summaryrefslogtreecommitdiff
path: root/lib/api/entities/user_safe.rb
blob: 6006a07602004e19dae34e39ffaa59e3d4b51378 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# frozen_string_literal: true

module API
  module Entities
    class UserSafe < Grape::Entity
      expose :id, :username
      expose :name do |user|
        next user.name unless user.project_bot?

        next user.name if options[:current_user]&.can?(:read_resource_access_tokens, user.projects.first)

        # If the requester does not have permission to read the project bot name,
        # the API returns an arbitrary string. UI changes will be addressed in a follow up issue:
        # https://gitlab.com/gitlab-org/gitlab/-/issues/346058
        '****'
      end
    end
  end
end