diff options
| author | Tomasz Maczukin <tomasz@maczukin.pl> | 2016-01-14 13:30:18 +0100 |
|---|---|---|
| committer | Tomasz Maczukin <tomasz@maczukin.pl> | 2016-01-14 13:30:18 +0100 |
| commit | 405b82af230921db7b1510183063b126ef908e46 (patch) | |
| tree | 74fcf1452c271f5ee97c7ad139d4ae91b2c37766 /lib/api/users.rb | |
| parent | 6a98fb03e708070641f9fce0eaad761e859a5099 (diff) | |
| parent | f981da44ab88012db984e1457170067b345660c1 (diff) | |
| download | gitlab-ce-405b82af230921db7b1510183063b126ef908e46.tar.gz | |
Merge branch 'master' into ci/api-builds
* master: (51 commits)
Fix version
Fix specs and rubocop warnings
Improve the consistency of commit titles, branch names, tag names, issue/MR titles, on their respective project pages
fixed LDAP activation on login to use new ldap_blocked state
Fix Admin/Users view to position buttons without spacing magic
Update to Go 1.5.3
Fix the undefinded variable error in Project's safe_import_url method
Update CHANGELOG [ci skip]
Add some cosmetic changes to variables API documentation [ci skip]
Fix misaligned edit button in milestone collection partial
Update button styles for Milestones#show
Modify builds API documentation style [ci skip]
Modify :ci_variable factory
Ensure the API doesn't return notes that the current user shouldn't see
Add 'Build' prefix to Variables entry name in API docs index
Fix some typos
Add spec for Note#cross_reference_not_visible_for?
Remove (invalid) timestamp formatting
Move `BroadcastMessage#status` to a helper since it's presentational
Update CHANGELOG
...
Conflicts:
doc/api/README.md
lib/api/api.rb
lib/api/entities.rb
Diffstat (limited to 'lib/api/users.rb')
| -rw-r--r-- | lib/api/users.rb | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/lib/api/users.rb b/lib/api/users.rb index 0d7813428e2..fd2128bd179 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -284,10 +284,12 @@ module API authenticated_as_admin! user = User.find_by(id: params[:id]) - if user + if !user + not_found!('User') + elsif !user.ldap_blocked? user.block else - not_found!('User') + forbidden!('LDAP blocked users cannot be modified by the API') end end @@ -299,10 +301,12 @@ module API authenticated_as_admin! user = User.find_by(id: params[:id]) - if user - user.activate - else + if !user not_found!('User') + elsif user.ldap_blocked? + forbidden!('LDAP blocked users cannot be unblocked by the API') + else + user.activate end end end |