Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
4cb3c0b4
Commit
4cb3c0b4
authored
Oct 27, 2016
by
Robert Schilling
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Grapify the users API
parent
36fa5d66
Changes
3
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
321 additions
and
307 deletions
+321
-307
doc/api/users.md
doc/api/users.md
+22
-22
lib/api/users.rb
lib/api/users.rb
+250
-258
spec/requests/api/users_spec.rb
spec/requests/api/users_spec.rb
+49
-27
No files found.
doc/api/users.md
View file @
4cb3c0b4
...
@@ -369,24 +369,24 @@ Parameters:
...
@@ -369,24 +369,24 @@ Parameters:
Get a list of a specified user's SSH keys. Available only for admin
Get a list of a specified user's SSH keys. Available only for admin
```
```
GET /users/:
u
id/keys
GET /users/:id/keys
```
```
Parameters:
Parameters:
-
`
u
id`
(required) - id of specified user
-
`id`
(required) - id of specified user
## Single SSH key
## Single SSH key
Get a single key.
Get a single key.
```
```
GET /user/keys/:id
GET /user/keys/:
key_
id
```
```
Parameters:
Parameters:
-
`id`
(required) - The ID of an SSH key
-
`
key_
id`
(required) - The ID of an SSH key
```
json
```
json
{
{
...
@@ -458,25 +458,25 @@ This is an idempotent function and calling it on a key that is already deleted
...
@@ -458,25 +458,25 @@ This is an idempotent function and calling it on a key that is already deleted
or not available results in
`200 OK`
.
or not available results in
`200 OK`
.
```
```
DELETE /user/keys/:id
DELETE /user/keys/:
key_
id
```
```
Parameters:
Parameters:
-
`id`
(required) - SSH key ID
-
`
key_
id`
(required) - SSH key ID
## Delete SSH key for given user
## Delete SSH key for given user
Deletes key owned by a specified user. Available only for admin.
Deletes key owned by a specified user. Available only for admin.
```
```
DELETE /users/:
uid/keys/:
id
DELETE /users/:
id/keys/:key_
id
```
```
Parameters:
Parameters:
-
`
u
id`
(required) - id of specified user
-
`id`
(required) - id of specified user
-
`id`
(required) - SSH key ID
-
`
key_
id`
(required) - SSH key ID
Will return
`200 OK`
on success, or
`404 Not found`
if either user or key cannot be found.
Will return
`200 OK`
on success, or
`404 Not found`
if either user or key cannot be found.
...
@@ -510,24 +510,24 @@ Parameters:
...
@@ -510,24 +510,24 @@ Parameters:
Get a list of a specified user's emails. Available only for admin
Get a list of a specified user's emails. Available only for admin
```
```
GET /users/:
u
id/emails
GET /users/:id/emails
```
```
Parameters:
Parameters:
-
`
u
id`
(required) - id of specified user
-
`id`
(required) - id of specified user
## Single email
## Single email
Get a single email.
Get a single email.
```
```
GET /user/emails/:id
GET /user/emails/:
email_
id
```
```
Parameters:
Parameters:
-
`id`
(required) - email ID
-
`
email_
id`
(required) - email ID
```
json
```
json
{
{
...
@@ -590,25 +590,25 @@ This is an idempotent function and calling it on a email that is already deleted
...
@@ -590,25 +590,25 @@ This is an idempotent function and calling it on a email that is already deleted
or not available results in
`200 OK`
.
or not available results in
`200 OK`
.
```
```
DELETE /user/emails/:id
DELETE /user/emails/:
email_
id
```
```
Parameters:
Parameters:
-
`id`
(required) - email ID
-
`
email_
id`
(required) - email ID
## Delete email for given user
## Delete email for given user
Deletes email owned by a specified user. Available only for admin.
Deletes email owned by a specified user. Available only for admin.
```
```
DELETE /users/:
uid/emails/:
id
DELETE /users/:
id/emails/:email_
id
```
```
Parameters:
Parameters:
-
`
u
id`
(required) - id of specified user
-
`id`
(required) - id of specified user
-
`id`
(required) - email ID
-
`
email_
id`
(required) - email ID
Will return
`200 OK`
on success, or
`404 Not found`
if either user or email cannot be found.
Will return
`200 OK`
on success, or
`404 Not found`
if either user or email cannot be found.
...
@@ -617,12 +617,12 @@ Will return `200 OK` on success, or `404 Not found` if either user or email cann
...
@@ -617,12 +617,12 @@ Will return `200 OK` on success, or `404 Not found` if either user or email cann
Blocks the specified user. Available only for admin.
Blocks the specified user. Available only for admin.
```
```
PUT /users/:
u
id/block
PUT /users/:id/block
```
```
Parameters:
Parameters:
-
`
u
id`
(required) - id of specified user
-
`id`
(required) - id of specified user
Will return
`200 OK`
on success,
`404 User Not Found`
is user cannot be found or
Will return
`200 OK`
on success,
`404 User Not Found`
is user cannot be found or
`403 Forbidden`
when trying to block an already blocked user by LDAP synchronization.
`403 Forbidden`
when trying to block an already blocked user by LDAP synchronization.
...
@@ -632,12 +632,12 @@ Will return `200 OK` on success, `404 User Not Found` is user cannot be found or
...
@@ -632,12 +632,12 @@ Will return `200 OK` on success, `404 User Not Found` is user cannot be found or
Unblocks the specified user. Available only for admin.
Unblocks the specified user. Available only for admin.
```
```
PUT /users/:
u
id/unblock
PUT /users/:id/unblock
```
```
Parameters:
Parameters:
-
`
u
id`
(required) - id of specified user
-
`id`
(required) - id of specified user
Will return
`200 OK`
on success,
`404 User Not Found`
is user cannot be found or
Will return
`200 OK`
on success,
`404 User Not Found`
is user cannot be found or
`403 Forbidden`
when trying to unblock a user blocked by LDAP synchronization.
`403 Forbidden`
when trying to unblock a user blocked by LDAP synchronization.
...
...
lib/api/users.rb
View file @
4cb3c0b4
This diff is collapsed.
Click to expand it.
spec/requests/api/users_spec.rb
View file @
4cb3c0b4
...
@@ -108,7 +108,7 @@ describe API::API, api: true do
...
@@ -108,7 +108,7 @@ describe API::API, api: true do
it
"returns a 404 error if user id not found"
do
it
"returns a 404 error if user id not found"
do
get
api
(
"/users/9999"
,
user
)
get
api
(
"/users/9999"
,
user
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Not f
ound'
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
User Not F
ound'
)
end
end
it
"returns a 404 for invalid ID"
do
it
"returns a 404 for invalid ID"
do
...
@@ -359,7 +359,7 @@ describe API::API, api: true do
...
@@ -359,7 +359,7 @@ describe API::API, api: true do
it
"returns 404 for non-existing user"
do
it
"returns 404 for non-existing user"
do
put
api
(
"/users/999999"
,
admin
),
{
bio:
'update should fail'
}
put
api
(
"/users/999999"
,
admin
),
{
bio:
'update should fail'
}
expect
(
response
).
to
have_http_status
(
404
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Not f
ound'
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
User Not F
ound'
)
end
end
it
"returns a 404 if invalid ID"
do
it
"returns a 404 if invalid ID"
do
...
@@ -387,6 +387,18 @@ describe API::API, api: true do
...
@@ -387,6 +387,18 @@ describe API::API, api: true do
to
eq
([
Gitlab
::
Regex
.
namespace_regex_message
])
to
eq
([
Gitlab
::
Regex
.
namespace_regex_message
])
end
end
it
'returns 400 if provider is missing for identity update'
do
put
api
(
"/users/
#{
omniauth_user
.
id
}
"
,
admin
),
extern_uid:
'654321'
expect
(
response
).
to
have_http_status
(
400
)
end
it
'returns 400 if external UID is missing for identity update'
do
put
api
(
"/users/
#{
omniauth_user
.
id
}
"
,
admin
),
provider:
'ldap'
expect
(
response
).
to
have_http_status
(
400
)
end
context
"with existing user"
do
context
"with existing user"
do
before
do
before
do
post
api
(
"/users"
,
admin
),
{
email:
'test@example.com'
,
password:
'password'
,
username:
'test'
,
name:
'test'
}
post
api
(
"/users"
,
admin
),
{
email:
'test@example.com'
,
password:
'password'
,
username:
'test'
,
name:
'test'
}
...
@@ -414,14 +426,16 @@ describe API::API, api: true do
...
@@ -414,14 +426,16 @@ describe API::API, api: true do
it
"does not create invalid ssh key"
do
it
"does not create invalid ssh key"
do
post
api
(
"/users/
#{
user
.
id
}
/keys"
,
admin
),
{
title:
"invalid key"
}
post
api
(
"/users/
#{
user
.
id
}
/keys"
,
admin
),
{
title:
"invalid key"
}
expect
(
response
).
to
have_http_status
(
400
)
expect
(
response
).
to
have_http_status
(
400
)
expect
(
json_response
[
'
message'
]).
to
eq
(
'400 (Bad request) "key" not given
'
)
expect
(
json_response
[
'
error'
]).
to
eq
(
'key is missing
'
)
end
end
it
'does not create key without title'
do
it
'does not create key without title'
do
post
api
(
"/users/
#{
user
.
id
}
/keys"
,
admin
),
key:
'some key'
post
api
(
"/users/
#{
user
.
id
}
/keys"
,
admin
),
key:
'some key'
expect
(
response
).
to
have_http_status
(
400
)
expect
(
response
).
to
have_http_status
(
400
)
expect
(
json_response
[
'
message'
]).
to
eq
(
'400 (Bad request) "title" not given
'
)
expect
(
json_response
[
'
error'
]).
to
eq
(
'title is missing
'
)
end
end
it
"creates ssh key"
do
it
"creates ssh key"
do
...
@@ -437,7 +451,7 @@ describe API::API, api: true do
...
@@ -437,7 +451,7 @@ describe API::API, api: true do
end
end
end
end
describe
'GET /user/:
u
id/keys'
do
describe
'GET /user/:id/keys'
do
before
{
admin
}
before
{
admin
}
context
'when unauthenticated'
do
context
'when unauthenticated'
do
...
@@ -465,7 +479,7 @@ describe API::API, api: true do
...
@@ -465,7 +479,7 @@ describe API::API, api: true do
end
end
end
end
describe
'DELETE /user/:
uid/keys/:
id'
do
describe
'DELETE /user/:
id/keys/:key_
id'
do
before
{
admin
}
before
{
admin
}
context
'when unauthenticated'
do
context
'when unauthenticated'
do
...
@@ -506,8 +520,9 @@ describe API::API, api: true do
...
@@ -506,8 +520,9 @@ describe API::API, api: true do
it
"does not create invalid email"
do
it
"does not create invalid email"
do
post
api
(
"/users/
#{
user
.
id
}
/emails"
,
admin
),
{}
post
api
(
"/users/
#{
user
.
id
}
/emails"
,
admin
),
{}
expect
(
response
).
to
have_http_status
(
400
)
expect
(
response
).
to
have_http_status
(
400
)
expect
(
json_response
[
'
message'
]).
to
eq
(
'400 (Bad request) "email" not given
'
)
expect
(
json_response
[
'
error'
]).
to
eq
(
'email is missing
'
)
end
end
it
"creates email"
do
it
"creates email"
do
...
@@ -524,7 +539,7 @@ describe API::API, api: true do
...
@@ -524,7 +539,7 @@ describe API::API, api: true do
end
end
end
end
describe
'GET /user/:
u
id/emails'
do
describe
'GET /user/:id/emails'
do
before
{
admin
}
before
{
admin
}
context
'when unauthenticated'
do
context
'when unauthenticated'
do
...
@@ -558,7 +573,7 @@ describe API::API, api: true do
...
@@ -558,7 +573,7 @@ describe API::API, api: true do
end
end
end
end
describe
'DELETE /user/:
uid/emails/:
id'
do
describe
'DELETE /user/:
id/emails/:email_
id'
do
before
{
admin
}
before
{
admin
}
context
'when unauthenticated'
do
context
'when unauthenticated'
do
...
@@ -673,7 +688,7 @@ describe API::API, api: true do
...
@@ -673,7 +688,7 @@ describe API::API, api: true do
end
end
end
end
describe
"GET /user/keys/:id"
do
describe
"GET /user/keys/:
key_
id"
do
it
"returns single key"
do
it
"returns single key"
do
user
.
keys
<<
key
user
.
keys
<<
key
user
.
save
user
.
save
...
@@ -686,7 +701,7 @@ describe API::API, api: true do
...
@@ -686,7 +701,7 @@ describe API::API, api: true do
get
api
(
"/user/keys/42"
,
user
)
get
api
(
"/user/keys/42"
,
user
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Not f
ound'
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Key Not F
ound'
)
end
end
it
"returns 404 error if admin accesses user's ssh key"
do
it
"returns 404 error if admin accesses user's ssh key"
do
...
@@ -695,7 +710,7 @@ describe API::API, api: true do
...
@@ -695,7 +710,7 @@ describe API::API, api: true do
admin
admin
get
api
(
"/user/keys/
#{
key
.
id
}
"
,
admin
)
get
api
(
"/user/keys/
#{
key
.
id
}
"
,
admin
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Not f
ound'
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Key Not F
ound'
)
end
end
it
"returns 404 for invalid ID"
do
it
"returns 404 for invalid ID"
do
...
@@ -721,14 +736,16 @@ describe API::API, api: true do
...
@@ -721,14 +736,16 @@ describe API::API, api: true do
it
"does not create ssh key without key"
do
it
"does not create ssh key without key"
do
post
api
(
"/user/keys"
,
user
),
title:
'title'
post
api
(
"/user/keys"
,
user
),
title:
'title'
expect
(
response
).
to
have_http_status
(
400
)
expect
(
response
).
to
have_http_status
(
400
)
expect
(
json_response
[
'
message'
]).
to
eq
(
'400 (Bad request) "key" not given
'
)
expect
(
json_response
[
'
error'
]).
to
eq
(
'key is missing
'
)
end
end
it
'does not create ssh key without title'
do
it
'does not create ssh key without title'
do
post
api
(
'/user/keys'
,
user
),
key:
'some key'
post
api
(
'/user/keys'
,
user
),
key:
'some key'
expect
(
response
).
to
have_http_status
(
400
)
expect
(
response
).
to
have_http_status
(
400
)
expect
(
json_response
[
'
message'
]).
to
eq
(
'400 (Bad request) "title" not given
'
)
expect
(
json_response
[
'
error'
]).
to
eq
(
'title is missing
'
)
end
end
it
"does not create ssh key without title"
do
it
"does not create ssh key without title"
do
...
@@ -737,7 +754,7 @@ describe API::API, api: true do
...
@@ -737,7 +754,7 @@ describe API::API, api: true do
end
end
end
end
describe
"DELETE /user/keys/:id"
do
describe
"DELETE /user/keys/:
key_
id"
do
it
"deletes existed key"
do
it
"deletes existed key"
do
user
.
keys
<<
key
user
.
keys
<<
key
user
.
save
user
.
save
...
@@ -747,9 +764,11 @@ describe API::API, api: true do
...
@@ -747,9 +764,11 @@ describe API::API, api: true do
expect
(
response
).
to
have_http_status
(
200
)
expect
(
response
).
to
have_http_status
(
200
)
end
end
it
"returns
success
if key ID not found"
do
it
"returns
404
if key ID not found"
do
delete
api
(
"/user/keys/42"
,
user
)
delete
api
(
"/user/keys/42"
,
user
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Key Not Found'
)
end
end
it
"returns 401 error if unauthorized"
do
it
"returns 401 error if unauthorized"
do
...
@@ -786,7 +805,7 @@ describe API::API, api: true do
...
@@ -786,7 +805,7 @@ describe API::API, api: true do
end
end
end
end
describe
"GET /user/emails/:id"
do
describe
"GET /user/emails/:
email_
id"
do
it
"returns single email"
do
it
"returns single email"
do
user
.
emails
<<
email
user
.
emails
<<
email
user
.
save
user
.
save
...
@@ -798,7 +817,7 @@ describe API::API, api: true do
...
@@ -798,7 +817,7 @@ describe API::API, api: true do
it
"returns 404 Not Found within invalid ID"
do
it
"returns 404 Not Found within invalid ID"
do
get
api
(
"/user/emails/42"
,
user
)
get
api
(
"/user/emails/42"
,
user
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Not f
ound'
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Email Not F
ound'
)
end
end
it
"returns 404 error if admin accesses user's email"
do
it
"returns 404 error if admin accesses user's email"
do
...
@@ -807,7 +826,7 @@ describe API::API, api: true do
...
@@ -807,7 +826,7 @@ describe API::API, api: true do
admin
admin
get
api
(
"/user/emails/
#{
email
.
id
}
"
,
admin
)
get
api
(
"/user/emails/
#{
email
.
id
}
"
,
admin
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Not f
ound'
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404
Email Not F
ound'
)
end
end
it
"returns 404 for invalid ID"
do
it
"returns 404 for invalid ID"
do
...
@@ -833,12 +852,13 @@ describe API::API, api: true do
...
@@ -833,12 +852,13 @@ describe API::API, api: true do
it
"does not create email with invalid email"
do
it
"does not create email with invalid email"
do
post
api
(
"/user/emails"
,
user
),
{}
post
api
(
"/user/emails"
,
user
),
{}
expect
(
response
).
to
have_http_status
(
400
)
expect
(
response
).
to
have_http_status
(
400
)
expect
(
json_response
[
'
message'
]).
to
eq
(
'400 (Bad request) "email" not given
'
)
expect
(
json_response
[
'
error'
]).
to
eq
(
'email is missing
'
)
end
end
end
end
describe
"DELETE /user/emails/:id"
do
describe
"DELETE /user/emails/:
email_
id"
do
it
"deletes existed email"
do
it
"deletes existed email"
do
user
.
emails
<<
email
user
.
emails
<<
email
user
.
save
user
.
save
...
@@ -848,9 +868,11 @@ describe API::API, api: true do
...
@@ -848,9 +868,11 @@ describe API::API, api: true do
expect
(
response
).
to
have_http_status
(
200
)
expect
(
response
).
to
have_http_status
(
200
)
end
end
it
"returns
success
if email ID not found"
do
it
"returns
404
if email ID not found"
do
delete
api
(
"/user/emails/42"
,
user
)
delete
api
(
"/user/emails/42"
,
user
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Email Not Found'
)
end
end
it
"returns 401 error if unauthorized"
do
it
"returns 401 error if unauthorized"
do
...
@@ -860,10 +882,10 @@ describe API::API, api: true do
...
@@ -860,10 +882,10 @@ describe API::API, api: true do
expect
(
response
).
to
have_http_status
(
401
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
it
"returns
a 404
for invalid ID"
do
it
"returns
400
for invalid ID"
do
delete
api
(
"/user
s
/emails/ASDF"
,
admin
)
delete
api
(
"/user/emails/ASDF"
,
admin
)
expect
(
response
).
to
have_http_status
(
40
4
)
expect
(
response
).
to
have_http_status
(
40
0
)
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment