gitlabhq/lib/api/users.rb

module Gitlab
  # Users API
  class Users < Grape::API
    before { authenticate! }

    resource :users do
      # Get a users list
      #
      # Example Request:
      #  GET /users
      get do
        @users = paginate User
        present @users, with: Entities::User
      end

      # Get a single user
      #
      # Parameters:
      #   id (required) - The ID of a user
      # Example Request:
      #   GET /users/:id
      get ":id" do
        @user = User.find(params[:id])
        present @user, with: Entities::User
      end

      # Create user. Available only for admin
      #
      # Parameters:
      #   email (required)                  - Email
      #   password (required)               - Password
      #   name                              - Name
      #   skype                             - Skype ID
      #   linkedin                          - Linkedin
      #   twitter                           - Twitter account
      #   projects_limit                    - Number of projects user can create
      #   extern_uid                        - External authentication provider UID
      #   provider                          - External provider
      #   bio                               - Bio
      # Example Request:
      #   POST /users
      post do
        authenticated_as_admin!

        bad_request!(:email)    if !params.has_key? :email
        bad_request!(:password) if !params.has_key? :password
        bad_request!(:name)     if !params.has_key? :name
        bad_request!(:username) if !params.has_key? :username

        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
        user = User.new attrs, as: :admin
        if user.save
          present user, with: Entities::User
        else
          not_found!
        end
      end

      # Update user. Available only for admin
      #
      # Parameters:
      #   email                             - Email
      #   name                              - Name
      #   password                          - Password
      #   skype                             - Skype ID
      #   linkedin                          - Linkedin
      #   twitter                           - Twitter account
      #   projects_limit                    - Limit projects wich user can create
      #   extern_uid                        - External authentication provider UID
      #   provider                          - External provider
      #   bio                               - Bio
      # Example Request:
      #   PUT /users/:id
      put ":id" do
        authenticated_as_admin!

        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
        user = User.find(params[:id])
        not_found!("User not found") unless user

        if user.update_attributes(attrs)
          present user, with: Entities::User
        else
          not_found!
        end
      end

      # Delete user. Available only for admin
      #
      # Example Request:
      #   DELETE /users/:id
      delete ":id" do
        authenticated_as_admin!
        user = User.find_by_id(params[:id])

        if user
          user.destroy
        else
          not_found!
        end
      end
    end

    resource :user do
      # Get currently authenticated user
      #
      # Example Request:
      #   GET /user
      get do
        present @current_user, with: Entities::User
      end

      # Get currently authenticated user's keys
      #
      # Example Request:
      #   GET /user/keys
      get "keys" do
        present current_user.keys, with: Entities::SSHKey
      end

      # Get single key owned by currently authenticated user
      #
      # Example Request:
      #   GET /user/keys/:id
      get "keys/:id" do
        key = current_user.keys.find params[:id]
        present key, with: Entities::SSHKey
      end

      # Add new ssh key to currently authenticated user
      #
      # Parameters:
      #   key (required) - New SSH Key
      #   title (required) - New SSH Key's title
      # Example Request:
      #   POST /user/keys
      post "keys" do
        bad_request!(:title) unless params[:title].present?
        bad_request!(:key) unless params[:key].present?

        attrs = attributes_for_keys [:title, :key]
        key = current_user.keys.new attrs
        if key.save
          present key, with: Entities::SSHKey
        else
          not_found!
        end
      end

      # Delete existing ssh key of currently authenticated user
      #
      # Parameters:
      #   id (required) - SSH Key ID
      # Example Request:
      #   DELETE /user/keys/:id
      delete "keys/:id" do
        begin
          key = current_user.keys.find params[:id]
          key.delete
        rescue
        end
      end
    end
  end
end
refactor API and improve docs 2012-06-29 12:46:01 +02:00			`module Gitlab`
			`# Users API`
			`class Users < Grape::API`
			`before { authenticate! }`

			`resource :users do`
			`# Get a users list`
			`#`
			`# Example Request:`
			`# GET /users`
			`get do`
add pagination to API 2012-09-03 13:46:29 +02:00			`@users = paginate User`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`present @users, with: Entities::User`
refactor API and improve docs 2012-06-29 12:46:01 +02:00			`end`

			`# Get a single user`
			`#`
			`# Parameters:`
			`# id (required) - The ID of a user`
			`# Example Request:`
			`# GET /users/:id`
			`get ":id" do`
			`@user = User.find(params[:id])`
Fully embrace Ruby 1.9 hash syntax Didn't bother with files in db/, config/, or features/ 2012-08-11 00:07:50 +02:00			`present @user, with: Entities::User`
refactor API and improve docs 2012-06-29 12:46:01 +02:00			`end`
fix mass-assignment error in user create API 2012-10-19 12:23:10 +02:00
#1585 Api for user creation: base implementation 2012-10-02 11:46:01 +02:00			`# Create user. Available only for admin`
			`#`
			`# Parameters:`
			`# email (required) - Email`
			`# password (required) - Password`
name and password_confirmation not required to create a user via API 2012-10-19 12:34:18 +02:00			`# name - Name`
#1585 Api for user creation: base implementation 2012-10-02 11:46:01 +02:00			`# skype - Skype ID`
fix TYPO 2012-10-02 15:34:20 +02:00			`# linkedin - Linkedin`
#1585 Api for user creation: base implementation 2012-10-02 11:46:01 +02:00			`# twitter - Twitter account`
name and password_confirmation not required to create a user via API 2012-10-19 12:34:18 +02:00			`# projects_limit - Number of projects user can create`
Extended users API to support updating and deleting users. Also added tests. 2012-12-18 20:24:31 +01:00			`# extern_uid - External authentication provider UID`
			`# provider - External provider`
			`# bio - Bio`
#1585 Api for user creation: base implementation 2012-10-02 11:46:01 +02:00			`# Example Request:`
			`# POST /users`
			`post do`
			`authenticated_as_admin!`
API: fixes return codes, documentation updated with status codes, tests added The users API updated with return codes, e.g. if required parameters are missing a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions, e.g. deletion of a ssh key is an idempotent function now. The API documentation is updated to reflect the current status of the API. Descriptions are more detailed and complete, infos to return values are added to all functions. 2013-02-20 12:10:51 +01:00
			`bad_request!(:email) if !params.has_key? :email`
			`bad_request!(:password) if !params.has_key? :password`
			`bad_request!(:name) if !params.has_key? :name`
			`bad_request!(:username) if !params.has_key? :username`

Extended users API to support updating and deleting users. Also added tests. 2012-12-18 20:24:31 +01:00			`attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]`
fix mass-assignment error in user create API 2012-10-19 12:23:10 +02:00			`user = User.new attrs, as: :admin`
#1585 Api for user creation: base implementation 2012-10-02 11:46:01 +02:00			`if user.save`
			`present user, with: Entities::User`
			`else`
			`not_found!`
			`end`
			`end`
Extended users API to support updating and deleting users. Also added tests. 2012-12-18 20:24:31 +01:00
			`# Update user. Available only for admin`
			`#`
			`# Parameters:`
			`# email - Email`
			`# name - Name`
			`# password - Password`
			`# skype - Skype ID`
			`# linkedin - Linkedin`
			`# twitter - Twitter account`
			`# projects_limit - Limit projects wich user can create`
			`# extern_uid - External authentication provider UID`
			`# provider - External provider`
			`# bio - Bio`
			`# Example Request:`
			`# PUT /users/:id`
			`put ":id" do`
			`authenticated_as_admin!`
API: fixes return codes, documentation updated with status codes, tests added The users API updated with return codes, e.g. if required parameters are missing a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions, e.g. deletion of a ssh key is an idempotent function now. The API documentation is updated to reflect the current status of the API. Descriptions are more detailed and complete, infos to return values are added to all functions. 2013-02-20 12:10:51 +01:00
Extended users API to support updating and deleting users. Also added tests. 2012-12-18 20:24:31 +01:00			`attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]`
API: fixes return codes, documentation updated with status codes, tests added The users API updated with return codes, e.g. if required parameters are missing a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions, e.g. deletion of a ssh key is an idempotent function now. The API documentation is updated to reflect the current status of the API. Descriptions are more detailed and complete, infos to return values are added to all functions. 2013-02-20 12:10:51 +01:00			`user = User.find(params[:id])`
			`not_found!("User not found") unless user`
Extended users API to support updating and deleting users. Also added tests. 2012-12-18 20:24:31 +01:00
API: fixes return codes, documentation updated with status codes, tests added The users API updated with return codes, e.g. if required parameters are missing a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions, e.g. deletion of a ssh key is an idempotent function now. The API documentation is updated to reflect the current status of the API. Descriptions are more detailed and complete, infos to return values are added to all functions. 2013-02-20 12:10:51 +01:00			`if user.update_attributes(attrs)`
Extended users API to support updating and deleting users. Also added tests. 2012-12-18 20:24:31 +01:00			`present user, with: Entities::User`
			`else`
			`not_found!`
			`end`
			`end`

			`# Delete user. Available only for admin`
			`#`
			`# Example Request:`
			`# DELETE /users/:id`
			`delete ":id" do`
			`authenticated_as_admin!`
			`user = User.find_by_id(params[:id])`

			`if user`
			`user.destroy`
			`else`
			`not_found!`
			`end`
			`end`
refactor API and improve docs 2012-06-29 12:46:01 +02:00			`end`

API: SSH keys belong to user entity 2012-09-21 13:49:28 +02:00			`resource :user do`
			`# Get currently authenticated user`
			`#`
			`# Example Request:`
			`# GET /user`
			`get do`
			`present @current_user, with: Entities::User`
			`end`

			`# Get currently authenticated user's keys`
			`#`
			`# Example Request:`
			`# GET /user/keys`
			`get "keys" do`
			`present current_user.keys, with: Entities::SSHKey`
			`end`

			`# Get single key owned by currently authenticated user`
			`#`
			`# Example Request:`
			`# GET /user/keys/:id`
			`get "keys/:id" do`
			`key = current_user.keys.find params[:id]`
			`present key, with: Entities::SSHKey`
			`end`

			`# Add new ssh key to currently authenticated user`
			`#`
			`# Parameters:`
			`# key (required) - New SSH Key`
			`# title (required) - New SSH Key's title`
			`# Example Request:`
			`# POST /user/keys`
			`post "keys" do`
API: fixes return codes, documentation updated with status codes, tests added The users API updated with return codes, e.g. if required parameters are missing a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions, e.g. deletion of a ssh key is an idempotent function now. The API documentation is updated to reflect the current status of the API. Descriptions are more detailed and complete, infos to return values are added to all functions. 2013-02-20 12:10:51 +01:00			`bad_request!(:title) unless params[:title].present?`
			`bad_request!(:key) unless params[:key].present?`

API: SSH keys belong to user entity 2012-09-21 13:49:28 +02:00			`attrs = attributes_for_keys [:title, :key]`
			`key = current_user.keys.new attrs`
			`if key.save`
			`present key, with: Entities::SSHKey`
			`else`
			`not_found!`
			`end`
			`end`

API: fixes return codes, documentation updated with status codes, tests added The users API updated with return codes, e.g. if required parameters are missing a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions, e.g. deletion of a ssh key is an idempotent function now. The API documentation is updated to reflect the current status of the API. Descriptions are more detailed and complete, infos to return values are added to all functions. 2013-02-20 12:10:51 +01:00			`# Delete existing ssh key of currently authenticated user`
API: SSH keys belong to user entity 2012-09-21 13:49:28 +02:00			`#`
			`# Parameters:`
			`# id (required) - SSH Key ID`
			`# Example Request:`
			`# DELETE /user/keys/:id`
			`delete "keys/:id" do`
API: fixes return codes, documentation updated with status codes, tests added The users API updated with return codes, e.g. if required parameters are missing a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions, e.g. deletion of a ssh key is an idempotent function now. The API documentation is updated to reflect the current status of the API. Descriptions are more detailed and complete, infos to return values are added to all functions. 2013-02-20 12:10:51 +01:00			`begin`
			`key = current_user.keys.find params[:id]`
			`key.delete`
			`rescue`
			`end`
API: SSH keys belong to user entity 2012-09-21 13:49:28 +02:00			`end`
refactor API and improve docs 2012-06-29 12:46:01 +02:00			`end`
			`end`
			`end`