diff options
Diffstat (limited to 'spec/requests/api/users_spec.rb')
| -rw-r--r-- | spec/requests/api/users_spec.rb | 426 |
1 files changed, 200 insertions, 226 deletions
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 37cb95a16e3..634c8dae0ba 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -23,8 +23,7 @@ describe API::Users do it "returns the user when a valid `username` parameter is passed" do get api("/users"), username: user.username - expect(response).to have_gitlab_http_status(200) - expect(json_response).to be_an Array + expect(response).to match_response_schema('public_api/v4/user/basics') expect(json_response.size).to eq(1) expect(json_response[0]['id']).to eq(user.id) expect(json_response[0]['username']).to eq(user.username) @@ -68,7 +67,7 @@ describe API::Users do it "renders 200" do get api("/users", user) - expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/basics') end end @@ -76,7 +75,7 @@ describe API::Users do it "renders 200" do get api("/users", admin) - expect(response).to have_gitlab_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/basics') end end end @@ -84,9 +83,8 @@ describe API::Users do it "returns an array of users" do get api("/users", user) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/basics') expect(response).to include_pagination_headers - expect(json_response).to be_an Array username = user.username expect(json_response.detect do |user| user['username'] == username @@ -99,49 +97,48 @@ describe API::Users do get api("/users?blocked=true", user) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/basics') expect(response).to include_pagination_headers - expect(json_response).to be_an Array expect(json_response).to all(include('state' => /(blocked|ldap_blocked)/)) end it "returns one user" do get api("/users?username=#{omniauth_user.username}", user) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/basics') expect(response).to include_pagination_headers - expect(json_response).to be_an Array expect(json_response.first['username']).to eq(omniauth_user.username) end it "returns a 403 when non-admin user searches by external UID" do get api("/users?extern_uid=#{omniauth_user.identities.first.extern_uid}&provider=#{omniauth_user.identities.first.provider}", user) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) end it 'does not reveal the `is_admin` flag of the user' do get api('/users', user) + expect(response).to match_response_schema('public_api/v4/user/basics') expect(json_response.first.keys).not_to include 'is_admin' end end context "when admin" do + context 'when sudo is defined' do + it 'does not return 500' do + admin_personal_access_token = create(:personal_access_token, user: admin, scopes: [:sudo]) + get api("/users?sudo=#{user.id}", admin, personal_access_token: admin_personal_access_token) + + expect(response).to have_gitlab_http_status(:success) + end + end + it "returns an array of users" do get api("/users", admin) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/admins') expect(response).to include_pagination_headers - expect(json_response).to be_an Array - expect(json_response.first.keys).to include 'email' - expect(json_response.first.keys).to include 'organization' - expect(json_response.first.keys).to include 'identities' - expect(json_response.first.keys).to include 'can_create_project' - expect(json_response.first.keys).to include 'two_factor_enabled' - expect(json_response.first.keys).to include 'last_sign_in_at' - expect(json_response.first.keys).to include 'confirmed_at' - expect(json_response.first.keys).to include 'is_admin' end it "returns an array of external users" do @@ -149,17 +146,15 @@ describe API::Users do get api("/users?external=true", admin) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/admins') expect(response).to include_pagination_headers - expect(json_response).to be_an Array expect(json_response).to all(include('external' => true)) end it "returns one user by external UID" do get api("/users?extern_uid=#{omniauth_user.identities.first.extern_uid}&provider=#{omniauth_user.identities.first.provider}", admin) - expect(response).to have_http_status(200) - expect(json_response).to be_an Array + expect(response).to match_response_schema('public_api/v4/user/admins') expect(json_response.size).to eq(1) expect(json_response.first['username']).to eq(omniauth_user.username) end @@ -167,13 +162,13 @@ describe API::Users do it "returns 400 error if provider with no extern_uid" do get api("/users?extern_uid=#{omniauth_user.identities.first.extern_uid}", admin) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end it "returns 400 error if provider with no extern_uid" do get api("/users?provider=#{omniauth_user.identities.first.provider}", admin) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end it "returns a user created before a specific date" do @@ -181,7 +176,7 @@ describe API::Users do get api("/users?created_before=2000-01-02T00:00:00.060Z", admin) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/admins') expect(json_response.size).to eq(1) expect(json_response.first['username']).to eq(user.username) end @@ -191,7 +186,7 @@ describe API::Users do get api("/users?created_before=2000-01-02T00:00:00.060Z", admin) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/admins') expect(json_response.size).to eq(0) end @@ -200,7 +195,7 @@ describe API::Users do get api("/users?created_before=2001-01-02T00:00:00.060Z&created_after=1999-01-02T00:00:00.060", admin) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/admins') expect(json_response.size).to eq(1) expect(json_response.first['username']).to eq(user.username) end @@ -211,22 +206,22 @@ describe API::Users do it "returns a user by id" do get api("/users/#{user.id}", user) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/basic') expect(json_response['username']).to eq(user.username) end it "does not return the user's `is_admin` flag" do get api("/users/#{user.id}", user) - expect(response).to have_http_status(200) - expect(json_response['is_admin']).to be_nil + expect(response).to match_response_schema('public_api/v4/user/basic') + expect(json_response.keys).not_to include 'is_admin' end context 'when authenticated as admin' do it 'includes the `is_admin` field' do get api("/users/#{user.id}", admin) - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/admin') expect(json_response['is_admin']).to be(false) end end @@ -235,7 +230,7 @@ describe API::Users do it "returns a user by id" do get api("/users/#{user.id}") - expect(response).to have_http_status(200) + expect(response).to match_response_schema('public_api/v4/user/basic') expect(json_response['username']).to eq(user.username) end @@ -245,20 +240,21 @@ describe API::Users do get api("/users/#{user.id}") - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end it "returns a 404 error if user id not found" do get api("/users/9999", user) - expect(response).to have_http_status(404) + + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it "returns a 404 for invalid ID" do get api("/users/1ASDF", user) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -275,7 +271,7 @@ describe API::Users do it "creates user with correct attributes" do post api('/users', admin), attributes_for(:user, admin: true, can_create_group: true) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) user_id = json_response['id'] new_user = User.find(user_id) expect(new_user).not_to eq(nil) @@ -289,12 +285,12 @@ describe API::Users do post api('/users', admin), attributes - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) end it "creates non-admin user" do post api('/users', admin), attributes_for(:user, admin: false, can_create_group: false) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) user_id = json_response['id'] new_user = User.find(user_id) expect(new_user).not_to eq(nil) @@ -304,7 +300,7 @@ describe API::Users do it "creates non-admin users by default" do post api('/users', admin), attributes_for(:user) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) user_id = json_response['id'] new_user = User.find(user_id) expect(new_user).not_to eq(nil) @@ -313,12 +309,12 @@ describe API::Users do it "returns 201 Created on success" do post api("/users", admin), attributes_for(:user, projects_limit: 3) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) end it 'creates non-external users by default' do post api("/users", admin), attributes_for(:user) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) user_id = json_response['id'] new_user = User.find(user_id) @@ -328,7 +324,7 @@ describe API::Users do it 'allows an external user to be created' do post api("/users", admin), attributes_for(:user, external: true) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) user_id = json_response['id'] new_user = User.find(user_id) @@ -339,7 +335,7 @@ describe API::Users do it "creates user with reset password" do post api('/users', admin), attributes_for(:user, reset_password: true).except(:password) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) user_id = json_response['id'] new_user = User.find(user_id) @@ -353,27 +349,27 @@ describe API::Users do email: 'invalid email', password: 'password', name: 'test' - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end it 'returns 400 error if name not given' do post api('/users', admin), attributes_for(:user).except(:name) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end it 'returns 400 error if password not given' do post api('/users', admin), attributes_for(:user).except(:password) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end it 'returns 400 error if email not given' do post api('/users', admin), attributes_for(:user).except(:email) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end it 'returns 400 error if username not given' do post api('/users', admin), attributes_for(:user).except(:username) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end it 'returns 400 error if user does not validate' do @@ -384,7 +380,7 @@ describe API::Users do name: 'test', bio: 'g' * 256, projects_limit: -1 - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['message']['password']) .to eq(['is too short (minimum is 8 characters)']) expect(json_response['message']['bio']) @@ -397,7 +393,7 @@ describe API::Users do it "is not available for non admin users" do post api("/users", user), attributes_for(:user) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) end context 'with existing user' do @@ -417,7 +413,7 @@ describe API::Users do password: 'password', username: 'foo' end.to change { User.count }.by(0) - expect(response).to have_http_status(409) + expect(response).to have_gitlab_http_status(409) expect(json_response['message']).to eq('Email has already been taken') end @@ -429,14 +425,14 @@ describe API::Users do password: 'password', username: 'test' end.to change { User.count }.by(0) - expect(response).to have_http_status(409) + expect(response).to have_gitlab_http_status(409) expect(json_response['message']).to eq('Username has already been taken') end it 'creates user with new identity' do post api("/users", admin), attributes_for(:user, provider: 'github', extern_uid: '67890') - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) expect(json_response['identities'].first['extern_uid']).to eq('67890') expect(json_response['identities'].first['provider']).to eq('github') end @@ -454,7 +450,7 @@ describe API::Users do describe "GET /users/sign_up" do it "redirects to sign in page" do get "/users/sign_up" - expect(response).to have_http_status(302) + expect(response).to have_gitlab_http_status(302) expect(response).to redirect_to(new_user_session_path) end end @@ -469,7 +465,7 @@ describe API::Users do it "updates user with new bio" do put api("/users/#{user.id}", admin), { bio: 'new test bio' } - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response['bio']).to eq('new test bio') expect(user.reload.bio).to eq('new test bio') end @@ -477,14 +473,14 @@ describe API::Users do it "updates user with new password and forces reset on next login" do put api("/users/#{user.id}", admin), password: '12345678' - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(user.reload.password_expires_at).to be <= Time.now end it "updates user with organization" do put api("/users/#{user.id}", admin), { organization: 'GitLab' } - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response['organization']).to eq('GitLab') expect(user.reload.organization).to eq('GitLab') end @@ -495,14 +491,14 @@ describe API::Users do user.reload expect(user.avatar).to be_present - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response['avatar_url']).to include(user.avatar_path) end it 'updates user with his own email' do put api("/users/#{user.id}", admin), email: user.email - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response['email']).to eq(user.email) expect(user.reload.email).to eq(user.email) end @@ -510,14 +506,14 @@ describe API::Users do it 'updates user with a new email' do put api("/users/#{user.id}", admin), email: 'new@email.com' - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(user.reload.notification_email).to eq('new@email.com') end it 'updates user with his own username' do put api("/users/#{user.id}", admin), username: user.username - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response['username']).to eq(user.username) expect(user.reload.username).to eq(user.username) end @@ -525,14 +521,14 @@ describe API::Users do it "updates user's existing identity" do put api("/users/#{omniauth_user.id}", admin), provider: 'ldapmain', extern_uid: '654321' - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(omniauth_user.reload.identities.first.extern_uid).to eq('654321') end it 'updates user with new identity' do put api("/users/#{user.id}", admin), provider: 'github', extern_uid: 'john' - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(user.reload.identities.first.extern_uid).to eq('john') expect(user.reload.identities.first.provider).to eq('github') end @@ -540,7 +536,7 @@ describe API::Users do it "updates admin status" do put api("/users/#{user.id}", admin), { admin: true } - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(user.reload.admin).to eq(true) end @@ -555,7 +551,7 @@ describe API::Users do it "does not update admin status" do put api("/users/#{admin_user.id}", admin), { can_create_group: false } - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(admin_user.reload.admin).to eq(true) expect(admin_user.can_create_group).to eq(false) end @@ -563,7 +559,7 @@ describe API::Users do it "does not allow invalid update" do put api("/users/#{user.id}", admin), { email: 'invalid email' } - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(user.reload.email).not_to eq('invalid email') end @@ -573,21 +569,21 @@ describe API::Users do put api("/users/#{user.id}", user), attributes_for(:user) end.not_to change { user.reload.attributes } - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) end end it "returns 404 for non-existing user" do put api("/users/999999", admin), { bio: 'update should fail' } - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it "returns a 404 if invalid ID" do put api("/users/ASDF", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end it 'returns 400 error if user does not validate' do @@ -598,7 +594,7 @@ describe API::Users do name: 'test', bio: 'g' * 256, projects_limit: -1 - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['message']['password']) .to eq(['is too short (minimum is 8 characters)']) expect(json_response['message']['bio']) @@ -612,13 +608,13 @@ describe API::Users do it 'returns 400 if provider is missing for identity update' do put api("/users/#{omniauth_user.id}", admin), extern_uid: '654321' - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end it 'returns 400 if external UID is missing for identity update' do put api("/users/#{omniauth_user.id}", admin), provider: 'ldap' - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end context "with existing user" do @@ -631,7 +627,7 @@ describe API::Users do it 'returns 409 conflict error if email address exists' do put api("/users/#{@user.id}", admin), email: 'test@example.com' - expect(response).to have_http_status(409) + expect(response).to have_gitlab_http_status(409) expect(@user.reload.email).to eq(@user.email) end @@ -639,7 +635,7 @@ describe API::Users do @user_id = User.all.last.id put api("/users/#{@user.id}", admin), username: 'test' - expect(response).to have_http_status(409) + expect(response).to have_gitlab_http_status(409) expect(@user.reload.username).to eq(@user.username) end end @@ -653,14 +649,14 @@ describe API::Users do it "does not create invalid ssh key" do post api("/users/#{user.id}/keys", admin), { title: "invalid key" } - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('key is missing') end it 'does not create key without title' do post api("/users/#{user.id}/keys", admin), key: 'some key' - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('title is missing') end @@ -673,7 +669,7 @@ describe API::Users do it "returns 400 for invalid ID" do post api("/users/999999/keys", admin) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end end @@ -685,14 +681,14 @@ describe API::Users do context 'when unauthenticated' do it 'returns authentication error' do get api("/users/#{user.id}/keys") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end context 'when authenticated' do it 'returns 404 for non-existing user' do get api('/users/999999/keys', admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end @@ -702,7 +698,7 @@ describe API::Users do get api("/users/#{user.id}/keys", admin) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.first['title']).to eq(key.title) @@ -718,7 +714,7 @@ describe API::Users do context 'when unauthenticated' do it 'returns authentication error' do delete api("/users/#{user.id}/keys/42") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end @@ -730,7 +726,7 @@ describe API::Users do expect do delete api("/users/#{user.id}/keys/#{key.id}", admin) - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) end.to change { user.keys.count }.by(-1) end @@ -742,13 +738,13 @@ describe API::Users do user.keys << key user.save delete api("/users/999999/keys/#{key.id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it 'returns 404 error if key not foud' do delete api("/users/#{user.id}/keys/42", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Key Not Found') end end @@ -762,7 +758,7 @@ describe API::Users do it 'does not create invalid GPG key' do post api("/users/#{user.id}/gpg_keys", admin) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('key is missing') end @@ -771,14 +767,14 @@ describe API::Users do expect do post api("/users/#{user.id}/gpg_keys", admin), key_attrs - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) end.to change { user.gpg_keys.count }.by(1) end it 'returns 400 for invalid ID' do post api('/users/999999/gpg_keys', admin) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end end @@ -791,7 +787,7 @@ describe API::Users do it 'returns authentication error' do get api("/users/#{user.id}/gpg_keys") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end @@ -799,14 +795,14 @@ describe API::Users do it 'returns 404 for non-existing user' do get api('/users/999999/gpg_keys', admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it 'returns 404 error if key not foud' do delete api("/users/#{user.id}/gpg_keys/42", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 GPG Key Not Found') end @@ -816,7 +812,7 @@ describe API::Users do get api("/users/#{user.id}/gpg_keys", admin) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.first['key']).to eq(gpg_key.key) @@ -833,7 +829,7 @@ describe API::Users do it 'returns authentication error' do delete api("/users/#{user.id}/keys/42") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end @@ -845,7 +841,7 @@ describe API::Users do expect do delete api("/users/#{user.id}/gpg_keys/#{gpg_key.id}", admin) - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) end.to change { user.gpg_keys.count }.by(-1) end @@ -855,14 +851,14 @@ describe API::Users do delete api("/users/999999/gpg_keys/#{gpg_key.id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it 'returns 404 error if key not foud' do delete api("/users/#{user.id}/gpg_keys/42", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 GPG Key Not Found') end end @@ -877,7 +873,7 @@ describe API::Users do it 'returns authentication error' do post api("/users/#{user.id}/gpg_keys/42/revoke") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end @@ -889,7 +885,7 @@ describe API::Users do expect do post api("/users/#{user.id}/gpg_keys/#{gpg_key.id}/revoke", admin) - expect(response).to have_http_status(:accepted) + expect(response).to have_gitlab_http_status(:accepted) end.to change { user.gpg_keys.count }.by(-1) end @@ -899,14 +895,14 @@ describe API::Users do post api("/users/999999/gpg_keys/#{gpg_key.id}/revoke", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it 'returns 404 error if key not foud' do post api("/users/#{user.id}/gpg_keys/42/revoke", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 GPG Key Not Found') end end @@ -920,7 +916,7 @@ describe API::Users do it "does not create invalid email" do post api("/users/#{user.id}/emails", admin), {} - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('email is missing') end @@ -934,7 +930,7 @@ describe API::Users do it "returns a 400 for invalid ID" do post api("/users/999999/emails", admin) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end end @@ -946,14 +942,14 @@ describe API::Users do context 'when unauthenticated' do it 'returns authentication error' do get api("/users/#{user.id}/emails") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end context 'when authenticated' do it 'returns 404 for non-existing user' do get api('/users/999999/emails', admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end @@ -963,7 +959,7 @@ describe API::Users do get api("/users/#{user.id}/emails", admin) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.first['email']).to eq(email.email) @@ -972,7 +968,7 @@ describe API::Users do it "returns a 404 for invalid ID" do get api("/users/ASDF/emails", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end end @@ -985,7 +981,7 @@ describe API::Users do context 'when unauthenticated' do it 'returns authentication error' do delete api("/users/#{user.id}/emails/42") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end @@ -997,7 +993,7 @@ describe API::Users do expect do delete api("/users/#{user.id}/emails/#{email.id}", admin) - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) end.to change { user.emails.count }.by(-1) end @@ -1009,20 +1005,20 @@ describe API::Users do user.emails << email user.save delete api("/users/999999/emails/#{email.id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it 'returns 404 error if email not foud' do delete api("/users/#{user.id}/emails/42", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Email Not Found') end it "returns a 404 for invalid ID" do delete api("/users/ASDF/emails/bar", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end end @@ -1038,7 +1034,7 @@ describe API::Users do it "deletes user" do Sidekiq::Testing.inline! { delete api("/users/#{user.id}", admin) } - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) expect { User.find(user.id) }.to raise_error ActiveRecord::RecordNotFound expect { Namespace.find(namespace.id) }.to raise_error ActiveRecord::RecordNotFound end @@ -1049,31 +1045,31 @@ describe API::Users do it "does not delete for unauthenticated user" do Sidekiq::Testing.inline! { delete api("/users/#{user.id}") } - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end it "is not available for non admin users" do Sidekiq::Testing.inline! { delete api("/users/#{user.id}", user) } - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) end it "returns 404 for non-existing user" do Sidekiq::Testing.inline! { delete api("/users/999999", admin) } - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it "returns a 404 for invalid ID" do Sidekiq::Testing.inline! { delete api("/users/ASDF", admin) } - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end context "hard delete disabled" do it "moves contributions to the ghost user" do Sidekiq::Testing.inline! { delete api("/users/#{user.id}", admin) } - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) expect(issue.reload).to be_persisted expect(issue.author.ghost?).to be_truthy end @@ -1083,7 +1079,7 @@ describe API::Users do it "removes contributions" do Sidekiq::Testing.inline! { delete api("/users/#{user.id}?hard_delete=true", admin) } - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) expect(Issue.exists?(issue.id)).to be_falsy end end @@ -1097,22 +1093,14 @@ describe API::Users do it 'returns 403 without private token when sudo is defined' do get api("/user?private_token=#{personal_access_token}&sudo=123") - expect(response).to have_http_status(403) - end - end - - context 'with private token' do - it 'returns 403 without private token when sudo defined' do - get api("/user?private_token=#{user.private_token}&sudo=123") - - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) end end it 'returns current user without private token when sudo not defined' do get api("/user", user) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to match_response_schema('public_api/v4/user/public') expect(json_response['id']).to eq(user.id) end @@ -1132,31 +1120,13 @@ describe API::Users do it 'returns 403 without private token when sudo defined' do get api("/user?private_token=#{admin_personal_access_token}&sudo=#{user.id}") - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) end it 'returns initial current user without private token but with is_admin when sudo not defined' do get api("/user?private_token=#{admin_personal_access_token}") - expect(response).to have_http_status(200) - expect(response).to match_response_schema('public_api/v4/user/admin') - expect(json_response['id']).to eq(admin.id) - end - end - - context 'with private token' do - it 'returns sudoed user with private token when sudo defined' do - get api("/user?private_token=#{admin.private_token}&sudo=#{user.id}") - - expect(response).to have_http_status(200) - expect(response).to match_response_schema('public_api/v4/user/login') - expect(json_response['id']).to eq(user.id) - end - - it 'returns initial current user without private token but with is_admin when sudo not defined' do - get api("/user?private_token=#{admin.private_token}") - - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to match_response_schema('public_api/v4/user/admin') expect(json_response['id']).to eq(admin.id) end @@ -1167,7 +1137,7 @@ describe API::Users do it "returns 401 error if user is unauthenticated" do get api("/user") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end end @@ -1176,7 +1146,7 @@ describe API::Users do context "when unauthenticated" do it "returns authentication error" do get api("/user/keys") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end @@ -1187,7 +1157,7 @@ describe API::Users do get api("/user/keys", user) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.first["title"]).to eq(key.title) @@ -1207,14 +1177,14 @@ describe API::Users do user.keys << key user.save get api("/user/keys/#{key.id}", user) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response["title"]).to eq(key.title) end it "returns 404 Not Found within invalid ID" do get api("/user/keys/42", user) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Key Not Found') end @@ -1223,14 +1193,14 @@ describe API::Users do user.save admin get api("/user/keys/#{key.id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Key Not Found') end it "returns 404 for invalid ID" do get api("/users/keys/ASDF", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end context "scopes" do @@ -1247,31 +1217,31 @@ describe API::Users do expect do post api("/user/keys", user), key_attrs end.to change { user.keys.count }.by(1) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) end it "returns a 401 error if unauthorized" do post api("/user/keys"), title: 'some title', key: 'some key' - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end it "does not create ssh key without key" do post api("/user/keys", user), title: 'title' - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('key is missing') end it 'does not create ssh key without title' do post api('/user/keys', user), key: 'some key' - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('title is missing') end it "does not create ssh key without title" do post api("/user/keys", user), key: "somekey" - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end end @@ -1283,7 +1253,7 @@ describe API::Users do expect do delete api("/user/keys/#{key.id}", user) - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) end.to change { user.keys.count}.by(-1) end @@ -1294,7 +1264,7 @@ describe API::Users do it "returns 404 if key ID not found" do delete api("/user/keys/42", user) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Key Not Found') end @@ -1302,13 +1272,13 @@ describe API::Users do user.keys << key user.save delete api("/user/keys/#{key.id}") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end it "returns a 404 for invalid ID" do delete api("/users/keys/ASDF", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -1317,7 +1287,7 @@ describe API::Users do it 'returns authentication error' do get api('/user/gpg_keys') - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end @@ -1328,7 +1298,7 @@ describe API::Users do get api('/user/gpg_keys', user) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.first['key']).to eq(gpg_key.key) @@ -1350,14 +1320,14 @@ describe API::Users do get api("/user/gpg_keys/#{gpg_key.id}", user) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response['key']).to eq(gpg_key.key) end it 'returns 404 Not Found within invalid ID' do get api('/user/gpg_keys/42', user) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 GPG Key Not Found') end @@ -1367,14 +1337,14 @@ describe API::Users do get api("/user/gpg_keys/#{gpg_key.id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 GPG Key Not Found') end it 'returns 404 for invalid ID' do get api('/users/gpg_keys/ASDF', admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end context 'scopes' do @@ -1391,20 +1361,20 @@ describe API::Users do expect do post api('/user/gpg_keys', user), key_attrs - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) end.to change { user.gpg_keys.count }.by(1) end it 'returns a 401 error if unauthorized' do post api('/user/gpg_keys'), key: 'some key' - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end it 'does not create GPG key without key' do post api('/user/gpg_keys', user) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('key is missing') end end @@ -1417,14 +1387,14 @@ describe API::Users do expect do post api("/user/gpg_keys/#{gpg_key.id}/revoke", user) - expect(response).to have_http_status(:accepted) + expect(response).to have_gitlab_http_status(:accepted) end.to change { user.gpg_keys.count}.by(-1) end it 'returns 404 if key ID not found' do post api('/user/gpg_keys/42/revoke', user) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 GPG Key Not Found') end @@ -1434,13 +1404,13 @@ describe API::Users do post api("/user/gpg_keys/#{gpg_key.id}/revoke") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end it 'returns a 404 for invalid ID' do post api('/users/gpg_keys/ASDF/revoke', admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -1452,14 +1422,14 @@ describe API::Users do expect do delete api("/user/gpg_keys/#{gpg_key.id}", user) - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) end.to change { user.gpg_keys.count}.by(-1) end it 'returns 404 if key ID not found' do delete api('/user/gpg_keys/42', user) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 GPG Key Not Found') end @@ -1469,13 +1439,13 @@ describe API::Users do delete api("/user/gpg_keys/#{gpg_key.id}") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end it 'returns a 404 for invalid ID' do delete api('/users/gpg_keys/ASDF', admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -1483,7 +1453,7 @@ describe API::Users do context "when unauthenticated" do it "returns authentication error" do get api("/user/emails") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end end @@ -1494,7 +1464,7 @@ describe API::Users do get api("/user/emails", user) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.first["email"]).to eq(email.email) @@ -1514,13 +1484,13 @@ describe API::Users do user.emails << email user.save get api("/user/emails/#{email.id}", user) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response["email"]).to eq(email.email) end it "returns 404 Not Found within invalid ID" do get api("/user/emails/42", user) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Email Not Found') end @@ -1529,14 +1499,14 @@ describe API::Users do user.save admin get api("/user/emails/#{email.id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Email Not Found') end it "returns 404 for invalid ID" do get api("/users/emails/ASDF", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end context "scopes" do @@ -1553,18 +1523,18 @@ describe API::Users do expect do post api("/user/emails", user), email_attrs end.to change { user.emails.count }.by(1) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) end it "returns a 401 error if unauthorized" do post api("/user/emails"), email: 'some email' - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end it "does not create email with invalid email" do post api("/user/emails", user), {} - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('email is missing') end end @@ -1577,7 +1547,7 @@ describe API::Users do expect do delete api("/user/emails/#{email.id}", user) - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) end.to change { user.emails.count}.by(-1) end @@ -1588,7 +1558,7 @@ describe API::Users do it "returns 404 if email ID not found" do delete api("/user/emails/42", user) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Email Not Found') end @@ -1596,13 +1566,13 @@ describe API::Users do user.emails << email user.save delete api("/user/emails/#{email.id}") - expect(response).to have_http_status(401) + expect(response).to have_gitlab_http_status(401) end it "returns 400 for invalid ID" do delete api("/user/emails/ASDF", admin) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) end end @@ -1613,25 +1583,25 @@ describe API::Users do it 'blocks existing user' do post api("/users/#{user.id}/block", admin) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) expect(user.reload.state).to eq('blocked') end it 'does not re-block ldap blocked users' do post api("/users/#{ldap_blocked_user.id}/block", admin) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) expect(ldap_blocked_user.reload.state).to eq('ldap_blocked') end it 'does not be available for non admin users' do post api("/users/#{user.id}/block", user) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) expect(user.reload.state).to eq('active') end it 'returns a 404 error if user id not found' do post api('/users/9999/block', admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end end @@ -1645,38 +1615,38 @@ describe API::Users do it 'unblocks existing user' do post api("/users/#{user.id}/unblock", admin) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) expect(user.reload.state).to eq('active') end it 'unblocks a blocked user' do post api("/users/#{blocked_user.id}/unblock", admin) - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) expect(blocked_user.reload.state).to eq('active') end it 'does not unblock ldap blocked users' do post api("/users/#{ldap_blocked_user.id}/unblock", admin) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) expect(ldap_blocked_user.reload.state).to eq('ldap_blocked') end it 'does not be available for non admin users' do post api("/users/#{user.id}/unblock", user) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) expect(user.reload.state).to eq('active') end it 'returns a 404 error if user id not found' do post api('/users/9999/block', admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it "returns a 404 for invalid ID" do post api("/users/ASDF/block", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) end end @@ -1688,7 +1658,7 @@ describe API::Users do it 'has no permission' do get api("/user/activities", user) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) end end @@ -1733,21 +1703,21 @@ describe API::Users do it 'returns a 404 error if user not found' do get api("/users/#{not_existing_user_id}/impersonation_tokens", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it 'returns a 403 error when authenticated as normal user' do get api("/users/#{not_existing_user_id}/impersonation_tokens", user) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) expect(json_response['message']).to eq('403 Forbidden') end it 'returns an array of all impersonated tokens' do get api("/users/#{user.id}/impersonation_tokens", admin) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.size).to eq(2) @@ -1756,7 +1726,7 @@ describe API::Users do it 'returns an array of active impersonation tokens if state active' do get api("/users/#{user.id}/impersonation_tokens?state=active", admin) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(response).to include_pagination_headers expect(json_response).to be_an Array expect(json_response.size).to eq(1) @@ -1766,7 +1736,7 @@ describe API::Users do it 'returns an array of inactive personal access tokens if active is set to false' do get api("/users/#{user.id}/impersonation_tokens?state=inactive", admin) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response).to be_an Array expect(json_response.size).to eq(1) expect(json_response).to all(include('active' => false)) @@ -1782,7 +1752,7 @@ describe API::Users do it 'returns validation error if impersonation token misses some attributes' do post api("/users/#{user.id}/impersonation_tokens", admin) - expect(response).to have_http_status(400) + expect(response).to have_gitlab_http_status(400) expect(json_response['error']).to eq('name is missing') end @@ -1791,7 +1761,7 @@ describe API::Users do name: name, expires_at: expires_at - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end @@ -1800,7 +1770,7 @@ describe API::Users do name: name, expires_at: expires_at - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) expect(json_response['message']).to eq('403 Forbidden') end @@ -1811,7 +1781,7 @@ describe API::Users do scopes: scopes, impersonation: impersonation - expect(response).to have_http_status(201) + expect(response).to have_gitlab_http_status(201) expect(json_response['name']).to eq(name) expect(json_response['scopes']).to eq(scopes) expect(json_response['expires_at']).to eq(expires_at) @@ -1831,35 +1801,35 @@ describe API::Users do it 'returns 404 error if user not found' do get api("/users/#{not_existing_user_id}/impersonation_tokens/1", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it 'returns a 404 error if impersonation token not found' do get api("/users/#{user.id}/impersonation_tokens/#{not_existing_pat_id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Impersonation Token Not Found') end it 'returns a 404 error if token is not impersonation token' do get api("/users/#{user.id}/impersonation_tokens/#{personal_access_token.id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Impersonation Token Not Found') end it 'returns a 403 error when authenticated as normal user' do get api("/users/#{user.id}/impersonation_tokens/#{impersonation_token.id}", user) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) expect(json_response['message']).to eq('403 Forbidden') end it 'returns a personal access token' do get api("/users/#{user.id}/impersonation_tokens/#{impersonation_token.id}", admin) - expect(response).to have_http_status(200) + expect(response).to have_gitlab_http_status(200) expect(json_response['token']).to be_present expect(json_response['impersonation']).to be_truthy end @@ -1872,28 +1842,28 @@ describe API::Users do it 'returns a 404 error if user not found' do delete api("/users/#{not_existing_user_id}/impersonation_tokens/1", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 User Not Found') end it 'returns a 404 error if impersonation token not found' do delete api("/users/#{user.id}/impersonation_tokens/#{not_existing_pat_id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Impersonation Token Not Found') end it 'returns a 404 error if token is not impersonation token' do delete api("/users/#{user.id}/impersonation_tokens/#{personal_access_token.id}", admin) - expect(response).to have_http_status(404) + expect(response).to have_gitlab_http_status(404) expect(json_response['message']).to eq('404 Impersonation Token Not Found') end it 'returns a 403 error when authenticated as normal user' do delete api("/users/#{user.id}/impersonation_tokens/#{impersonation_token.id}", user) - expect(response).to have_http_status(403) + expect(response).to have_gitlab_http_status(403) expect(json_response['message']).to eq('403 Forbidden') end @@ -1904,9 +1874,13 @@ describe API::Users do it 'revokes a impersonation token' do delete api("/users/#{user.id}/impersonation_tokens/#{impersonation_token.id}", admin) - expect(response).to have_http_status(204) + expect(response).to have_gitlab_http_status(204) expect(impersonation_token.revoked).to be_falsey expect(impersonation_token.reload.revoked).to be_truthy end end + + include_examples 'custom attributes endpoints', 'users' do + let(:attributable) { user } + end end |