Return is_admin attribute in the GET /user endpoint for admins

Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-07-12 12:18:14 +02:00 · 2017-07-12 12:18:14 +02:00 · 91f63820a5
commit 91f63820a5
parent dc05bcd885
5 changed files with 53 additions and 6 deletions
--- a/changelogs/unreleased/34325-reinstate-is_admin-for-user-api.yml
+++ b/changelogs/unreleased/34325-reinstate-is_admin-for-user-api.yml
@ -0,0 +1,4 @@
+---
+title: Return `is_admin` attribute in the GET /user endpoint for admins
+merge_request: 12811
+author:
--- a/doc/api/users.md
+++ b/doc/api/users.md
@ -364,7 +364,7 @@ GET /user

 Parameters:

- `sudo` (required) - the ID of a user
+- `sudo` (optional) - the ID of a user to make the call in their place

 ```
 GET /user
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@ -421,7 +421,16 @@ module API
        success Entities::UserPublic
      end
      get do
-        present current_user, with: sudo? ? Entities::UserWithPrivateDetails : Entities::UserPublic
+        entity =
+          if sudo?
+            Entities::UserWithPrivateDetails
+          elsif current_user.admin?
+            Entities::UserWithAdmin
+          else
+            Entities::UserPublic
+          end
+
+        present current_user, with: entity
      end

      desc "Get the currently authenticated user's SSH keys" do
--- a/spec/fixtures/api/schemas/public_api/v4/user/admin.json
+++ b/spec/fixtures/api/schemas/public_api/v4/user/admin.json
@ -0,0 +1,34 @@
+{
+  "type": "object",
+  "required": [
+    "id",
+    "username",
+    "email",
+    "name",
+    "state",
+    "avatar_url",
+    "web_url",
+    "created_at",
+    "is_admin",
+    "bio",
+    "location",
+    "skype",
+    "linkedin",
+    "twitter",
+    "website_url",
+    "organization",
+    "last_sign_in_at",
+    "confirmed_at",
+    "color_scheme_id",
+    "projects_limit",
+    "current_sign_in_at",
+    "identities",
+    "can_create_group",
+    "can_create_project",
+    "two_factor_enabled",
+    "external"
+  ],
+  "properties": {
+    "$ref": "full.json"
+  }
+}
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@ -943,11 +943,11 @@ describe API::Users do
          expect(response).to have_http_status(403)
        end

-        it 'returns initial current user without private token when sudo not defined' do
+        it 'returns initial current user without private token but with is_admin when sudo not defined' do
          get api("/user?private_token=#{admin_personal_access_token}")

          expect(response).to have_http_status(200)
-          expect(response).to match_response_schema('public_api/v4/user/public')
+          expect(response).to match_response_schema('public_api/v4/user/admin')
          expect(json_response['id']).to eq(admin.id)
        end
      end
@ -961,11 +961,11 @@ describe API::Users do
          expect(json_response['id']).to eq(user.id)
        end

-        it 'returns initial current user without private token when sudo not defined' do
+        it 'returns initial current user without private token but with is_admin when sudo not defined' do
          get api("/user?private_token=#{admin.private_token}")

          expect(response).to have_http_status(200)
-          expect(response).to match_response_schema('public_api/v4/user/public')
+          expect(response).to match_response_schema('public_api/v4/user/admin')
          expect(json_response['id']).to eq(admin.id)
        end
      end