Merge branch 'query-users-by-extern-uid' into 'master'

Implement search by extern_uid in Users API See merge request !10509
author: Robert Speicher <robert@gitlab.com> 2017-04-19 22:50:38 +0300
committer: Robert Speicher <robert@gitlab.com> 2017-04-19 22:50:38 +0300
commit: 93e23a5d718eafb78c4b8d5b605d740d48c75418 (patch)
tree: a20733da8f0a9f442e48d8ae1324edadd3b01b77 /lib/api/users.rb
parent: a4688d9d9ac2af39562770d011394a2151a12c60 (diff)
parent: ddf7e6ae78cc87314d081427f00d54f203cfd60a (diff)
1 files changed, 14 insertions, 8 deletions
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 9e0faff6c05..46f221f68fe 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -39,10 +39,13 @@ module API
       params do
         # CE
         optional :username, type: String, desc: 'Get a single user with a specific username'
+        optional :extern_uid, type: String, desc: 'Get a single user with a specific external authentication provider UID'
+        optional :provider, type: String, desc: 'The external provider'
         optional :search, type: String, desc: 'Search for a username'
         optional :active, type: Boolean, default: false, desc: 'Filters only active users'
         optional :external, type: Boolean, default: false, desc: 'Filters only external users'
         optional :blocked, type: Boolean, default: false, desc: 'Filters only blocked users'
+        all_or_none_of :extern_uid, :provider
 
         use :pagination
       end
@@ -51,14 +54,17 @@ module API
           render_api_error!("Not authorized.", 403)
         end
 
-        if params[:username].present?
-          users = User.where(username: params[:username])
-        else
-          users = User.all
-          users = users.active if params[:active]
-          users = users.search(params[:search]) if params[:search].present?
-          users = users.blocked if params[:blocked]
-          users = users.external if params[:external] && current_user.admin?
+        authenticated_as_admin! if params[:external].present? || (params[:extern_uid].present? && params[:provider].present?)
+
+        users = User.all
+        users = User.where(username: params[:username]) if params[:username]
+        users = users.active if params[:active]
+        users = users.search(params[:search]) if params[:search].present?
+        users = users.blocked if params[:blocked]
+
+        if current_user.admin?
+          users = users.joins(:identities).merge(Identity.with_extern_uid(params[:provider], params[:extern_uid])) if params[:extern_uid] && params[:provider]
+          users = users.external if params[:external]
         end
 
         entity = current_user.admin? ? Entities::UserPublic : Entities::UserBasic
author	Robert Speicher <robert@gitlab.com>	2017-04-19 22:50:38 +0300
committer	Robert Speicher <robert@gitlab.com>	2017-04-19 22:50:38 +0300
commit	93e23a5d718eafb78c4b8d5b605d740d48c75418 (patch)
tree	a20733da8f0a9f442e48d8ae1324edadd3b01b77 /lib/api/users.rb
parent	a4688d9d9ac2af39562770d011394a2151a12c60 (diff)
parent	ddf7e6ae78cc87314d081427f00d54f203cfd60a (diff)