Merge remote-tracking branch 'origin/personal_access_token_api_and_impersonation_token'

author: Douwe Maan <douwe@selenight.nl> 2017-03-07 09:29:55 -0600
committer: Douwe Maan <douwe@selenight.nl> 2017-03-07 09:29:55 -0600
commit: 6a52cda31da4becc3e342530a2bdf0868d8921cc (patch)
tree: c1dda64455fb29597100513596ae02f1d1946089 /lib/api
parent: 61cfe6dea6f2d6725771a0f341e70975cf91c7f7 (diff)
parent: 005749a616c19b90d6ec0415df9ae5e35151e33c (diff)
download: gitlab-ce-6a52cda31da4becc3e342530a2bdf0868d8921cc.tar.gz
2 files changed, 91 insertions, 0 deletions
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index c8f21fc9ca8..0a12ee72d49 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -706,6 +706,22 @@ module API
       expose :active?, as: :active
     end
 
+    class PersonalAccessToken < Grape::Entity
+      expose :id, :name, :revoked, :created_at, :scopes
+      expose :active?, as: :active
+      expose :expires_at do |personal_access_token|
+        personal_access_token.expires_at ? personal_access_token.expires_at.strftime("%Y-%m-%d") : nil
+      end
+    end
+
+    class PersonalAccessTokenWithToken < PersonalAccessToken
+      expose :token
+    end
+
+    class ImpersonationToken < PersonalAccessTokenWithToken
+      expose :impersonation
+    end
+
     module JobRequest
       class JobInfo < Grape::Entity
         expose :name, :stage
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 7bb4b76f830..549003f576a 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -9,6 +9,11 @@ module API
 
     resource :users, requirements: { uid: /[0-9]*/, id: /[0-9]*/ } do
       helpers do
+        def find_user(params)
+          id = params[:user_id] || params[:id]
+          User.find_by(id: id) || not_found!('User')
+        end
+
         params :optional_attributes do
           optional :skype, type: String, desc: 'The Skype username'
           optional :linkedin, type: String, desc: 'The LinkedIn username'
@@ -362,6 +367,76 @@ module API
 
         present paginate(events), with: Entities::Event
       end
+
+      params do
+        requires :user_id, type: Integer, desc: 'The ID of the user'
+      end
+      segment ':user_id' do
+        resource :impersonation_tokens do
+          helpers do
+            def finder(options = {})
+              user = find_user(params)
+              PersonalAccessTokensFinder.new({ user: user, impersonation: true }.merge(options))
+            end
+
+            def find_impersonation_token
+              finder.find_by(id: declared_params[:impersonation_token_id]) || not_found!('Impersonation Token')
+            end
+          end
+
+          before { authenticated_as_admin! }
+
+          desc 'Retrieve impersonation tokens. Available only for admins.' do
+            detail 'This feature was introduced in GitLab 9.0'
+            success Entities::ImpersonationToken
+          end
+          params do
+            use :pagination
+            optional :state, type: String, default: 'all', values: %w[all active inactive], desc: 'Filters (all|active|inactive) impersonation_tokens'
+          end
+          get { present paginate(finder(declared_params(include_missing: false)).execute), with: Entities::ImpersonationToken }
+
+          desc 'Create a impersonation token. Available only for admins.' do
+            detail 'This feature was introduced in GitLab 9.0'
+            success Entities::ImpersonationToken
+          end
+          params do
+            requires :name, type: String, desc: 'The name of the impersonation token'
+            optional :expires_at, type: Date, desc: 'The expiration date in the format YEAR-MONTH-DAY of the impersonation token'
+            optional :scopes, type: Array, desc: 'The array of scopes of the impersonation token'
+          end
+          post do
+            impersonation_token = finder.build(declared_params(include_missing: false))
+
+            if impersonation_token.save
+              present impersonation_token, with: Entities::ImpersonationToken
+            else
+              render_validation_error!(impersonation_token)
+            end
+          end
+
+          desc 'Retrieve impersonation token. Available only for admins.' do
+            detail 'This feature was introduced in GitLab 9.0'
+            success Entities::ImpersonationToken
+          end
+          params do
+            requires :impersonation_token_id, type: Integer, desc: 'The ID of the impersonation token'
+          end
+          get ':impersonation_token_id' do
+            present find_impersonation_token, with: Entities::ImpersonationToken
+          end
+
+          desc 'Revoke a impersonation token. Available only for admins.' do
+            detail 'This feature was introduced in GitLab 9.0'
+          end
+          params do
+            requires :impersonation_token_id, type: Integer, desc: 'The ID of the impersonation token'
+          end
+          delete ':impersonation_token_id' do
+            find_impersonation_token.revoke!
+          end
+        end
+      end
     end
 
     resource :user do
author	Douwe Maan <douwe@selenight.nl>	2017-03-07 09:29:55 -0600
committer	Douwe Maan <douwe@selenight.nl>	2017-03-07 09:29:55 -0600
commit	6a52cda31da4becc3e342530a2bdf0868d8921cc (patch)
tree	c1dda64455fb29597100513596ae02f1d1946089 /lib/api
parent	61cfe6dea6f2d6725771a0f341e70975cf91c7f7 (diff)
parent	005749a616c19b90d6ec0415df9ae5e35151e33c (diff)
download	gitlab-ce-6a52cda31da4becc3e342530a2bdf0868d8921cc.tar.gz