Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
09a348eb
Commit
09a348eb
authored
Aug 11, 2017
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Include the `is_admin` field in the `GET /users/:id` API when current user is an admin
Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
810c44ae
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
20 additions
and
9 deletions
+20
-9
changelogs/unreleased/36213-return-is_admin-in-users-api-when-current_user-is-admin.yml
...turn-is_admin-in-users-api-when-current_user-is-admin.yml
+6
-0
lib/api/users.rb
lib/api/users.rb
+4
-9
spec/requests/api/users_spec.rb
spec/requests/api/users_spec.rb
+10
-0
No files found.
changelogs/unreleased/36213-return-is_admin-in-users-api-when-current_user-is-admin.yml
0 → 100644
View file @
09a348eb
---
title
:
Include the `is_admin` field in the `GET /users/:id` API when current user
is an admin
merge_request
:
author
:
type
:
fixed
lib/api/users.rb
View file @
09a348eb
...
@@ -79,22 +79,17 @@ module API
...
@@ -79,22 +79,17 @@ module API
end
end
desc
'Get a single user'
do
desc
'Get a single user'
do
success
Entities
::
User
Basic
success
Entities
::
User
end
end
params
do
params
do
requires
:id
,
type:
Integer
,
desc:
'The ID of the user'
requires
:id
,
type:
Integer
,
desc:
'The ID of the user'
end
end
get
":id"
do
get
":id"
do
user
=
User
.
find_by
(
id:
params
[
:id
])
user
=
User
.
find_by
(
id:
params
[
:id
])
not_found!
(
'User'
)
unless
user
not_found!
(
'User'
)
unless
user
&&
can?
(
current_user
,
:read_user
,
user
)
if
current_user
&&
current_user
.
admin?
opts
=
current_user
&
.
admin?
?
{
with:
Entities
::
UserWithAdmin
}
:
{}
present
user
,
with:
Entities
::
UserPublic
present
user
,
opts
elsif
can?
(
current_user
,
:read_user
,
user
)
present
user
,
with:
Entities
::
User
else
render_api_error!
(
"User not found."
,
404
)
end
end
end
desc
'Create a user. Available only for admins.'
do
desc
'Create a user. Available only for admins.'
do
...
...
spec/requests/api/users_spec.rb
View file @
09a348eb
...
@@ -217,9 +217,19 @@ describe API::Users do
...
@@ -217,9 +217,19 @@ describe API::Users do
it
"does not return the user's `is_admin` flag"
do
it
"does not return the user's `is_admin` flag"
do
get
api
(
"/users/
#{
user
.
id
}
"
,
user
)
get
api
(
"/users/
#{
user
.
id
}
"
,
user
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
json_response
[
'is_admin'
]).
to
be_nil
expect
(
json_response
[
'is_admin'
]).
to
be_nil
end
end
context
'when authenticated as admin'
do
it
'includes the `is_admin` field'
do
get
api
(
"/users/
#{
user
.
id
}
"
,
admin
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
json_response
[
'is_admin'
]).
to
be
(
false
)
end
end
context
'for an anonymous user'
do
context
'for an anonymous user'
do
it
"returns a user by id"
do
it
"returns a user by id"
do
get
api
(
"/users/
#{
user
.
id
}
"
)
get
api
(
"/users/
#{
user
.
id
}
"
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment