add impersonation token

author: Simon Vocella <voxsim@gmail.com> 2016-12-28 17:19:08 +0100
committer: Tiago Botelho <tiagonbotelho@hotmail.com> 2017-02-28 22:15:39 +0000
commit: a3dfb58e7f1b1a3df4a4c16b2d09e50831370a69 (patch)
tree: e97662cc1d8ec3691184316f71e942bb6476249c /lib/api/users.rb
parent: 81246e5649a8fb9e73369cbd117505a546d7e807 (diff)
download: gitlab-ce-a3dfb58e7f1b1a3df4a4c16b2d09e50831370a69.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 450d678061e..2b48da6ea99 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -367,6 +367,7 @@ module API
       params do
         requires :user_id, type: Integer
         optional :state, type: String, default: 'all', values: %w[all active inactive], desc: 'Filters (all|active|inactive) personal_access_tokens'
+        optional :impersonation, type: Boolean, default: false, desc: 'Filters only impersonation personal_access_token'
       end
       get ':user_id/personal_access_tokens' do
         authenticated_as_admin!
@@ -374,7 +375,8 @@ module API
         user = User.find_by(id: params[:user_id])
         not_found!('User') unless user
 
-        personal_access_tokens = user.personal_access_tokens
+        personal_access_tokens = PersonalAccessToken.and_impersonation_tokens.where(user_id: user.id)
+        personal_access_tokens = personal_access_tokens.impersonation if params[:impersonation]
 
         case params[:state]
         when "active"
@@ -392,6 +394,7 @@ module API
         requires :name, type: String, desc: 'The name of the personal access token'
         optional :expires_at, type: Date, desc: 'The expiration date in the format YEAR-MONTH-DAY of the personal access token'
         optional :scopes, type: Array, desc: 'The array of scopes of the personal access token'
+        optional :impersonation, type: Boolean, default: false, desc: 'The impersonation flag of the personal access token'
       end
       post ':user_id/personal_access_tokens' do
         authenticated_as_admin!
@@ -419,7 +422,7 @@ module API
         user = User.find_by(id: params[:user_id])
         not_found!('User') unless user
 
-        personal_access_token = PersonalAccessToken.find_by(id: params[:personal_access_token_id])
+        personal_access_token = PersonalAccessToken.and_impersonation_tokens.find_by(user_id: user.id, id: params[:personal_access_token_id])
         not_found!('PersonalAccessToken') unless personal_access_token
 
         personal_access_token.revoke!
author	Simon Vocella <voxsim@gmail.com>	2016-12-28 17:19:08 +0100
committer	Tiago Botelho <tiagonbotelho@hotmail.com>	2017-02-28 22:15:39 +0000
commit	a3dfb58e7f1b1a3df4a4c16b2d09e50831370a69 (patch)
tree	e97662cc1d8ec3691184316f71e942bb6476249c /lib/api/users.rb
parent	81246e5649a8fb9e73369cbd117505a546d7e807 (diff)
download	gitlab-ce-a3dfb58e7f1b1a3df4a4c16b2d09e50831370a69.tar.gz