1 files changed, 28 insertions, 14 deletions

diff --git a/lib/api/users.rb b/lib/api/users.rb
index a4201fe6fed..3d83720b7b9 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -37,11 +37,16 @@ module API
         success Entities::UserBasic
       end
       params do
+        # CE
         optional :username, type: String, desc: 'Get a single user with a specific username'
+        optional :extern_uid, type: String, desc: 'Get a single user with a specific external authentication provider UID'
+        optional :provider, type: String, desc: 'The external provider'
         optional :search, type: String, desc: 'Search for a username'
         optional :active, type: Boolean, default: false, desc: 'Filters only active users'
         optional :external, type: Boolean, default: false, desc: 'Filters only external users'
         optional :blocked, type: Boolean, default: false, desc: 'Filters only blocked users'
+        all_or_none_of :extern_uid, :provider
+
         use :pagination
       end
       get do
@@ -49,17 +54,11 @@ module API
           render_api_error!("Not authorized.", 403)
         end
 
-        if params[:username].present?
-          users = User.where(username: params[:username])
-        else
-          users = User.all
-          users = users.active if params[:active]
-          users = users.search(params[:search]) if params[:search].present?
-          users = users.blocked if params[:blocked]
-          users = users.external if params[:external] && current_user.is_admin?
-        end
+        authenticated_as_admin! if params[:external].present? || (params[:extern_uid].present? && params[:provider].present?)
 
-        entity = current_user.is_admin? ? Entities::UserPublic : Entities::UserBasic
+        users = UsersFinder.new(current_user, params).execute
+
+        entity = current_user.admin? ? Entities::UserPublic : Entities::UserBasic
         present paginate(users), with: entity
       end
 
@@ -73,7 +72,7 @@ module API
         user = User.find_by(id: params[:id])
         not_found!('User') unless user
 
-        if current_user && current_user.is_admin?
+        if current_user && current_user.admin?
           present user, with: Entities::UserPublic
         elsif can?(current_user, :read_user, user)
           present user, with: Entities::User
@@ -293,7 +292,7 @@ module API
         user = User.find_by(id: params[:id])
         not_found!('User') unless user
 
-        ::Users::DestroyService.new(current_user).execute(user)
+        DeleteUserWorker.perform_async(current_user.id, user.id)
       end
 
       desc 'Block a user. Available only for admins.'
@@ -341,7 +340,7 @@ module API
         not_found!('User') unless user
 
         events = user.events.
-          merge(ProjectsFinder.new.execute(current_user)).
+          merge(ProjectsFinder.new(current_user: current_user).execute).
           references(:project).
           with_associations.
           recent
@@ -425,7 +424,7 @@ module API
         success Entities::UserPublic
       end
       get do
-        present current_user, with: sudo? ? Entities::UserWithPrivateToken : Entities::UserPublic
+        present current_user, with: sudo? ? Entities::UserWithPrivateDetails : Entities::UserPublic
       end
 
       desc "Get the currently authenticated user's SSH keys" do
@@ -532,6 +531,21 @@ module API
         email.destroy
         current_user.update_secondary_emails!
       end
+
+      desc 'Get a list of user activities'
+      params do
+        optional :from, type: DateTime, default: 6.months.ago, desc: 'Date string in the format YEAR-MONTH-DAY'
+        use :pagination
+      end
+      get "activities" do
+        authenticated_as_admin!
+
+        activities = User.
+          where(User.arel_table[:last_activity_on].gteq(params[:from])).
+          reorder(last_activity_on: :asc)
+
+        present paginate(activities), with: Entities::UserActivity
+      end
     end
   end
 end