summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSean McGivern <sean@mcgivern.me.uk>2016-11-09 17:13:21 +0000
committerSean McGivern <sean@mcgivern.me.uk>2016-11-09 17:13:21 +0000
commit2976ad40f83e97e5e3628c32db1a06edafe21a72 (patch)
treea18a349437f717cf8907750ba9acf4129aab8f84
parent0d73e491801e52b59293ffb5eec4e556ec54c735 (diff)
parenta0aaf93fe591215a7fc29a52ff6cbd38604c8dcb (diff)
downloadgitlab-ce-2976ad40f83e97e5e3628c32db1a06edafe21a72.tar.gz
Merge branch '23731-add-param-to-user-api' into 'master'
Add query param to filter users by 'external' & 'blocked' type on API Closes #23731 See merge request !7109
-rw-r--r--changelogs/unreleased/23731-add-param-to-user-api.yml4
-rw-r--r--doc/api/users.md14
-rw-r--r--lib/api/users.rb7
-rw-r--r--spec/requests/api/users_spec.rb21
4 files changed, 45 insertions, 1 deletions
diff --git a/changelogs/unreleased/23731-add-param-to-user-api.yml b/changelogs/unreleased/23731-add-param-to-user-api.yml
new file mode 100644
index 00000000000..e31029ffb27
--- /dev/null
+++ b/changelogs/unreleased/23731-add-param-to-user-api.yml
@@ -0,0 +1,4 @@
+---
+title: Add query param to filter users by external & blocked type
+merge_request: 7109
+author: Yatish Mehta
diff --git a/doc/api/users.md b/doc/api/users.md
index a50ba5432fe..041df07c051 100644
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -33,6 +33,18 @@ GET /users
]
```
+In addition, you can filter users based on states eg. `blocked`, `active`
+This works only to filter users who are `blocked` or `active`.
+It does not support `active=false` or `blocked=false`.
+
+```
+GET /users?active=true
+```
+
+```
+GET /users?blocked=true
+```
+
### For admins
```
@@ -120,6 +132,8 @@ For example:
GET /users?username=jack_smith
```
+You can search for users who are external with: `/users?external=true`
+
## Single user
Get a single user.
diff --git a/lib/api/users.rb b/lib/api/users.rb
index c28e07a76b7..298c401a816 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -10,6 +10,9 @@ module API
# GET /users
# GET /users?search=Admin
# GET /users?username=root
+ # GET /users?active=true
+ # GET /users?external=true
+ # GET /users?blocked=true
get do
unless can?(current_user, :read_users_list, nil)
render_api_error!("Not authorized.", 403)
@@ -19,8 +22,10 @@ module API
@users = User.where(username: params[:username])
else
@users = User.all
- @users = @users.active if params[:active].present?
+ @users = @users.active if to_boolean(params[:active])
@users = @users.search(params[:search]) if params[:search].present?
+ @users = @users.blocked if to_boolean(params[:blocked])
+ @users = @users.external if to_boolean(params[:external]) && current_user.is_admin?
@users = paginate @users
end
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index ae8639d78d5..34d1f557e4b 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -48,6 +48,17 @@ describe API::API, api: true do
end['username']).to eq(username)
end
+ it "returns an array of blocked users" do
+ ldap_blocked_user
+ create(:user, state: 'blocked')
+
+ get api("/users?blocked=true", user)
+
+ expect(response).to have_http_status(200)
+ expect(json_response).to be_an Array
+ expect(json_response).to all(include('state' => /(blocked|ldap_blocked)/))
+ end
+
it "returns one user" do
get api("/users?username=#{omniauth_user.username}", user)
expect(response).to have_http_status(200)
@@ -69,6 +80,16 @@ describe API::API, api: true do
expect(json_response.first.keys).to include 'last_sign_in_at'
expect(json_response.first.keys).to include 'confirmed_at'
end
+
+ it "returns an array of external users" do
+ create(:user, external: true)
+
+ get api("/users?external=true", admin)
+
+ expect(response).to have_http_status(200)
+ expect(json_response).to be_an Array
+ expect(json_response).to all(include('external' => true))
+ end
end
end