Added helper for testing if the current user matches the params

Updated users.getPresence and users.setAvatar REST APIs to use current user param helper

packages/rocketchat-api/package.js

@@ -19,6 +19,7 @@ Package.onUse(function(api) {
 	//Register v1 helpers
 	api.addFiles('server/v1/helpers/getPaginationItems.js', 'server');
 	api.addFiles('server/v1/helpers/getUserFromParams.js', 'server');
+	api.addFiles('server/v1/helpers/isUserFromParams.js', 'server');
 	api.addFiles('server/v1/helpers/parseJsonQuery.js', 'server');
 	api.addFiles('server/v1/helpers/getLoggedInUser.js', 'server');
 

packages/rocketchat-api/server/v1/helpers/getUserFromParams.js

-//Convience method, almost need to turn it into a middleware of sorts
+//Convenience method, almost need to turn it into a middleware of sorts
 RocketChat.API.v1.helperMethods.set('getUserFromParams', function _getUserFromParams() {
 	const doesntExist = { _doesntExist: true };
 	let user;

packages/rocketchat-api/server/v1/helpers/isUserFromParams.js

+RocketChat.API.v1.helperMethods.set('isUserFromParams', function _isUserFromParams() {
+	return (this.queryParams.userId && this.userId === this.queryParams.userId) ||
+		(this.queryParams.username && this.user.username === this.queryParams.username) ||
+		(this.queryParams.user && this.user.username === this.queryParams.user);
+});

packages/rocketchat-api/server/v1/users.js

@@ -67,20 +67,19 @@ RocketChat.API.v1.addRoute('users.getAvatar', { authRequired: false }, {
 
 RocketChat.API.v1.addRoute('users.getPresence', { authRequired: true }, {
 	get() {
-		//BLAHHHHHHHHHH :'(
-		if ((this.queryParams.userId && this.userId !== this.queryParams.userId) || (this.queryParams.username && this.user.username !== this.queryParams.username) || (this.queryParams.user && this.user.username !== this.queryParams.user)) {
-			const user = this.getUserFromParams();
-
+		if (this.isUserFromParams()) {
+			const user = RocketChat.models.Users.findOneById(this.userId);
 			return RocketChat.API.v1.success({
-				presence: user.status
+				presence: user.status,
+				connectionStatus: user.statusConnection,
+				lastLogin: user.lastLogin
 			});
 		}
 
-		const user = RocketChat.models.Users.findOneById(this.userId);
+		const user = this.getUserFromParams();
+
 		return RocketChat.API.v1.success({
-			presence: user.status,
-			connectionStatus: user.statusConnection,
-			lastLogin: user.lastLogin
+			presence: user.status
 		});
 	}
 });
@@ -185,17 +184,19 @@ RocketChat.API.v1.addRoute('users.resetAvatar', { authRequired: true }, {
 	}
 });
 
-//TODO: Make this route work with support for usernames
 RocketChat.API.v1.addRoute('users.setAvatar', { authRequired: true }, {
 	post() {
 		check(this.bodyParams, { avatarUrl: Match.Maybe(String), userId: Match.Maybe(String) });
 
-		if (typeof this.bodyParams.userId !== 'undefined' && this.userId !== this.bodyParams.userId && !RocketChat.authz.hasPermission(this.userId, 'edit-other-user-info')) {
+		let user;
+		if (this.isUserFromParams()) {
+			user = Meteor.users.findOne(this.userId);
+		} else if (RocketChat.authz.hasPermission(this.userId, 'edit-other-user-info')) {
+			user = this.getUserFromParams();
+		} else {
 			return RocketChat.API.v1.unauthorized();
 		}
 
-		const user = Meteor.users.findOne(this.bodyParams.userId ? this.bodyParams.userId : this.userId);
-
 		if (this.bodyParams.avatarUrl) {
 			RocketChat.setUserAvatar(user, this.bodyParams.avatarUrl, '', 'url');
 		} else {