            session=self.session,
+            config=self.config,
+        )
+        u1 = api.create_user(
+            email='email@email',
+            name='name',
+            do_notify=False,
+            do_save=True,
+        )
+        u2 = api.create_user(
+            email='email2@email2',
+            name='name2',
+            do_notify=False,
+            do_save=True,
+        )
+        u3 = api.create_user(
+            email='notfound@notfound',
+            name='notfound',
+            do_notify=False,
+            do_save=True,
+        )
+        wapi = WorkspaceApi(
+            current_user=admin,
+            session=self.session,
+            config=self.app_config,
+        )
+        workspace = wapi.create_workspace(
+            'test workspace n°1',
+            save_now=True)
+        role_api = RoleApi(
+            current_user=admin,
+            session=self.session,
+            config=self.app_config,
+        )
+        role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False)
+        role_api.create_one(u2, workspace, UserRoleInWorkspace.READER, False)
+        role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False)
+        api2 = UserApi(
+            current_user=u1,
+            session=self.session,
+            config=self.config,
+        )
+        users = api2.get_known_user('name')
+        assert len(users) == 2
+        assert users[0] == u1
+        assert users[1] == u2
+
+    def test_unit__get_known__user__same_workspaces_users_by_email(self):
+        admin = self.session.query(models.User) \
+            .filter(models.User.email == 'admin@admin.admin') \
+            .one()
+        api = UserApi(
+            current_user=None,
+            session=self.session,
+            config=self.config,
+        )
+        u1 = api.create_user(
+            email='email@email',
+            name='name',
+            do_notify=False,
+            do_save=True,
+        )
+        u2 = api.create_user(
+            email='email2@email2',
+            name='name2',
+            do_notify=False,
+            do_save=True,
+        )
+        u3 = api.create_user(
+            email='notfound@notfound',
+            name='notfound',
+            do_notify=False,
+            do_save=True,
+        )
+        wapi = WorkspaceApi(
+            current_user=admin,
+            session=self.session,
+            config=self.app_config,
+        )
+        workspace = wapi.create_workspace(
+            'test workspace n°1',
+            save_now=True)
+        role_api = RoleApi(
+            current_user=admin,
+            session=self.session,
+            config=self.app_config,
+        )
+        role_api.create_one(u1, workspace, UserRoleInWorkspace.READER, False)
+        role_api.create_one(u2, workspace, UserRoleInWorkspace.READER, False)
+        role_api.create_one(u3, workspace, UserRoleInWorkspace.READER, False)
+        api2 = UserApi(
+            current_user=u1,
+            session=self.session,
+            config=self.config,
+        )
+        users = api2.get_known_user('email')
+        assert len(users) == 2
+        assert users[0] == u1
+        assert users[1] == u2
+
+    def test_unit__get_known__user__admin__by_name(self):
+        api = UserApi(
+            current_user=None,
+            session=self.session,
+            config=self.config,
+        )
+        u1 = api.create_user(
+            email='email@email',
+            name='name',
+            do_notify=False,
+            do_save=True,
+        )
+
+        users = api.get_known_user('nam')
+        assert len(users) == 1
+        assert users[0] == u1
+
     def test_unit__get_one__ok__nominal_case(self):
         api = UserApi(
             current_user=None,

backend/tracim_backend/views/core_api/schemas.py

@@ -2,6 +2,7 @@
 import marshmallow
 from marshmallow import post_load
 from marshmallow.validate import OneOf
+from marshmallow.validate import Length
 from marshmallow.validate import Range
 
 from tracim_backend.lib.utils.utils import DATETIME_FORMAT
@@ -11,6 +12,7 @@ from tracim_backend.models.contents import CONTENT_STATUS
 from tracim_backend.models.contents import CONTENT_TYPES
 from tracim_backend.models.contents import open_status
 from tracim_backend.models.context_models import ActiveContentFilter
+from tracim_backend.models.context_models import AutocompleteQuery
 from tracim_backend.models.context_models import ContentIdsQuery
 from tracim_backend.models.context_models import UserWorkspaceAndContentPath
 from tracim_backend.models.context_models import ContentCreation
@@ -292,6 +294,17 @@ class CommentsPathSchema(WorkspaceAndContentIdPathSchema):
         return CommentPath(**data)
 
 
+class AutocompleteQuerySchema(marshmallow.Schema):
+    acp = marshmallow.fields.Str(
+        example='test',
+        description='search text to query',
+        validate=Length(min=2),
+    )
+    @post_load
+    def make_autocomplete(self, data):
+        return AutocompleteQuery(**data)
+
+
 class PageQuerySchema(marshmallow.Schema):
     page = marshmallow.fields.Int(
         example=2,

backend/tracim_backend/views/core_api/user_controller.py

@@ -18,6 +18,8 @@ from tracim_backend.lib.utils.authorization import require_profile
 from tracim_backend.exceptions import WrongUserPassword
 from tracim_backend.exceptions import PasswordDoNotMatch
 from tracim_backend.views.core_api.schemas import UserSchema
+from tracim_backend.views.core_api.schemas import AutocompleteQuerySchema
+from tracim_backend.views.core_api.schemas import UserDigestSchema
 from tracim_backend.views.core_api.schemas import SetEmailSchema
 from tracim_backend.views.core_api.schemas import SetPasswordSchema
 from tracim_backend.views.core_api.schemas import UserInfosSchema
@@ -37,6 +39,7 @@ from tracim_backend.models.contents import CONTENT_TYPES
 SWAGGER_TAG__USER_ENDPOINTS = 'Users'
 
 
+
 class UserController(Controller):
 
     @hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
@@ -77,6 +80,46 @@ class UserController(Controller):
         return uapi.get_user_with_context(request.candidate_user)
 
     @hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
+    @require_profile(Group.TIM_ADMIN)
+    @hapic.output_body(UserDigestSchema(many=True))
+    def users(self, context, request: TracimRequest, hapic_data=None):
+        """
+        Get all users
+        """
+        app_config = request.registry.settings['CFG']
+        uapi = UserApi(
+            current_user=request.current_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        users = uapi.get_all()
+        context_users = [
+            uapi.get_user_with_context(user) for user in users
+        ]
+        return context_users
+
+    @hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
+    @require_same_user_or_profile(Group.TIM_MANAGER)
+    @hapic.input_path(UserIdPathSchema())
+    @hapic.input_query(AutocompleteQuerySchema())
+    @hapic.output_body(UserDigestSchema(many=True))
+    def known_members(self, context, request: TracimRequest, hapic_data=None):
+        """
+        Get known users list
+        """
+        app_config = request.registry.settings['CFG']
+        uapi = UserApi(
+            current_user=request.candidate_user,  # User
+            session=request.dbsession,
+            config=app_config,
+        )
+        users = uapi.get_known_user(acp=hapic_data.query.acp)
+        context_users = [
+            uapi.get_user_with_context(user) for user in users
+        ]
+        return context_users
+
+    @hapic.with_api_doc(tags=[SWAGGER_TAG__USER_ENDPOINTS])
     @hapic.handle_exception(WrongUserPassword, HTTPStatus.FORBIDDEN)
     @require_same_user_or_profile(Group.TIM_ADMIN)
     @hapic.input_body(SetEmailSchema())
@@ -384,6 +427,14 @@ class UserController(Controller):
         configurator.add_route('user', '/users/{user_id}', request_method='GET')  # nopep8
         configurator.add_view(self.user, route_name='user')
 
+        # users lists
+        configurator.add_route('users', '/users', request_method='GET')  # nopep8
+        configurator.add_view(self.users, route_name='users')
+
+        # known members lists
+        configurator.add_route('known_members', '/users/{user_id}/known_members', request_method='GET')  # nopep8
+        configurator.add_view(self.known_members, route_name='known_members')
+
         # set user email
         configurator.add_route('set_user_email', '/users/{user_id}/email', request_method='PUT')  # nopep8
         configurator.add_view(self.set_user_email, route_name='set_user_email')