From 40cfd9e7876bfda714ccb06e3e6969a2ac67a774 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 26 Sep 2018 17:22:01 +0200
Subject: [PATCH 1/5] remove obsolete allowed attribute

---
 app/services/users/build_service.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/app/services/users/build_service.rb b/app/services/users/build_service.rb
index 9417c63c43a..f31972bfd54 100644
--- a/app/services/users/build_service.rb
+++ b/app/services/users/build_service.rb
@@ -55,7 +55,6 @@ module Users
         :force_random_password,
         :hide_no_password,
         :hide_no_ssh_key,
-        :key_id,
         :linkedin,
         :name,
         :password,

From 921c96ab0c9fe0fb532a3261f2664268b48e3bce Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 26 Sep 2018 17:23:11 +0200
Subject: [PATCH 2/5] remove obsolete parameter from users api

---
 lib/api/users.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/api/users.rb b/lib/api/users.rb
index ac09ca7f7b7..d7488c73a50 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -47,7 +47,6 @@ module API
           optional :external, type: Boolean, desc: 'Flag indicating the user is an external user'
           optional :avatar, type: File, desc: 'Avatar image for user'
           optional :private_profile, type: Boolean, desc: 'Flag indicating the user has a private profile'
-          optional :min_access_level, type: Integer, values: Gitlab::Access.all_values, desc: 'Limit by minimum access level of authenticated user'
           all_or_none_of :extern_uid, :provider
         end
 

From f38aa2bf3043fbfa49cafad3834f3d4aada75afd Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 26 Sep 2018 17:25:31 +0200
Subject: [PATCH 3/5] add missing allowed attributes

---
 app/services/users/build_service.rb       |  4 ++-
 spec/services/users/build_service_spec.rb | 42 +++++++++++++++++++++++
 2 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/app/services/users/build_service.rb b/app/services/users/build_service.rb
index f31972bfd54..f12e80b4d8e 100644
--- a/app/services/users/build_service.rb
+++ b/app/services/users/build_service.rb
@@ -68,7 +68,9 @@ module Users
         :twitter,
         :username,
         :website_url,
-        :private_profile
+        :private_profile,
+        :organization,
+        :location
       ]
     end
 
diff --git a/spec/services/users/build_service_spec.rb b/spec/services/users/build_service_spec.rb
index b987fe45138..7b2444489cb 100644
--- a/spec/services/users/build_service_spec.rb
+++ b/spec/services/users/build_service_spec.rb
@@ -14,6 +14,48 @@ describe Users::BuildService do
         expect(service.execute).to be_valid
       end
 
+      context 'allowed params' do
+        let(:params) do
+          {
+            access_level: 1,
+            admin: 1,
+            avatar: anything,
+            bio: 1,
+            can_create_group: 1,
+            color_scheme_id: 1,
+            email: 1,
+            external: 1,
+            force_random_password: 1,
+            hide_no_password: 1,
+            hide_no_ssh_key: 1,
+            linkedin: 1,
+            name: 1,
+            password: 1,
+            password_automatically_set: 1,
+            password_expires_at: 1,
+            projects_limit: 1,
+            remember_me: 1,
+            skip_confirmation: 1,
+            skype: 1,
+            theme_id: 1,
+            twitter: 1,
+            username: 1,
+            website_url: 1,
+            private_profile: 1,
+            organization: 1,
+            location: 1
+          }
+        end
+
+        it 'sets all allowed attributes' do
+          admin_user # call first so the admin gets created before setting `expect`
+
+          expect(User).to receive(:new).with(hash_including(params)).and_call_original
+
+          service.execute
+        end
+      end
+
       context 'with "user_default_external" application setting' do
         using RSpec::Parameterized::TableSyntax
 

From 801fe04be7b92be4c34728c348cf16444ec4bec7 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 26 Sep 2018 17:27:26 +0200
Subject: [PATCH 4/5] allow users api to set public_email

---
 app/services/users/build_service.rb       |  3 +-
 doc/api/users.md                          | 40 ++++++++++++-----------
 lib/api/users.rb                          |  1 +
 spec/services/users/build_service_spec.rb |  3 +-
 4 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/app/services/users/build_service.rb b/app/services/users/build_service.rb
index f12e80b4d8e..de6ff92d1da 100644
--- a/app/services/users/build_service.rb
+++ b/app/services/users/build_service.rb
@@ -70,7 +70,8 @@ module Users
         :website_url,
         :private_profile,
         :organization,
-        :location
+        :location,
+        :public_email
       ]
     end
 
diff --git a/doc/api/users.md b/doc/api/users.md
index b0ae455a025..8a9fb9b1447 100644
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -286,6 +286,7 @@ Parameters:
 - `provider` (optional)          - External provider name
 - `bio` (optional)               - User's biography
 - `location` (optional)          - User's location
+- `public_email` (optional)      - The public email of the user
 - `admin` (optional)             - User is admin - true or false (default)
 - `can_create_group` (optional)  - User can create groups - true or false
 - `skip_confirmation` (optional) - Skip confirmation - true or false (default)
@@ -303,26 +304,27 @@ PUT /users/:id
 
 Parameters:
 
-- `email`                       - Email
-- `username`                    - Username
-- `name`                        - Name
-- `password`                    - Password
-- `skype`                       - Skype ID
-- `linkedin`                    - LinkedIn
-- `twitter`                     - Twitter account
-- `website_url`                 - Website URL
-- `organization`                - Organization name
-- `projects_limit`              - Limit projects each user can create
-- `extern_uid`                  - External UID
-- `provider`                    - External provider name
-- `bio`                         - User's biography
-- `location` (optional)         - User's location
-- `admin` (optional)            - User is admin - true or false (default)
-- `can_create_group` (optional) - User can create groups - true or false
+- `email`                          - Email
+- `username`                       - Username
+- `name`                           - Name
+- `password`                       - Password
+- `skype`                          - Skype ID
+- `linkedin`                       - LinkedIn
+- `twitter`                        - Twitter account
+- `website_url`                    - Website URL
+- `organization`                   - Organization name
+- `projects_limit`                 - Limit projects each user can create
+- `extern_uid`                     - External UID
+- `provider`                       - External provider name
+- `bio`                            - User's biography
+- `location` (optional)            - User's location
+- `public_email` (optional)        - The public email of the user
+- `admin` (optional)               - User is admin - true or false (default)
+- `can_create_group` (optional)    - User can create groups - true or false
 - `skip_reconfirmation` (optional) - Skip reconfirmation - true or false (default)
-- `external` (optional)         - Flags the user as external - true or false(default)
-- `avatar` (optional)           - Image file for user's avatar
-- `private_profile` (optional)  - User's profile is private - true or false
+- `external` (optional)            - Flags the user as external - true or false(default)
+- `avatar` (optional)              - Image file for user's avatar
+- `private_profile` (optional)     - User's profile is private - true or false
 
 On password update, user will be forced to change it upon next login.
 Note, at the moment this method does only return a `404` error,
diff --git a/lib/api/users.rb b/lib/api/users.rb
index d7488c73a50..9cf0d44f9fb 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -42,6 +42,7 @@ module API
           optional :provider, type: String, desc: 'The external provider'
           optional :bio, type: String, desc: 'The biography of the user'
           optional :location, type: String, desc: 'The location of the user'
+          optional :public_email, type: String, desc: 'The public email of the user'
           optional :admin, type: Boolean, desc: 'Flag indicating the user is an administrator'
           optional :can_create_group, type: Boolean, desc: 'Flag indicating the user can create groups'
           optional :external, type: Boolean, desc: 'Flag indicating the user is an external user'
diff --git a/spec/services/users/build_service_spec.rb b/spec/services/users/build_service_spec.rb
index 7b2444489cb..051e8c87f39 100644
--- a/spec/services/users/build_service_spec.rb
+++ b/spec/services/users/build_service_spec.rb
@@ -43,7 +43,8 @@ describe Users::BuildService do
             website_url: 1,
             private_profile: 1,
             organization: 1,
-            location: 1
+            location: 1,
+            public_email: 1
           }
         end
 

From 303350567c7b2bf140fa17d3f3f473ad9ece4e45 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Fri, 28 Sep 2018 21:34:57 +0200
Subject: [PATCH 5/5] add changelogs

---
 .../unreleased/feature-set-public-email-through-api.yml      | 5 +++++
 ...x-add-organization-and-location-to-allowed-parameters.yml | 5 +++++
 2 files changed, 10 insertions(+)
 create mode 100644 changelogs/unreleased/feature-set-public-email-through-api.yml
 create mode 100644 changelogs/unreleased/fix-add-organization-and-location-to-allowed-parameters.yml

diff --git a/changelogs/unreleased/feature-set-public-email-through-api.yml b/changelogs/unreleased/feature-set-public-email-through-api.yml
new file mode 100644
index 00000000000..22fae71e9d8
--- /dev/null
+++ b/changelogs/unreleased/feature-set-public-email-through-api.yml
@@ -0,0 +1,5 @@
+---
+title: Add support for setting the public email through the api
+merge_request: 21938
+author: Alexis Reigel
+type: added
diff --git a/changelogs/unreleased/fix-add-organization-and-location-to-allowed-parameters.yml b/changelogs/unreleased/fix-add-organization-and-location-to-allowed-parameters.yml
new file mode 100644
index 00000000000..4d85e1b9af2
--- /dev/null
+++ b/changelogs/unreleased/fix-add-organization-and-location-to-allowed-parameters.yml
@@ -0,0 +1,5 @@
+---
+title: Allow setting user's organization and location attributes through the API by adding them to the list of allowed parameters
+merge_request: 21938
+author: Alexis Reigel
+type: fixed