Implemented the possibility ofa hidden user for playstore tests

server/api/cms/password-reset-diagnostics.get.js

@@ -1,4 +1,4 @@
-import { getUserFromToken, hasRole, readUsers } from '../../utils/auth.js'
+import { getUserFromToken, hasRole, readUsers, isHiddenUser } from '../../utils/auth.js'
 import {
   fingerprintResetEmail,
   normalizeResetEmail,
@@ -59,17 +59,20 @@ export default defineEventHandler(async (event) => {
   const email = normalizeResetEmail(query.email)
   const failedOnly = query.failedOnly !== 'false'
   const users = await readUsers()
+  const visibleUsers = users.filter(user => !isHiddenUser(user))
+  const hiddenEmailFingerprints = new Set(users.filter(isHiddenUser).map(user => fingerprintResetEmail(user.email)).filter(Boolean))
   const logs = await readPasswordResetLogs()
-  const filteredLogs = email
+  const filteredLogs = (email
     ? logs.filter(entry => entry.emailFingerprint === fingerprintResetEmail(email))
-    : logs
+    : logs)
+    .filter(entry => !hiddenEmailFingerprints.has(entry.emailFingerprint))
   const attempts = summarizeAttempts(filteredLogs)
     .filter(attempt => !failedOnly || attempt.failed)
 
   let matchingUsers = []
   if (email) {
     const term = email.toLowerCase()
-    matchingUsers = users
+    matchingUsers = visibleUsers
       .filter(user => {
         const userEmail = normalizeResetEmail(user.email)
         const name = String(user.name || '').toLowerCase()