Merge branch 'expose-saml-provider-id-to-users-api' into 'master'

Updating CE repo to include new EE users API changes See merge request gitlab-org/gitlab-ce!29581

Merge branch 'expose-saml-provider-id-to-users-api' into 'master'
Updating CE repo to include new EE users API changes See merge request gitlab-org/gitlab-ce!29581
d05a806f · Stan Hu · 4a5bda06 · 8cf85b4b · d05a806f · d05a806f
Commit d05a806f authored Jun 19, 2019 by Stan Hu
5 changed files
--- a/app/services/users/build_service.rb
+++ b/app/services/users/build_service.rb
@@ -5,10 +5,12 @@ module Users
    delegate :user_default_internal_regex_enabled?,
             :user_default_internal_regex_instance,
             to: :'Gitlab::CurrentSettings.current_application_settings'
+    attr_reader :identity_params
    def initialize(current_user, params = {})
      @current_user = current_user
      @params = params.dup
+      @identity_params = params.slice(*identity_attributes)
    end
    def execute(skip_authorization: false)
@@ -26,10 +28,8 @@ module Users
        end
      end
-      identity_attrs = params.slice(*identity_params)
+      unless identity_params.empty?
+        user.identities.build(identity_params)
-      unless identity_attrs.empty?
-        user.identities.build(identity_attrs)
      end
      user
@@ -37,7 +37,7 @@ module Users
    private
-    def identity_params
+    def identity_attributes
      [:extern_uid, :provider]
    end

--- a/app/services/users/update_service.rb
+++ b/app/services/users/update_service.rb
@@ -3,11 +3,13 @@
 module Users
  class UpdateService < BaseService
    include NewUserNotifier
+    attr_reader :user, :identity_params
    def initialize(current_user, params = {})
      @current_user = current_user
      @user = params.delete(:user)
      @status_params = params.delete(:status)
+      @identity_params = params.slice(*identity_attributes)
      @params = params.dup
    end
@@ -15,8 +17,8 @@ module Users
      yield(@user) if block_given?
      user_exists = @user.persisted?
      assign_attributes
+      assign_identity
      if @user.save(validate: validate) && update_status
        notify_success(user_exists)
@@ -55,7 +57,18 @@ module Users
        params.reject! { |key, _| read_only.include?(key.to_sym) }
      end
-      @user.assign_attributes(params) unless params.empty?
+      @user.assign_attributes(params.except(*identity_attributes)) unless params.empty? # rubocop: disable CodeReuse/ActiveRecord
+    end
+    def assign_identity
+      return unless identity_params.present?
+      identity = user.identities.find_or_create_by(provider: identity_params[:provider]) # rubocop: disable CodeReuse/ActiveRecord
+      identity.update(identity_params)
+    end
+    def identity_attributes
+      [:provider, :extern_uid]
    end
  end
 end
--- a/changelogs/unreleased/expose-saml-provider-id-to-users-api.yml
+++ b/changelogs/unreleased/expose-saml-provider-id-to-users-api.yml
+---
+title: Expose saml_provider_id in the users API
+merge_request: 14045
+author:
+type: added
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -2,6 +2,8 @@
 ## List users
+Active users = Total accounts - Blocked users
 Get a list of users.
 This function takes pagination parameters `page` and `per_page` to restrict the list of users.
@@ -257,7 +259,8 @@ Parameters:
  "two_factor_enabled": true,
  "external": false,
  "private_profile": false,
-  "highest_role":10
+  "shared_runners_minutes_limit": 133
+  "extra_shared_runners_minutes_limit": 133
 }
 ```
@@ -290,6 +293,7 @@ Parameters:
 - `projects_limit` (optional)    - Number of projects user can create
 - `extern_uid` (optional)        - External UID
 - `provider` (optional)          - External provider name
+- `group_id_for_saml` (optional) - ID of group where SAML has been configured
 - `bio` (optional)               - User's biography
 - `location` (optional)          - User's location
 - `public_email` (optional)      - The public email of the user
@@ -299,6 +303,8 @@ Parameters:
 - `external` (optional)          - Flags the user as external - true or false(default)
 - `avatar` (optional)            - Image file for user's avatar
 - `private_profile` (optional)   - User's profile is private - true or false
+- `shared_runners_minutes_limit` (optional) - Pipeline minutes quota for this user
+- `extra_shared_runners_minutes_limit` (optional) - Extra pipeline minutes quota for this user
 ## User modification
@@ -322,6 +328,7 @@ Parameters:
 - `projects_limit`                 - Limit projects each user can create
 - `extern_uid`                     - External UID
 - `provider`                       - External provider name
+- `group_id_for_saml` (optional)   - ID of group where SAML has been configured
 - `bio`                            - User's biography
 - `location` (optional)            - User's location
 - `public_email` (optional)        - The public email of the user
@@ -329,6 +336,8 @@ Parameters:
 - `can_create_group` (optional)    - User can create groups - true or false
 - `skip_reconfirmation` (optional) - Skip reconfirmation - true or false (default)
 - `external` (optional)            - Flags the user as external - true or false(default)
+- `shared_runners_minutes_limit` (optional) - Pipeline minutes quota for this user
+- `extra_shared_runners_minutes_limit` (optional) - Extra pipeline minutes quota for this user
 - `avatar` (optional)              - Image file for user's avatar
 - `private_profile` (optional)     - User's profile is private - true or false
@@ -1150,8 +1159,6 @@ settings page.
 POST /users/:user_id/impersonation_tokens
 ```
-Parameters:
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `user_id` | integer | yes | The ID of the user |
@@ -1255,4 +1262,4 @@ Example response:
 Please note that `last_activity_at` is deprecated, please use `last_activity_on`.
 [gemojione-index]: https://github.com/jonathanwiesel/gemojione/blob/master/config/index.json
\ No newline at end of file
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -209,22 +209,9 @@ module API
                .where.not(id: user.id).count > 0
        user_params = declared_params(include_missing: false)
-        identity_attrs = user_params.slice(:provider, :extern_uid)
-        if identity_attrs.any?
-          identity = user.identities.find_by(provider: identity_attrs[:provider])
-          if identity
-            identity.update(identity_attrs)
-          else
-            identity = user.identities.build(identity_attrs)
-            identity.save
-          end
-        end
        user_params[:password_expires_at] = Time.now if user_params[:password].present?
+        result = ::Users::UpdateService.new(current_user, user_params.merge(user: user)).execute
-        result = ::Users::UpdateService.new(current_user, user_params.except(:extern_uid, :provider).merge(user: user)).execute
        if result[:status] == :success
          present user, with: Entities::UserPublic, current_user: current_user