diff options
author | Rémy Coutable <remy@rymai.me> | 2017-02-23 16:34:55 +0000 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2017-02-23 16:34:55 +0000 |
commit | 70997dea84ea0aa1392e6483fac014085975d1c4 (patch) | |
tree | f4bb7d6dfc9244f4a62c2f8ba597a0a4c495afc0 | |
parent | f6443a4564301c0f7428fc00e684e9fcc386fb46 (diff) | |
parent | da67dca14b926f09a64a2dc40777105393f572cb (diff) | |
download | gitlab-ce-70997dea84ea0aa1392e6483fac014085975d1c4.tar.gz |
Merge branch 'api-remove-attributes_for_keys' into 'master'
Use grape validation in the members API.
See merge request !9471
-rw-r--r-- | lib/api/members.rb | 7 | ||||
-rw-r--r-- | lib/api/v3/members.rb | 7 |
2 files changed, 6 insertions, 8 deletions
diff --git a/lib/api/members.rb b/lib/api/members.rb index d1d78775c6d..8360c007005 100644 --- a/lib/api/members.rb +++ b/lib/api/members.rb @@ -79,13 +79,12 @@ module API optional :expires_at, type: DateTime, desc: 'Date string in the format YEAR-MONTH-DAY' end put ":id/members/:user_id" do - source = find_source(source_type, params[:id]) + source = find_source(source_type, params.delete(:id)) authorize_admin_source!(source_type, source) - member = source.members.find_by!(user_id: params[:user_id]) - attrs = attributes_for_keys [:access_level, :expires_at] + member = source.members.find_by!(user_id: params.delete(:user_id)) - if member.update_attributes(attrs) + if member.update_attributes(declared_params(include_missing: false)) present member.user, with: Entities::Member, member: member else # This is to ensure back-compatibility but 400 behavior should be used diff --git a/lib/api/v3/members.rb b/lib/api/v3/members.rb index 4e6cb2e3c52..19f276d5484 100644 --- a/lib/api/v3/members.rb +++ b/lib/api/v3/members.rb @@ -86,13 +86,12 @@ module API optional :expires_at, type: DateTime, desc: 'Date string in the format YEAR-MONTH-DAY' end put ":id/members/:user_id" do - source = find_source(source_type, params[:id]) + source = find_source(source_type, params.delete(:id)) authorize_admin_source!(source_type, source) - member = source.members.find_by!(user_id: params[:user_id]) - attrs = attributes_for_keys [:access_level, :expires_at] + member = source.members.find_by!(user_id: params.delete(:user_id)) - if member.update_attributes(attrs) + if member.update_attributes(declared_params(include_missing: false)) present member.user, with: ::API::Entities::Member, member: member else # This is to ensure back-compatibility but 400 behavior should be used |