6f1922500b
- Declaring an endpoint's scopes in a `before` block has proved to be unreliable. For example, if we're accessing the `API::Users` endpoint - code in a `before` block in `API::API` wouldn't be able to see the scopes set in `API::Users` since the `API::API` `before` block runs first. - This commit moves these declarations to the class level, since they don't need to change once set.
204 lines
7.1 KiB
Ruby
204 lines
7.1 KiB
Ruby
module API
|
|
module V3
|
|
class Users < Grape::API
|
|
include PaginationParams
|
|
include APIGuard
|
|
|
|
allow_access_with_scope :read_user, if: -> (request) { request.get? }
|
|
|
|
before do
|
|
authenticate!
|
|
end
|
|
|
|
resource :users, requirements: { uid: /[0-9]*/, id: /[0-9]*/ } do
|
|
helpers do
|
|
params :optional_attributes do
|
|
optional :skype, type: String, desc: 'The Skype username'
|
|
optional :linkedin, type: String, desc: 'The LinkedIn username'
|
|
optional :twitter, type: String, desc: 'The Twitter username'
|
|
optional :website_url, type: String, desc: 'The website of the user'
|
|
optional :organization, type: String, desc: 'The organization of the user'
|
|
optional :projects_limit, type: Integer, desc: 'The number of projects a user can create'
|
|
optional :extern_uid, type: String, desc: 'The external authentication provider UID'
|
|
optional :provider, type: String, desc: 'The external provider'
|
|
optional :bio, type: String, desc: 'The biography of the user'
|
|
optional :location, type: String, desc: 'The location of the user'
|
|
optional :admin, type: Boolean, desc: 'Flag indicating the user is an administrator'
|
|
optional :can_create_group, type: Boolean, desc: 'Flag indicating the user can create groups'
|
|
optional :confirm, type: Boolean, default: true, desc: 'Flag indicating the account needs to be confirmed'
|
|
optional :external, type: Boolean, desc: 'Flag indicating the user is an external user'
|
|
all_or_none_of :extern_uid, :provider
|
|
end
|
|
end
|
|
|
|
desc 'Create a user. Available only for admins.' do
|
|
success ::API::Entities::UserPublic
|
|
end
|
|
params do
|
|
requires :email, type: String, desc: 'The email of the user'
|
|
optional :password, type: String, desc: 'The password of the new user'
|
|
optional :reset_password, type: Boolean, desc: 'Flag indicating the user will be sent a password reset token'
|
|
at_least_one_of :password, :reset_password
|
|
requires :name, type: String, desc: 'The name of the user'
|
|
requires :username, type: String, desc: 'The username of the user'
|
|
use :optional_attributes
|
|
end
|
|
post do
|
|
authenticated_as_admin!
|
|
|
|
params = declared_params(include_missing: false)
|
|
user = ::Users::CreateService.new(current_user, params.merge!(skip_confirmation: !params[:confirm])).execute
|
|
|
|
if user.persisted?
|
|
present user, with: ::API::Entities::UserPublic
|
|
else
|
|
conflict!('Email has already been taken') if User
|
|
.where(email: user.email)
|
|
.count > 0
|
|
|
|
conflict!('Username has already been taken') if User
|
|
.where(username: user.username)
|
|
.count > 0
|
|
|
|
render_validation_error!(user)
|
|
end
|
|
end
|
|
|
|
desc 'Get the SSH keys of a specified user. Available only for admins.' do
|
|
success ::API::Entities::SSHKey
|
|
end
|
|
params do
|
|
requires :id, type: Integer, desc: 'The ID of the user'
|
|
use :pagination
|
|
end
|
|
get ':id/keys' do
|
|
authenticated_as_admin!
|
|
|
|
user = User.find_by(id: params[:id])
|
|
not_found!('User') unless user
|
|
|
|
present paginate(user.keys), with: ::API::Entities::SSHKey
|
|
end
|
|
|
|
desc 'Get the emails addresses of a specified user. Available only for admins.' do
|
|
success ::API::Entities::Email
|
|
end
|
|
params do
|
|
requires :id, type: Integer, desc: 'The ID of the user'
|
|
use :pagination
|
|
end
|
|
get ':id/emails' do
|
|
authenticated_as_admin!
|
|
user = User.find_by(id: params[:id])
|
|
not_found!('User') unless user
|
|
|
|
present user.emails, with: ::API::Entities::Email
|
|
end
|
|
|
|
desc 'Block a user. Available only for admins.'
|
|
params do
|
|
requires :id, type: Integer, desc: 'The ID of the user'
|
|
end
|
|
put ':id/block' do
|
|
authenticated_as_admin!
|
|
user = User.find_by(id: params[:id])
|
|
not_found!('User') unless user
|
|
|
|
if !user.ldap_blocked?
|
|
user.block
|
|
else
|
|
forbidden!('LDAP blocked users cannot be modified by the API')
|
|
end
|
|
end
|
|
|
|
desc 'Unblock a user. Available only for admins.'
|
|
params do
|
|
requires :id, type: Integer, desc: 'The ID of the user'
|
|
end
|
|
put ':id/unblock' do
|
|
authenticated_as_admin!
|
|
user = User.find_by(id: params[:id])
|
|
not_found!('User') unless user
|
|
|
|
if user.ldap_blocked?
|
|
forbidden!('LDAP blocked users cannot be unblocked by the API')
|
|
else
|
|
user.activate
|
|
end
|
|
end
|
|
|
|
desc 'Get the contribution events of a specified user' do
|
|
detail 'This feature was introduced in GitLab 8.13.'
|
|
success ::API::V3::Entities::Event
|
|
end
|
|
params do
|
|
requires :id, type: Integer, desc: 'The ID of the user'
|
|
use :pagination
|
|
end
|
|
get ':id/events' do
|
|
user = User.find_by(id: params[:id])
|
|
not_found!('User') unless user
|
|
|
|
events = user.events
|
|
.merge(ProjectsFinder.new(current_user: current_user).execute)
|
|
.references(:project)
|
|
.with_associations
|
|
.recent
|
|
|
|
present paginate(events), with: ::API::V3::Entities::Event
|
|
end
|
|
|
|
desc 'Delete an existing SSH key from a specified user. Available only for admins.' do
|
|
success ::API::Entities::SSHKey
|
|
end
|
|
params do
|
|
requires :id, type: Integer, desc: 'The ID of the user'
|
|
requires :key_id, type: Integer, desc: 'The ID of the SSH key'
|
|
end
|
|
delete ':id/keys/:key_id' do
|
|
authenticated_as_admin!
|
|
|
|
user = User.find_by(id: params[:id])
|
|
not_found!('User') unless user
|
|
|
|
key = user.keys.find_by(id: params[:key_id])
|
|
not_found!('Key') unless key
|
|
|
|
present key.destroy, with: ::API::Entities::SSHKey
|
|
end
|
|
end
|
|
|
|
resource :user do
|
|
desc "Get the currently authenticated user's SSH keys" do
|
|
success ::API::Entities::SSHKey
|
|
end
|
|
params do
|
|
use :pagination
|
|
end
|
|
get "keys" do
|
|
present current_user.keys, with: ::API::Entities::SSHKey
|
|
end
|
|
|
|
desc "Get the currently authenticated user's email addresses" do
|
|
success ::API::Entities::Email
|
|
end
|
|
get "emails" do
|
|
present current_user.emails, with: ::API::Entities::Email
|
|
end
|
|
|
|
desc 'Delete an SSH key from the currently authenticated user' do
|
|
success ::API::Entities::SSHKey
|
|
end
|
|
params do
|
|
requires :key_id, type: Integer, desc: 'The ID of the SSH key'
|
|
end
|
|
delete "keys/:key_id" do
|
|
key = current_user.keys.find_by(id: params[:key_id])
|
|
not_found!('Key') unless key
|
|
|
|
present key.destroy, with: ::API::Entities::SSHKey
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|