diff options
author | Douwe Maan <douwe@selenight.nl> | 2017-10-05 13:48:22 +0300 |
---|---|---|
committer | Douwe Maan <douwe@selenight.nl> | 2017-10-05 13:48:22 +0300 |
commit | 0c0c2ecd99cd5c4cb22a0c045f8d45d315203832 (patch) | |
tree | 3900ccdcdff0cd6b8e3ed281ba57a317b801ad08 /lib/api/users.rb | |
parent | ed3c25e4294bfc75f7167ed63e30561e39ac3a97 (diff) | |
parent | de01353b166018a43ea92b38054b1267c3ba5cea (diff) |
Merge branch 'master' into digitalmoksha/gitlab-ce-feature/verify_secondary_emails
# Conflicts:
# app/controllers/admin/users_controller.rb
# app/controllers/confirmations_controller.rb
# app/controllers/profiles/emails_controller.rb
# app/models/user.rb
# app/services/emails/base_service.rb
# app/services/emails/destroy_service.rb
# app/views/devise/mailer/confirmation_instructions.html.haml
# lib/api/users.rb
# spec/services/emails/destroy_service_spec.rb
Diffstat (limited to 'lib/api/users.rb')
-rw-r--r-- | lib/api/users.rb | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/lib/api/users.rb b/lib/api/users.rb index 992556c838b..b6f97a1eac2 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -6,12 +6,14 @@ module API allow_access_with_scope :read_user, if: -> (request) { request.get? } resource :users, requirements: { uid: /[0-9]*/, id: /[0-9]*/ } do + include CustomAttributesEndpoints + before do authenticate_non_get! end helpers do - def find_user(params) + def find_user_by_id(params) id = params[:user_id] || params[:id] User.find_by(id: id) || not_found!('User') end @@ -166,7 +168,7 @@ module API user_params[:password_expires_at] = Time.now if user_params[:password].present? - result = ::Users::UpdateService.new(user, user_params.except(:extern_uid, :provider)).execute + result = ::Users::UpdateService.new(current_user, user_params.except(:extern_uid, :provider).merge(user: user)).execute if result[:status] == :success present user, with: Entities::UserPublic @@ -326,7 +328,7 @@ module API user = User.find_by(id: params.delete(:id)) not_found!('User') unless user - email = Emails::CreateService.new(user, declared_params(include_missing: false)).execute + email = Emails::CreateService.new(current_user, declared_params(include_missing: false).merge(user: user)).execute if email.errors.blank? present email, with: Entities::Email @@ -366,10 +368,8 @@ module API not_found!('Email') unless email destroy_conditionally!(email) do |email| - Emails::DestroyService.new(current_user).execute(email) + Emails::DestroyService.new(current_user, user: user).execute(email) end - - user.update_secondary_emails! end desc 'Delete a user. Available only for admins.' do @@ -429,7 +429,7 @@ module API resource :impersonation_tokens do helpers do def finder(options = {}) - user = find_user(params) + user = find_user_by_id(params) PersonalAccessTokensFinder.new({ user: user, impersonation: true }.merge(options)) end @@ -671,7 +671,7 @@ module API requires :email, type: String, desc: 'The new email' end post "emails" do - email = Emails::CreateService.new(current_user, declared_params).execute + email = Emails::CreateService.new(current_user, declared_params.merge(user: current_user)).execute if email.errors.blank? present email, with: Entities::Email @@ -689,10 +689,8 @@ module API not_found!('Email') unless email destroy_conditionally!(email) do |email| - Emails::DestroyService.new(current_user).execute(email) + Emails::DestroyService.new(current_user, user: current_user).execute(email) end - - current_user.update_secondary_emails! end desc 'Get a list of user activities' |