From 825081174aa70b5cbfe5947ebf268f14702b6211 Mon Sep 17 00:00:00 2001 From: Valeriy Sizov Date: Tue, 2 Oct 2012 12:46:01 +0300 Subject: [PATCH 1/3] #1585 Api for user creation: base implementation --- lib/api/helpers.rb | 4 ++++ lib/api/users.rb | 26 ++++++++++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 14390545..da1d2bd0 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -22,6 +22,10 @@ module Gitlab unauthorized! unless current_user end + def authenticated_as_admin! + forbidden! unless current_user.is_admin? + end + def authorize! action, subject unless abilities.allowed?(current_user, action, subject) forbidden! diff --git a/lib/api/users.rb b/lib/api/users.rb index 0ca8fb2a..8ce7c300 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -23,6 +23,30 @@ module Gitlab @user = User.find(params[:id]) present @user, with: Entities::User end + + # Create user. Available only for admin + # + # Parameters: + # email (required) - Email + # name (required) - Name + # password (required) - Password + # password_confirmation (required) - Password confirmation + # skype - Skype ID + # linkedin (required) - Linkedin + # twitter - Twitter account + # projects_limit - Limit projects wich user can create + # Example Request: + # POST /users + post do + authenticated_as_admin! + attrs = attributes_for_keys [:email, :name, :password, :password_confirmation, :skype, :linkedin, :twitter, :projects_limit] + user = User.new attrs + if user.save + present user, with: Entities::User + else + not_found! + end + end end resource :user do @@ -78,6 +102,8 @@ module Gitlab key = current_user.keys.find params[:id] key.delete end + + end end end From 705e9f402ed4601e502e51b46a181e3701490321 Mon Sep 17 00:00:00 2001 From: Valeriy Sizov Date: Tue, 2 Oct 2012 12:52:13 +0300 Subject: [PATCH 2/3] #1585 Api for user creation: create help --- doc/api/users.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/doc/api/users.md b/doc/api/users.md index 4f806b14..0e065fc9 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -65,6 +65,27 @@ Parameters: } ``` +## User creation +Create user. Available only for admin + +``` +POST /users +``` + +Parameters: ++ `email` (required) - Email ++ `name` (required) - Name ++ `password` (required) - Password ++ `password_confirmation` (required) - Password confirmation ++ `skype` - Skype ID ++ `linkedin` (required) - Linkedin ++ `twitter` - Twitter account ++ `projects_limit` - Limit projects wich user can create + + +Will return created user with status `201 Created` on success, or `404 Not +found` on fail. + ## Current user Get currently authenticated user. From bda0a75581d29cd0afb74a8a34ca69e75ab1c352 Mon Sep 17 00:00:00 2001 From: Valeriy Sizov Date: Tue, 2 Oct 2012 13:59:22 +0300 Subject: [PATCH 3/3] #1585 Api for user creation: rspec --- spec/requests/api/users_spec.rb | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 243f70f5..e3049e09 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -4,6 +4,7 @@ describe Gitlab::API do include ApiHelpers let(:user) { Factory :user } + let(:admin) {Factory :admin} let(:key) { Factory :key, user: user } describe "GET /users" do @@ -32,6 +33,26 @@ describe Gitlab::API do end end + describe "POST /users" do + before{ admin } + + it "should not create invalid user" do + post api("/users", admin), { email: "invalid email" } + response.status.should == 404 + end + + it "should create user" do + expect{ + post api("/users", admin), Factory.attributes(:user) + }.to change{User.count}.by(1) + end + + it "shouldn't available for non admin users" do + post api("/users", user), Factory.attributes(:user) + response.status.should == 403 + end + end + describe "GET /user" do it "should return current user" do get api("/user", user)