Commit f81b1a24 authored by Douwe Maan's avatar Douwe Maan

Merge branch 'dz-add-2fa-filter-admin-api' into 'master'

Add 2FA filter to users API for admins only

See merge request gitlab-org/gitlab-ce!18503
parents 9b3085b4 04716cb0
...@@ -32,6 +32,7 @@ class UsersFinder ...@@ -32,6 +32,7 @@ class UsersFinder
users = by_active(users) users = by_active(users)
users = by_external_identity(users) users = by_external_identity(users)
users = by_external(users) users = by_external(users)
users = by_2fa(users)
users = by_created_at(users) users = by_created_at(users)
users = by_custom_attributes(users) users = by_custom_attributes(users)
...@@ -76,4 +77,15 @@ class UsersFinder ...@@ -76,4 +77,15 @@ class UsersFinder
users.external users.external
end end
def by_2fa(users)
case params[:two_factor]
when 'enabled'
users.with_two_factor
when 'disabled'
users.without_two_factor
else
users
end
end
end end
---
title: Add 2FA filter to users API for admins only
merge_request: 18503
author:
type: changed
...@@ -55,6 +55,7 @@ GET /users ...@@ -55,6 +55,7 @@ GET /users
| --------- | ---- | -------- | ----------- | | --------- | ---- | -------- | ----------- |
| `order_by` | string | no | Return projects ordered by `id`, `name`, `username`, `created_at`, or `updated_at` fields. Default is `id` | | `order_by` | string | no | Return projects ordered by `id`, `name`, `username`, `created_at`, or `updated_at` fields. Default is `id` |
| `sort` | string | no | Return projects sorted in `asc` or `desc` order. Default is `desc` | | `sort` | string | no | Return projects sorted in `asc` or `desc` order. Default is `desc` |
| `two_factor` | string | no | Filter users by Two-factor authentication. Filter values are `enabled` or `disabled`. By default it returns all users |
```json ```json
[ [
......
...@@ -77,7 +77,7 @@ module API ...@@ -77,7 +77,7 @@ module API
authenticated_as_admin! if params[:external].present? || (params[:extern_uid].present? && params[:provider].present?) authenticated_as_admin! if params[:external].present? || (params[:extern_uid].present? && params[:provider].present?)
unless current_user&.admin? unless current_user&.admin?
params.except!(:created_after, :created_before, :order_by, :sort) params.except!(:created_after, :created_before, :order_by, :sort, :two_factor)
end end
users = UsersFinder.new(current_user, params).execute users = UsersFinder.new(current_user, params).execute
......
...@@ -212,6 +212,18 @@ describe API::Users do ...@@ -212,6 +212,18 @@ describe API::Users do
expect(json_response.last['id']).to eq(user.id) expect(json_response.last['id']).to eq(user.id)
end end
it 'returns users with 2fa enabled' do
admin
user
user_with_2fa = create(:user, :two_factor_via_otp)
get api('/users', admin), { two_factor: 'enabled' }
expect(response).to match_response_schema('public_api/v4/user/admins')
expect(json_response.size).to eq(1)
expect(json_response.first['id']).to eq(user_with_2fa.id)
end
it 'returns 400 when provided incorrect sort params' do it 'returns 400 when provided incorrect sort params' do
get api('/users', admin), { order_by: 'magic', sort: 'asc' } get api('/users', admin), { order_by: 'magic', sort: 'asc' }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment