Add unique email verification on user update

packages/strapi-plugin-users-permissions/controllers/User.js

@@ -39,7 +39,7 @@ module.exports = {
     if (!user) {
       return ctx.badRequest(null, [{ messages: [{ id: 'No authorization header was found' }] }]);
     }
-    
+
     const data = _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']);
 
     // Send 200 `ok`
@@ -98,6 +98,16 @@ module.exports = {
         delete ctx.request.body.role;
       }
 
+      if (ctx.request.body.email && strapi.plugins['users-permissions'].config.advanced.unique_email) {
+        const user = await strapi.query('user', 'users-permissions').findOne({
+          email: ctx.request.body.email
+        });
+
+        if (user.id !== ctx.params.id) {
+          return ctx.badRequest(null, ctx.request.admin ? [{ messages: [{ id: 'Auth.form.error.email.taken' }] }] : 'Email is already taken.');
+        }
+      }
+
       const data = await strapi.plugins['users-permissions'].services.user.edit(ctx.params, ctx.request.body) ;
 
       // Send 200 `ok`