diff options
author | Alex Lossent <alexandre.lossent@cern.ch> | 2015-10-12 15:24:00 +0200 |
---|---|---|
committer | Alex Lossent <alexandre.lossent@cern.ch> | 2015-10-12 15:24:00 +0200 |
commit | 024e34e94d973842cf02d9177e9ec52bd587ceee (patch) | |
tree | 228f5ce6d191f6771fd64aae1b2a85c795b71b79 /lib/api/entities.rb | |
parent | 5ffbf5feb7577ec3affc32992c79cddca3036c4d (diff) | |
download | gitlab-ce-024e34e94d973842cf02d9177e9ec52bd587ceee.tar.gz |
Hide passwords to non-admin users in the services API
In order to be consistent with !1490 doing it for the web interface
Diffstat (limited to 'lib/api/entities.rb')
-rw-r--r-- | lib/api/entities.rb | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 9620d36ac41..7a1e702c755 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -255,6 +255,18 @@ module API expose :notification_level end + class ProjectService < Grape::Entity + expose :id, :title, :created_at, :updated_at, :active + expose :push_events, :issues_events, :merge_requests_events, :tag_push_events, :note_events + # Expose serialized properties + expose :properties do |service, options| + field_names = service.fields. + select { |field| options[:include_passwords] || field[:type] != 'password' }. + map { |field| field[:name] } + service.properties.slice(*field_names) + end + end + class ProjectWithAccess < Project expose :permissions do expose :project_access, using: Entities::ProjectAccess do |project, options| |