Commit 571c4f5a authored by Sean McGivern's avatar Sean McGivern

Merge branch '34325-reinstate-is_admin-for-user-api' into 'master'

Return `is_admin` attribute in the GET /user endpoint for admins

Closes #34325

See merge request !12811
parents f5f94200 91f63820
---
title: Return `is_admin` attribute in the GET /user endpoint for admins
merge_request: 12811
author:
...@@ -364,7 +364,7 @@ GET /user ...@@ -364,7 +364,7 @@ GET /user
Parameters: Parameters:
- `sudo` (required) - the ID of a user - `sudo` (optional) - the ID of a user to make the call in their place
``` ```
GET /user GET /user
......
...@@ -421,7 +421,16 @@ module API ...@@ -421,7 +421,16 @@ module API
success Entities::UserPublic success Entities::UserPublic
end end
get do get do
present current_user, with: sudo? ? Entities::UserWithPrivateDetails : Entities::UserPublic entity =
if sudo?
Entities::UserWithPrivateDetails
elsif current_user.admin?
Entities::UserWithAdmin
else
Entities::UserPublic
end
present current_user, with: entity
end end
desc "Get the currently authenticated user's SSH keys" do desc "Get the currently authenticated user's SSH keys" do
......
{
"type": "object",
"required": [
"id",
"username",
"email",
"name",
"state",
"avatar_url",
"web_url",
"created_at",
"is_admin",
"bio",
"location",
"skype",
"linkedin",
"twitter",
"website_url",
"organization",
"last_sign_in_at",
"confirmed_at",
"color_scheme_id",
"projects_limit",
"current_sign_in_at",
"identities",
"can_create_group",
"can_create_project",
"two_factor_enabled",
"external"
],
"properties": {
"$ref": "full.json"
}
}
...@@ -943,11 +943,11 @@ describe API::Users do ...@@ -943,11 +943,11 @@ describe API::Users do
expect(response).to have_http_status(403) expect(response).to have_http_status(403)
end end
it 'returns initial current user without private token when sudo not defined' do it 'returns initial current user without private token but with is_admin when sudo not defined' do
get api("/user?private_token=#{admin_personal_access_token}") get api("/user?private_token=#{admin_personal_access_token}")
expect(response).to have_http_status(200) expect(response).to have_http_status(200)
expect(response).to match_response_schema('public_api/v4/user/public') expect(response).to match_response_schema('public_api/v4/user/admin')
expect(json_response['id']).to eq(admin.id) expect(json_response['id']).to eq(admin.id)
end end
end end
...@@ -961,11 +961,11 @@ describe API::Users do ...@@ -961,11 +961,11 @@ describe API::Users do
expect(json_response['id']).to eq(user.id) expect(json_response['id']).to eq(user.id)
end end
it 'returns initial current user without private token when sudo not defined' do it 'returns initial current user without private token but with is_admin when sudo not defined' do
get api("/user?private_token=#{admin.private_token}") get api("/user?private_token=#{admin.private_token}")
expect(response).to have_http_status(200) expect(response).to have_http_status(200)
expect(response).to match_response_schema('public_api/v4/user/public') expect(response).to match_response_schema('public_api/v4/user/admin')
expect(json_response['id']).to eq(admin.id) expect(json_response['id']).to eq(admin.id)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment