Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
ddf7e6ae
Commit
ddf7e6ae
authored
Feb 15, 2017
by
Robin Bobbitt
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Implement search by extern_uid in Users API
parent
22c40500
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
59 additions
and
8 deletions
+59
-8
app/models/identity.rb
app/models/identity.rb
+2
-0
changelogs/unreleased/query-users-by-extern-uid.yml
changelogs/unreleased/query-users-by-extern-uid.yml
+4
-0
doc/api/users.md
doc/api/users.md
+12
-0
lib/api/users.rb
lib/api/users.rb
+14
-8
spec/requests/api/users_spec.rb
spec/requests/api/users_spec.rb
+27
-0
No files found.
app/models/identity.rb
View file @
ddf7e6ae
...
...
@@ -7,6 +7,8 @@ class Identity < ActiveRecord::Base
validates
:extern_uid
,
allow_blank:
true
,
uniqueness:
{
scope: :provider
}
validates
:user_id
,
uniqueness:
{
scope: :provider
}
scope
:with_extern_uid
,
->
(
provider
,
extern_uid
)
{
where
(
extern_uid:
extern_uid
,
provider:
provider
)
}
def
ldap?
provider
.
starts_with?
(
'ldap'
)
end
...
...
changelogs/unreleased/query-users-by-extern-uid.yml
0 → 100644
View file @
ddf7e6ae
---
title
:
Implement search by extern_uid in Users API
merge_request
:
10509
author
:
Robin Bobbitt
doc/api/users.md
View file @
ddf7e6ae
...
...
@@ -130,6 +130,18 @@ For example:
GET /users?username=jack_smith
```
You can also lookup users by external UID and provider:
```
GET /users?extern_uid=:extern_uid&provider=:provider
```
For example:
```
GET /users?extern_uid=1234567&provider=github
```
You can search for users who are external with:
`/users?external=true`
## Single user
...
...
lib/api/users.rb
View file @
ddf7e6ae
...
...
@@ -39,10 +39,13 @@ module API
params
do
# CE
optional
:username
,
type:
String
,
desc:
'Get a single user with a specific username'
optional
:extern_uid
,
type:
String
,
desc:
'Get a single user with a specific external authentication provider UID'
optional
:provider
,
type:
String
,
desc:
'The external provider'
optional
:search
,
type:
String
,
desc:
'Search for a username'
optional
:active
,
type:
Boolean
,
default:
false
,
desc:
'Filters only active users'
optional
:external
,
type:
Boolean
,
default:
false
,
desc:
'Filters only external users'
optional
:blocked
,
type:
Boolean
,
default:
false
,
desc:
'Filters only blocked users'
all_or_none_of
:extern_uid
,
:provider
use
:pagination
end
...
...
@@ -51,14 +54,17 @@ module API
render_api_error!
(
"Not authorized."
,
403
)
end
if
params
[
:username
].
present?
users
=
User
.
where
(
username:
params
[
:username
])
else
authenticated_as_admin!
if
params
[
:external
].
present?
||
(
params
[
:extern_uid
].
present?
&&
params
[
:provider
].
present?
)
users
=
User
.
all
users
=
User
.
where
(
username:
params
[
:username
])
if
params
[
:username
]
users
=
users
.
active
if
params
[
:active
]
users
=
users
.
search
(
params
[
:search
])
if
params
[
:search
].
present?
users
=
users
.
blocked
if
params
[
:blocked
]
users
=
users
.
external
if
params
[
:external
]
&&
current_user
.
admin?
if
current_user
.
admin?
users
=
users
.
joins
(
:identities
).
merge
(
Identity
.
with_extern_uid
(
params
[
:provider
],
params
[
:extern_uid
]))
if
params
[
:extern_uid
]
&&
params
[
:provider
]
users
=
users
.
external
if
params
[
:external
]
end
entity
=
current_user
.
admin?
?
Entities
::
UserPublic
:
Entities
::
UserBasic
...
...
spec/requests/api/users_spec.rb
View file @
ddf7e6ae
...
...
@@ -72,6 +72,12 @@ describe API::Users, api: true do
expect
(
json_response
).
to
be_an
Array
expect
(
json_response
.
first
[
'username'
]).
to
eq
(
omniauth_user
.
username
)
end
it
"returns a 403 when non-admin user searches by external UID"
do
get
api
(
"/users?extern_uid=
#{
omniauth_user
.
identities
.
first
.
extern_uid
}
&provider=
#{
omniauth_user
.
identities
.
first
.
provider
}
"
,
user
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
"when admin"
do
...
...
@@ -100,6 +106,27 @@ describe API::Users, api: true do
expect
(
json_response
).
to
be_an
Array
expect
(
json_response
).
to
all
(
include
(
'external'
=>
true
))
end
it
"returns one user by external UID"
do
get
api
(
"/users?extern_uid=
#{
omniauth_user
.
identities
.
first
.
extern_uid
}
&provider=
#{
omniauth_user
.
identities
.
first
.
provider
}
"
,
admin
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
json_response
).
to
be_an
Array
expect
(
json_response
.
size
).
to
eq
(
1
)
expect
(
json_response
.
first
[
'username'
]).
to
eq
(
omniauth_user
.
username
)
end
it
"returns 400 error if provider with no extern_uid"
do
get
api
(
"/users?extern_uid=
#{
omniauth_user
.
identities
.
first
.
extern_uid
}
"
,
admin
)
expect
(
response
).
to
have_http_status
(
400
)
end
it
"returns 400 error if provider with no extern_uid"
do
get
api
(
"/users?provider=
#{
omniauth_user
.
identities
.
first
.
provider
}
"
,
admin
)
expect
(
response
).
to
have_http_status
(
400
)
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment