Merge branch 'add-2fa-status-to-admin-api' into 'master'

Add 2FA status to user admin API

This MR adds the `two_factor_enabled` field to the admin's API to indicate whether a given user has enabled 2FA.

See merge request !881

CHANGELOG

@@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date.
 
 v 7.13.0 (unreleased)
   - Fix Merge Request webhook to properly fire "merge" action when accepted from the web UI
+  - Add `two_factor_enabled` field to admin user API (Stan Hu)
   - Fix invalid timestamps in RSS feeds (Rowan Wookey)
   - Fix error when deleting a user who has projects (Stan Hu)
   - Fix downloading of patches on public merge requests when user logged out (Stan Hu)

doc/api/users.md

@@ -58,7 +58,8 @@ GET /users
     "is_admin": false,
     "avatar_url": "http://localhost:3000/uploads/user/avatar/1/cd8.jpeg",
     "can_create_group": true,
-    "current_sign_in_at": "2014-03-19T13:12:15Z"
+    "current_sign_in_at": "2014-03-19T13:12:15Z",
+    "two_factor_enabled": true
   },
   {
     "id": 2,
@@ -81,7 +82,8 @@ GET /users
     "can_create_group": true,
     "can_create_project": true,
     "projects_limit": 100,
-    "current_sign_in_at": "2014-03-19T17:54:13Z"
+    "current_sign_in_at": "2014-03-19T17:54:13Z",
+    "two_factor_enabled": false
   }
 ]
 ```

lib/api/entities.rb

@@ -24,6 +24,7 @@ module API
       expose :identities, using: Entities::Identity
       expose :can_create_group?, as: :can_create_group
       expose :can_create_project?, as: :can_create_project
+      expose :two_factor_enabled
     end
 
     class UserLogin < UserFull

spec/requests/api/users_spec.rb

@@ -35,6 +35,7 @@ describe API::API, api: true  do
         expect(json_response.first.keys).to include 'email'
         expect(json_response.first.keys).to include 'identities'
         expect(json_response.first.keys).to include 'can_create_project'
+        expect(json_response.first.keys).to include 'two_factor_enabled'
       end
     end
   end