Skip to content
Snippets Groups Projects
Commit e954438a authored by Boyan Tabakov's avatar Boyan Tabakov
Browse files

Extended users API to support updating and deleting users. 

Also added tests.
parent f4a6f1fd
No related branches found
No related tags found
3 merge requests!2940Expanding repos and hooks paths in settings,!2770Capistrano deploy,!2306Extended users API to support updating and deleting users.
Hide whitespace changes
Inline Side-by-side
doc/api/users.md
+ 43
0
View file @ e954438a
@@ -20,6 +20,8 @@ GET /users
"linkedin": "",
"twitter": "",
"dark_scheme": false,
"extern_uid": "john.smith",
"provider": "provider_name",
"theme_id": 1
},
{
@@ -34,6 +36,8 @@ GET /users
"linkedin": "",
"twitter": "",
"dark_scheme": true,
"extern_uid": "jack.smith",
"provider": "provider_name",
"theme_id": 1
}
]
@@ -64,6 +68,8 @@ Parameters:
"linkedin": "",
"twitter": "",
"dark_scheme": false,
"extern_uid": "john.smith",
"provider": "provider_name",
"theme_id": 1
}
```
@@ -84,10 +90,47 @@ Parameters:
+ `linkedin` - Linkedin
+ `twitter` - Twitter account
+ `projects_limit` - Number of projects user can create
+ `extern_uid` - External UID
+ `provider` - External provider name
+ `bio` - User's bio
 
Will return created user with status `201 Created` on success, or `404 Not
found` on fail.
 
## User modification
Modify user. Available only for admin
```
PUT /users/:id
```
Parameters:
+ `email` - Email
+ `username` - Username
+ `name` - Name
+ `password` - Password
+ `skype` - Skype ID
+ `linkedin` - Linkedin
+ `twitter` - Twitter account
+ `projects_limit` - Limit projects wich user can create
+ `extern_uid` - External UID
+ `provider` - External provider name
+ `bio` - User's bio
Will return created user with status `200 OK` on success, or `404 Not
found` on fail.
## User deletion
Delete user. Available only for admin
```
DELETE /users/:id
```
Will return deleted user with status `200 OK` on success, or `404 Not
found` on fail.
## Current user
 
Get currently authenticated user.
lib/api/entities.rb
+ 1
1
View file @ e954438a
@@ -2,7 +2,7 @@ module Gitlab
module Entities
class User < Grape::Entity
expose :id, :username, :email, :name, :bio, :skype, :linkedin, :twitter,
:dark_scheme, :theme_id, :blocked, :created_at
:dark_scheme, :theme_id, :blocked, :created_at, :extern_uid, :provider
end
 
class UserBasic < Grape::Entity
lib/api/users.rb
+ 46
1
View file @ e954438a
@@ -34,11 +34,14 @@ module Gitlab
# linkedin - Linkedin
# twitter - Twitter account
# projects_limit - Number of projects user can create
# extern_uid - External authentication provider UID
# provider - External provider
# bio - Bio
# Example Request:
# POST /users
post do
authenticated_as_admin!
attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username]
attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
user = User.new attrs, as: :admin
if user.save
present user, with: Entities::User
@@ -46,6 +49,48 @@ module Gitlab
not_found!
end
end
# Update user. Available only for admin
#
# Parameters:
# email - Email
# name - Name
# password - Password
# skype - Skype ID
# linkedin - Linkedin
# twitter - Twitter account
# projects_limit - Limit projects wich user can create
# extern_uid - External authentication provider UID
# provider - External provider
# bio - Bio
# Example Request:
# PUT /users/:id
put ":id" do
authenticated_as_admin!
attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
user = User.find_by_id(params[:id])
if user && user.update_attributes(attrs)
present user, with: Entities::User
else
not_found!
end
end
# Delete user. Available only for admin
#
# Example Request:
# DELETE /users/:id
delete ":id" do
authenticated_as_admin!
user = User.find_by_id(params[:id])
if user
user.destroy
else
not_found!
end
end
end
 
resource :user do
spec/requests/api/users_spec.rb
+ 48
0
View file @ e954438a
@@ -53,6 +53,54 @@ describe Gitlab::API do
end
end
 
describe "PUT /users/:id" do
before { admin }
it "should update user" do
put api("/users/#{user.id}", admin), {bio: 'new test bio'}
response.status.should == 200
json_response['bio'].should == 'new test bio'
user.reload.bio.should == 'new test bio'
end
it "should not allow invalid update" do
put api("/users/#{user.id}", admin), {email: 'invalid email'}
response.status.should == 404
user.reload.email.should_not == 'invalid email'
end
it "shouldn't available for non admin users" do
put api("/users/#{user.id}", user), attributes_for(:user)
response.status.should == 403
end
it "should return 404 for non-existing user" do
put api("/users/999999", admin), {bio: 'update should fail'}
response.status.should == 404
end
end
describe "DELETE /users/:id" do
before { admin }
it "should delete user" do
delete api("/users/#{user.id}", admin)
response.status.should == 200
expect { User.find(user.id) }.to raise_error ActiveRecord::RecordNotFound
json_response['email'].should == user.email
end
it "shouldn't available for non admin users" do
delete api("/users/#{user.id}", user)
response.status.should == 403
end
it "should return 404 for non-existing user" do
delete api("/users/999999", admin)
response.status.should == 404
end
end
describe "GET /user" do
it "should return current user" do
get api("/user", user)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment