Hide passwords to non-admin users in the services API

In order to be consistent with !1490 doing it for the web interface
author: Alex Lossent <alexandre.lossent@cern.ch> 2015-10-12 15:24:00 +0200
committer: Alex Lossent <alexandre.lossent@cern.ch> 2015-10-12 15:24:00 +0200
commit: 024e34e94d973842cf02d9177e9ec52bd587ceee (patch)
tree: 228f5ce6d191f6771fd64aae1b2a85c795b71b79 /lib/api/entities.rb
parent: 5ffbf5feb7577ec3affc32992c79cddca3036c4d (diff)
download: gitlab-ce-024e34e94d973842cf02d9177e9ec52bd587ceee.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 9620d36ac41..7a1e702c755 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -255,6 +255,18 @@ module API
       expose :notification_level
     end
 
+    class ProjectService < Grape::Entity
+      expose :id, :title, :created_at, :updated_at, :active
+      expose :push_events, :issues_events, :merge_requests_events, :tag_push_events, :note_events
+      # Expose serialized properties
+      expose :properties do |service, options|
+        field_names = service.fields.
+          select { |field| options[:include_passwords] || field[:type] != 'password' }.
+          map { |field| field[:name] }
+        service.properties.slice(*field_names)
+      end
+    end
+
     class ProjectWithAccess < Project
       expose :permissions do
         expose :project_access, using: Entities::ProjectAccess do |project, options|
author	Alex Lossent <alexandre.lossent@cern.ch>	2015-10-12 15:24:00 +0200
committer	Alex Lossent <alexandre.lossent@cern.ch>	2015-10-12 15:24:00 +0200
commit	024e34e94d973842cf02d9177e9ec52bd587ceee (patch)
tree	228f5ce6d191f6771fd64aae1b2a85c795b71b79 /lib/api/entities.rb
parent	5ffbf5feb7577ec3affc32992c79cddca3036c4d (diff)
download	gitlab-ce-024e34e94d973842cf02d9177e9ec52bd587ceee.tar.gz