Merge branch 'extend_user_api' of https://github.com/bladealslayer/gitlabhq into…

Merge branch 'extend_user_api' of https://github.com/bladealslayer/gitlabhq into bladealslayer-extend_user_api Conflicts: spec/requests/api/users_spec.rb

Merge branch 'extend_user_api' of https://github.com/bladealslayer/gitlabhq into…
fd1b9fdc · Dmitriy Zaporozhets · afdb09de · e954438a · fd1b9fdc · fd1b9fdc
Commit fd1b9fdc authored Jan 31, 2013 by Dmitriy Zaporozhets
Hide whitespace changes
Inline Side-by-side

Showing with 138 additions and 2 deletions

users.md doc/api/users.md +43 -0

entities.rb lib/api/entities.rb +1 -1

users.rb lib/api/users.rb +46 -1

users_spec.rb spec/requests/api/users_spec.rb +48 -0

No files found.
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -20,6 +20,8 @@ GET /users
    "linkedin": "",
    "twitter": "",
    "dark_scheme": false,
+    "extern_uid": "john.smith",
+    "provider": "provider_name",
    "theme_id": 1
  },
  {
@@ -34,6 +36,8 @@ GET /users
    "linkedin": "",
    "twitter": "",
    "dark_scheme": true,
+    "extern_uid": "jack.smith",
+    "provider": "provider_name",
    "theme_id": 1
  }
 ]
@@ -64,6 +68,8 @@ Parameters:
  "linkedin": "",
  "twitter": "",
  "dark_scheme": false,
+  "extern_uid": "john.smith",
+  "provider": "provider_name",
  "theme_id": 1
 }
 ```
@@ -84,10 +90,47 @@ Parameters:
 + `linkedin`                          - Linkedin
 + `twitter`                           - Twitter account
 + `projects_limit`                    - Number of projects user can create
+ `extern_uid`                        - External UID
+ `provider`                          - External provider name
+ `bio`                               - User's bio
 Will return created user with status `201 Created` on success, or `404 Not
 found` on fail.
+## User modification
+Modify user. Available only for admin
+```
+PUT /users/:id
+```
+Parameters:
+ `email`                             - Email
+ `username`                          - Username
+ `name`                              - Name
+ `password`                          - Password
+ `skype`                             - Skype ID
+ `linkedin`                          - Linkedin
+ `twitter`                           - Twitter account
+ `projects_limit`                    - Limit projects wich user can create
+ `extern_uid`                        - External UID
+ `provider`                          - External provider name
+ `bio`                               - User's bio
+Will return created user with status `200 OK` on success, or `404 Not
+found` on fail.
+## User deletion
+Delete user. Available only for admin
+```
+DELETE /users/:id
+```
+Will return deleted user with status `200 OK` on success, or `404 Not
+found` on fail.
 ## Current user
 Get currently authenticated user.

--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -2,7 +2,7 @@ module Gitlab
  module Entities
    class User < Grape::Entity
      expose :id, :username, :email, :name, :bio, :skype, :linkedin, :twitter,
-             :dark_scheme, :theme_id, :blocked, :created_at
+             :dark_scheme, :theme_id, :blocked, :created_at, :extern_uid, :provider
    end
    class UserBasic < Grape::Entity

--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -34,11 +34,14 @@ module Gitlab
      #   linkedin                          - Linkedin
      #   twitter                           - Twitter account
      #   projects_limit                    - Number of projects user can create
+      #   extern_uid                        - External authentication provider UID
+      #   provider                          - External provider
+      #   bio                               - Bio
      # Example Request:
      #   POST /users
      post do
        authenticated_as_admin!
-        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username]
+        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
        user = User.new attrs, as: :admin
        if user.save
          present user, with: Entities::User
@@ -46,6 +49,48 @@ module Gitlab
          not_found!
        end
      end
+      # Update user. Available only for admin
+      #
+      # Parameters:
+      #   email                             - Email
+      #   name                              - Name
+      #   password                          - Password
+      #   skype                             - Skype ID
+      #   linkedin                          - Linkedin
+      #   twitter                           - Twitter account
+      #   projects_limit                    - Limit projects wich user can create
+      #   extern_uid                        - External authentication provider UID
+      #   provider                          - External provider
+      #   bio                               - Bio
+      # Example Request:
+      #   PUT /users/:id
+      put ":id" do
+        authenticated_as_admin!
+        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
+        user = User.find_by_id(params[:id])
+        if user && user.update_attributes(attrs)
+          present user, with: Entities::User
+        else
+          not_found!
+        end
+      end
+      # Delete user. Available only for admin
+      #
+      # Example Request:
+      #   DELETE /users/:id
+      delete ":id" do
+        authenticated_as_admin!
+        user = User.find_by_id(params[:id])
+        if user
+          user.destroy
+        else
+          not_found!
+        end
+      end
    end
    resource :user do

--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -83,6 +83,54 @@ describe Gitlab::API do
    end
  end
+  describe "PUT /users/:id" do
+    before { admin }
+    it "should update user" do
+      put api("/users/#{user.id}", admin), {bio: 'new test bio'}
+      response.status.should == 200
+      json_response['bio'].should == 'new test bio'
+      user.reload.bio.should == 'new test bio'
+    end
+    it "should not allow invalid update" do
+      put api("/users/#{user.id}", admin), {email: 'invalid email'}
+      response.status.should == 404
+      user.reload.email.should_not == 'invalid email'
+    end
+    it "shouldn't available for non admin users" do
+      put api("/users/#{user.id}", user), attributes_for(:user)
+      response.status.should == 403
+    end
+    it "should return 404 for non-existing user" do
+      put api("/users/999999", admin), {bio: 'update should fail'}
+      response.status.should == 404
+    end
+  end
+  describe "DELETE /users/:id" do
+    before { admin }
+    it "should delete user" do
+      delete api("/users/#{user.id}", admin)
+      response.status.should == 200
+      expect { User.find(user.id) }.to raise_error ActiveRecord::RecordNotFound
+      json_response['email'].should == user.email
+    end
+    it "shouldn't available for non admin users" do
+      delete api("/users/#{user.id}", user)
+      response.status.should == 403
+    end
+    it "should return 404 for non-existing user" do
+      delete api("/users/999999", admin)
+      response.status.should == 404
+    end
+  end
  describe "GET /user" do
    it "should return current user" do
      get api("/user", user)