find_user users helper method no longer overrides find_user API helper method.

2017-09-21 15:10:33 +01:00 · 2017-09-21 15:10:33 +01:00 · d70b7a490d
commit d70b7a490d
parent 4d88f64968
3 changed files with 16 additions and 2 deletions
--- a/changelogs/unreleased/37467-helper-method-from-users-endpoint-overrides-api-helper-method.yml
+++ b/changelogs/unreleased/37467-helper-method-from-users-endpoint-overrides-api-helper-method.yml
@ -0,0 +1,5 @@
+---
+title: find_user Users helper method no longer overrides find_user API helper method.
+merge_request: 14418
+author:
+type: fixed
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@ -11,7 +11,7 @@ module API
      end

      helpers do
-        def find_user(params)
+        def find_user_by_id(params)
          id = params[:user_id] || params[:id]
          User.find_by(id: id) || not_found!('User')
        end
@ -430,7 +430,7 @@ module API
        resource :impersonation_tokens do
          helpers do
            def finder(options = {})
-              user = find_user(params)
+              user = find_user_by_id(params)
              PersonalAccessTokensFinder.new({ user: user, impersonation: true }.merge(options))
            end

--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@ -125,6 +125,15 @@ describe API::Users do
    end

    context "when admin" do
+      context 'when sudo is defined' do
+        it 'does not return 500' do
+          admin_personal_access_token = create(:personal_access_token, user: admin).token
+          get api("/users?private_token=#{admin_personal_access_token}&sudo=#{user.id}", admin)
+
+          expect(response).to have_http_status(:success)
+        end
+      end
+
      it "returns an array of users" do
        get api("/users", admin)