diff options
| author | Douwe Maan <douwe@gitlab.com> | 2018-04-23 09:53:42 +0000 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2018-04-23 09:53:42 +0000 |
| commit | f81b1a24ede28ddcc95c25be113222f9e26e5a6d (patch) | |
| tree | b77b2ae5ca37054545db36a3b1c27c419f33d97b | |
| parent | 9b3085b4ef57612908f1089b553d6e34d7bf2ee9 (diff) | |
| parent | 04716cb0e7bb6708fd625f42a9ae802c510f1df5 (diff) | |
| download | gitlab-ce-f81b1a24ede28ddcc95c25be113222f9e26e5a6d.tar.gz | |
Merge branch 'dz-add-2fa-filter-admin-api' into 'master'
Add 2FA filter to users API for admins only
See merge request gitlab-org/gitlab-ce!18503
| -rw-r--r-- | app/finders/users_finder.rb | 12 | ||||
| -rw-r--r-- | changelogs/unreleased/dz-add-2fa-filter-admin-api.yml | 5 | ||||
| -rw-r--r-- | doc/api/users.md | 1 | ||||
| -rw-r--r-- | lib/api/users.rb | 2 | ||||
| -rw-r--r-- | spec/requests/api/users_spec.rb | 12 |
5 files changed, 31 insertions, 1 deletions
diff --git a/app/finders/users_finder.rb b/app/finders/users_finder.rb index edde8022ec9..65824a51919 100644 --- a/app/finders/users_finder.rb +++ b/app/finders/users_finder.rb @@ -32,6 +32,7 @@ class UsersFinder users = by_active(users) users = by_external_identity(users) users = by_external(users) + users = by_2fa(users) users = by_created_at(users) users = by_custom_attributes(users) @@ -76,4 +77,15 @@ class UsersFinder users.external end + + def by_2fa(users) + case params[:two_factor] + when 'enabled' + users.with_two_factor + when 'disabled' + users.without_two_factor + else + users + end + end end diff --git a/changelogs/unreleased/dz-add-2fa-filter-admin-api.yml b/changelogs/unreleased/dz-add-2fa-filter-admin-api.yml new file mode 100644 index 00000000000..df479e69380 --- /dev/null +++ b/changelogs/unreleased/dz-add-2fa-filter-admin-api.yml @@ -0,0 +1,5 @@ +--- +title: Add 2FA filter to users API for admins only +merge_request: 18503 +author: +type: changed diff --git a/doc/api/users.md b/doc/api/users.md index a4447e32908..ca5afa04687 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -55,6 +55,7 @@ GET /users | --------- | ---- | -------- | ----------- | | `order_by` | string | no | Return projects ordered by `id`, `name`, `username`, `created_at`, or `updated_at` fields. Default is `id` | | `sort` | string | no | Return projects sorted in `asc` or `desc` order. Default is `desc` | +| `two_factor` | string | no | Filter users by Two-factor authentication. Filter values are `enabled` or `disabled`. By default it returns all users | ```json [ diff --git a/lib/api/users.rb b/lib/api/users.rb index 3920171205f..14b8a796c8e 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -77,7 +77,7 @@ module API authenticated_as_admin! if params[:external].present? || (params[:extern_uid].present? && params[:provider].present?) unless current_user&.admin? - params.except!(:created_after, :created_before, :order_by, :sort) + params.except!(:created_after, :created_before, :order_by, :sort, :two_factor) end users = UsersFinder.new(current_user, params).execute diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index f406d2ffb22..e8196980a8c 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -212,6 +212,18 @@ describe API::Users do expect(json_response.last['id']).to eq(user.id) end + it 'returns users with 2fa enabled' do + admin + user + user_with_2fa = create(:user, :two_factor_via_otp) + + get api('/users', admin), { two_factor: 'enabled' } + + expect(response).to match_response_schema('public_api/v4/user/admins') + expect(json_response.size).to eq(1) + expect(json_response.first['id']).to eq(user_with_2fa.id) + end + it 'returns 400 when provided incorrect sort params' do get api('/users', admin), { order_by: 'magic', sort: 'asc' } |