Extended users API to support updating and deleting users.
Also added tests.
This commit is contained in:
parent
f4a6f1fd5a
commit
e954438a1d
|
@ -20,6 +20,8 @@ GET /users
|
||||||
"linkedin": "",
|
"linkedin": "",
|
||||||
"twitter": "",
|
"twitter": "",
|
||||||
"dark_scheme": false,
|
"dark_scheme": false,
|
||||||
|
"extern_uid": "john.smith",
|
||||||
|
"provider": "provider_name",
|
||||||
"theme_id": 1
|
"theme_id": 1
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
@ -34,6 +36,8 @@ GET /users
|
||||||
"linkedin": "",
|
"linkedin": "",
|
||||||
"twitter": "",
|
"twitter": "",
|
||||||
"dark_scheme": true,
|
"dark_scheme": true,
|
||||||
|
"extern_uid": "jack.smith",
|
||||||
|
"provider": "provider_name",
|
||||||
"theme_id": 1
|
"theme_id": 1
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
@ -64,6 +68,8 @@ Parameters:
|
||||||
"linkedin": "",
|
"linkedin": "",
|
||||||
"twitter": "",
|
"twitter": "",
|
||||||
"dark_scheme": false,
|
"dark_scheme": false,
|
||||||
|
"extern_uid": "john.smith",
|
||||||
|
"provider": "provider_name",
|
||||||
"theme_id": 1
|
"theme_id": 1
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
@ -84,10 +90,47 @@ Parameters:
|
||||||
+ `linkedin` - Linkedin
|
+ `linkedin` - Linkedin
|
||||||
+ `twitter` - Twitter account
|
+ `twitter` - Twitter account
|
||||||
+ `projects_limit` - Number of projects user can create
|
+ `projects_limit` - Number of projects user can create
|
||||||
|
+ `extern_uid` - External UID
|
||||||
|
+ `provider` - External provider name
|
||||||
|
+ `bio` - User's bio
|
||||||
|
|
||||||
Will return created user with status `201 Created` on success, or `404 Not
|
Will return created user with status `201 Created` on success, or `404 Not
|
||||||
found` on fail.
|
found` on fail.
|
||||||
|
|
||||||
|
## User modification
|
||||||
|
Modify user. Available only for admin
|
||||||
|
|
||||||
|
```
|
||||||
|
PUT /users/:id
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
+ `email` - Email
|
||||||
|
+ `username` - Username
|
||||||
|
+ `name` - Name
|
||||||
|
+ `password` - Password
|
||||||
|
+ `skype` - Skype ID
|
||||||
|
+ `linkedin` - Linkedin
|
||||||
|
+ `twitter` - Twitter account
|
||||||
|
+ `projects_limit` - Limit projects wich user can create
|
||||||
|
+ `extern_uid` - External UID
|
||||||
|
+ `provider` - External provider name
|
||||||
|
+ `bio` - User's bio
|
||||||
|
|
||||||
|
|
||||||
|
Will return created user with status `200 OK` on success, or `404 Not
|
||||||
|
found` on fail.
|
||||||
|
|
||||||
|
## User deletion
|
||||||
|
Delete user. Available only for admin
|
||||||
|
|
||||||
|
```
|
||||||
|
DELETE /users/:id
|
||||||
|
```
|
||||||
|
|
||||||
|
Will return deleted user with status `200 OK` on success, or `404 Not
|
||||||
|
found` on fail.
|
||||||
|
|
||||||
## Current user
|
## Current user
|
||||||
|
|
||||||
Get currently authenticated user.
|
Get currently authenticated user.
|
||||||
|
|
|
@ -2,7 +2,7 @@ module Gitlab
|
||||||
module Entities
|
module Entities
|
||||||
class User < Grape::Entity
|
class User < Grape::Entity
|
||||||
expose :id, :username, :email, :name, :bio, :skype, :linkedin, :twitter,
|
expose :id, :username, :email, :name, :bio, :skype, :linkedin, :twitter,
|
||||||
:dark_scheme, :theme_id, :blocked, :created_at
|
:dark_scheme, :theme_id, :blocked, :created_at, :extern_uid, :provider
|
||||||
end
|
end
|
||||||
|
|
||||||
class UserBasic < Grape::Entity
|
class UserBasic < Grape::Entity
|
||||||
|
|
|
@ -34,11 +34,14 @@ module Gitlab
|
||||||
# linkedin - Linkedin
|
# linkedin - Linkedin
|
||||||
# twitter - Twitter account
|
# twitter - Twitter account
|
||||||
# projects_limit - Number of projects user can create
|
# projects_limit - Number of projects user can create
|
||||||
|
# extern_uid - External authentication provider UID
|
||||||
|
# provider - External provider
|
||||||
|
# bio - Bio
|
||||||
# Example Request:
|
# Example Request:
|
||||||
# POST /users
|
# POST /users
|
||||||
post do
|
post do
|
||||||
authenticated_as_admin!
|
authenticated_as_admin!
|
||||||
attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username]
|
attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
|
||||||
user = User.new attrs, as: :admin
|
user = User.new attrs, as: :admin
|
||||||
if user.save
|
if user.save
|
||||||
present user, with: Entities::User
|
present user, with: Entities::User
|
||||||
|
@ -46,6 +49,48 @@ module Gitlab
|
||||||
not_found!
|
not_found!
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Update user. Available only for admin
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# email - Email
|
||||||
|
# name - Name
|
||||||
|
# password - Password
|
||||||
|
# skype - Skype ID
|
||||||
|
# linkedin - Linkedin
|
||||||
|
# twitter - Twitter account
|
||||||
|
# projects_limit - Limit projects wich user can create
|
||||||
|
# extern_uid - External authentication provider UID
|
||||||
|
# provider - External provider
|
||||||
|
# bio - Bio
|
||||||
|
# Example Request:
|
||||||
|
# PUT /users/:id
|
||||||
|
put ":id" do
|
||||||
|
authenticated_as_admin!
|
||||||
|
attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
|
||||||
|
user = User.find_by_id(params[:id])
|
||||||
|
|
||||||
|
if user && user.update_attributes(attrs)
|
||||||
|
present user, with: Entities::User
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Delete user. Available only for admin
|
||||||
|
#
|
||||||
|
# Example Request:
|
||||||
|
# DELETE /users/:id
|
||||||
|
delete ":id" do
|
||||||
|
authenticated_as_admin!
|
||||||
|
user = User.find_by_id(params[:id])
|
||||||
|
|
||||||
|
if user
|
||||||
|
user.destroy
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
resource :user do
|
resource :user do
|
||||||
|
|
|
@ -53,6 +53,54 @@ describe Gitlab::API do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "PUT /users/:id" do
|
||||||
|
before { admin }
|
||||||
|
|
||||||
|
it "should update user" do
|
||||||
|
put api("/users/#{user.id}", admin), {bio: 'new test bio'}
|
||||||
|
response.status.should == 200
|
||||||
|
json_response['bio'].should == 'new test bio'
|
||||||
|
user.reload.bio.should == 'new test bio'
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should not allow invalid update" do
|
||||||
|
put api("/users/#{user.id}", admin), {email: 'invalid email'}
|
||||||
|
response.status.should == 404
|
||||||
|
user.reload.email.should_not == 'invalid email'
|
||||||
|
end
|
||||||
|
|
||||||
|
it "shouldn't available for non admin users" do
|
||||||
|
put api("/users/#{user.id}", user), attributes_for(:user)
|
||||||
|
response.status.should == 403
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return 404 for non-existing user" do
|
||||||
|
put api("/users/999999", admin), {bio: 'update should fail'}
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "DELETE /users/:id" do
|
||||||
|
before { admin }
|
||||||
|
|
||||||
|
it "should delete user" do
|
||||||
|
delete api("/users/#{user.id}", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
expect { User.find(user.id) }.to raise_error ActiveRecord::RecordNotFound
|
||||||
|
json_response['email'].should == user.email
|
||||||
|
end
|
||||||
|
|
||||||
|
it "shouldn't available for non admin users" do
|
||||||
|
delete api("/users/#{user.id}", user)
|
||||||
|
response.status.should == 403
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return 404 for non-existing user" do
|
||||||
|
delete api("/users/999999", admin)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe "GET /user" do
|
describe "GET /user" do
|
||||||
it "should return current user" do
|
it "should return current user" do
|
||||||
get api("/user", user)
|
get api("/user", user)
|
||||||
|
|
Loading…
Reference in a new issue