2018-09-29 22:34:47 +00:00
# frozen_string_literal: true
2016-06-23 15:14:31 +00:00
module API
2020-10-15 00:08:42 +00:00
class Members < :: API :: Base
2016-12-04 17:11:19 +00:00
include PaginationParams
2016-06-23 15:14:31 +00:00
before { authenticate! }
2020-10-29 18:09:11 +00:00
feature_category :authentication_and_authorization
2016-06-23 15:14:31 +00:00
helpers :: API :: Helpers :: MembersHelpers
%w[ group project ] . each do | source_type |
2016-07-29 14:02:35 +00:00
params do
requires :id , type : String , desc : " The #{ source_type } ID "
end
2018-11-08 12:18:17 +00:00
resource source_type . pluralize , requirements : API :: NAMESPACE_OR_PROJECT_REQUIREMENTS do
2016-07-29 14:02:35 +00:00
desc 'Gets a list of group or project members viewable by the authenticated user.' do
success Entities :: Member
end
params do
optional :query , type : String , desc : 'A query string to search for members'
2020-06-29 21:09:07 +00:00
optional :user_ids , type : Array [ Integer ] , coerce_with : :: API :: Validations :: Types :: CommaSeparatedToIntegerArray . coerce , desc : 'Array of user ids to look up for membership'
2020-01-22 18:08:47 +00:00
optional :show_seat_info , type : Boolean , desc : 'Show seat information for members'
2019-12-26 18:07:46 +00:00
use :optional_filter_params_ee
2016-12-04 17:11:19 +00:00
use :pagination
2016-07-29 14:02:35 +00:00
end
2019-11-22 06:06:20 +00:00
2016-06-23 15:14:31 +00:00
get " :id/members " do
source = find_source ( source_type , params [ :id ] )
2019-11-22 06:06:20 +00:00
members = paginate ( retrieve_members ( source , params : params ) )
2016-06-23 15:14:31 +00:00
2019-11-22 06:06:20 +00:00
present_members members
2016-06-23 15:14:31 +00:00
end
2018-07-25 21:45:42 +00:00
desc 'Gets a list of group or project members viewable by the authenticated user, including those who gained membership through ancestor group.' do
success Entities :: Member
end
params do
optional :query , type : String , desc : 'A query string to search for members'
2020-06-29 21:09:07 +00:00
optional :user_ids , type : Array [ Integer ] , coerce_with : :: API :: Validations :: Types :: CommaSeparatedToIntegerArray . coerce , desc : 'Array of user ids to look up for membership'
2020-01-22 18:08:47 +00:00
optional :show_seat_info , type : Boolean , desc : 'Show seat information for members'
2018-07-25 21:45:42 +00:00
use :pagination
end
2019-11-22 06:06:20 +00:00
2018-07-25 21:45:42 +00:00
get " :id/members/all " do
source = find_source ( source_type , params [ :id ] )
2019-11-22 06:06:20 +00:00
members = paginate ( retrieve_members ( source , params : params , deep : true ) )
2018-07-25 21:45:42 +00:00
2019-11-22 06:06:20 +00:00
present_members members
2018-07-25 21:45:42 +00:00
end
2016-06-23 15:14:31 +00:00
2016-07-29 14:02:35 +00:00
desc 'Gets a member of a group or project.' do
success Entities :: Member
end
params do
requires :user_id , type : Integer , desc : 'The user ID of the member'
end
2018-08-27 15:31:01 +00:00
# rubocop: disable CodeReuse/ActiveRecord
2016-06-23 15:14:31 +00:00
get " :id/members/:user_id " do
source = find_source ( source_type , params [ :id ] )
members = source . members
member = members . find_by! ( user_id : params [ :user_id ] )
2019-11-22 06:06:20 +00:00
present_members member
2019-10-16 18:08:01 +00:00
end
# rubocop: enable CodeReuse/ActiveRecord
desc 'Gets a member of a group or project, including those who gained membership through ancestor group' do
success Entities :: Member
end
params do
requires :user_id , type : Integer , desc : 'The user ID of the member'
end
# rubocop: disable CodeReuse/ActiveRecord
get " :id/members/all/:user_id " do
source = find_source ( source_type , params [ :id ] )
2019-11-22 06:06:20 +00:00
members = find_all_members ( source )
2019-10-16 18:08:01 +00:00
member = members . find_by! ( user_id : params [ :user_id ] )
2019-11-22 06:06:20 +00:00
present_members member
2016-06-23 15:14:31 +00:00
end
2018-08-27 15:31:01 +00:00
# rubocop: enable CodeReuse/ActiveRecord
2016-06-23 15:14:31 +00:00
2016-07-29 14:02:35 +00:00
desc 'Adds a member to a group or project.' do
success Entities :: Member
end
params do
requires :access_level , type : Integer , desc : 'A valid access level (defaults: `30`, developer access level)'
2020-10-13 12:08:41 +00:00
requires :user_id , types : [ Integer , String ] , desc : 'The user ID of the new member or multiple IDs separated by commas.'
2016-07-29 14:02:35 +00:00
optional :expires_at , type : DateTime , desc : 'Date string in the format YEAR-MONTH-DAY'
end
2018-08-27 15:31:01 +00:00
# rubocop: disable CodeReuse/ActiveRecord
2016-06-23 15:14:31 +00:00
post " :id/members " do
source = find_source ( source_type , params [ :id ] )
authorize_admin_source! ( source_type , source )
2020-10-13 12:08:41 +00:00
if params [ :user_id ] . to_s . include? ( ',' )
create_service_params = params . except ( :user_id ) . merge ( { user_ids : params [ :user_id ] } )
2016-08-09 10:14:11 +00:00
2020-10-13 12:08:41 +00:00
:: Members :: CreateService . new ( current_user , create_service_params ) . execute ( source )
elsif params [ :user_id ] . present?
member = source . members . find_by ( user_id : params [ :user_id ] )
conflict! ( 'Member already exists' ) if member
2018-07-27 19:49:49 +00:00
2020-10-13 12:08:41 +00:00
user = User . find_by_id ( params [ :user_id ] )
not_found! ( 'User' ) unless user
2016-08-09 10:14:11 +00:00
2020-10-13 12:08:41 +00:00
member = create_member ( current_user , user , source , params )
if ! member
not_allowed! # This currently can only be reached in EE
elsif member . valid? && member . persisted?
present_members ( member )
else
render_validation_error! ( member )
end
2016-06-23 15:14:31 +00:00
end
end
2018-08-27 15:31:01 +00:00
# rubocop: enable CodeReuse/ActiveRecord
2016-06-23 15:14:31 +00:00
2016-07-29 14:02:35 +00:00
desc 'Updates a member of a group or project.' do
success Entities :: Member
end
params do
requires :user_id , type : Integer , desc : 'The user ID of the new member'
requires :access_level , type : Integer , desc : 'A valid access level'
optional :expires_at , type : DateTime , desc : 'Date string in the format YEAR-MONTH-DAY'
end
2018-08-27 15:31:01 +00:00
# rubocop: disable CodeReuse/ActiveRecord
2016-06-23 15:14:31 +00:00
put " :id/members/:user_id " do
2017-02-23 13:21:03 +00:00
source = find_source ( source_type , params . delete ( :id ) )
2016-06-23 15:14:31 +00:00
authorize_admin_source! ( source_type , source )
2020-11-02 15:08:52 +00:00
member = source_members ( source ) . find_by! ( user_id : params [ :user_id ] )
2017-10-11 14:47:08 +00:00
updated_member =
2018-02-16 14:10:22 +00:00
:: Members :: UpdateService
. new ( current_user , declared_params ( include_missing : false ) )
. execute ( member )
2017-10-11 14:47:08 +00:00
if updated_member . valid?
2019-11-22 06:06:20 +00:00
present_members updated_member
2016-06-23 15:14:31 +00:00
else
2017-10-11 14:47:08 +00:00
render_validation_error! ( updated_member )
2016-06-23 15:14:31 +00:00
end
end
2018-08-27 15:31:01 +00:00
# rubocop: enable CodeReuse/ActiveRecord
2016-06-23 15:14:31 +00:00
2016-07-29 14:02:35 +00:00
desc 'Removes a user from a group or project.'
params do
requires :user_id , type : Integer , desc : 'The user ID of the member'
2020-06-23 15:08:41 +00:00
optional :unassign_issuables , type : Boolean , default : false ,
desc : 'Flag indicating if the removed member should be unassigned from any issues or merge requests within given group or project'
2016-07-29 14:02:35 +00:00
end
2018-08-27 15:31:01 +00:00
# rubocop: disable CodeReuse/ActiveRecord
2016-06-23 15:14:31 +00:00
delete " :id/members/:user_id " do
source = find_source ( source_type , params [ :id ] )
2020-11-02 15:08:52 +00:00
member = source_members ( source ) . find_by! ( user_id : params [ :user_id ] )
2016-06-23 15:14:31 +00:00
2017-03-02 12:14:13 +00:00
destroy_conditionally! ( member ) do
2020-06-23 15:08:41 +00:00
:: Members :: DestroyService . new ( current_user ) . execute ( member , unassign_issuables : params [ :unassign_issuables ] )
2017-03-02 12:14:13 +00:00
end
2016-06-23 15:14:31 +00:00
end
2018-08-27 15:31:01 +00:00
# rubocop: enable CodeReuse/ActiveRecord
2016-06-23 15:14:31 +00:00
end
end
end
end
2020-04-23 21:09:31 +00:00
API :: Members . prepend_if_ee ( 'EE::API::Members' )