diff options
Diffstat (limited to 'lib/api/users.rb')
-rw-r--r-- | lib/api/users.rb | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/lib/api/users.rb b/lib/api/users.rb index 3d9af536c3c..ff36a4cfe95 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -99,6 +99,7 @@ module API optional :exclude_internal, as: :non_internal, type: Boolean, default: false, desc: 'Filters only non internal users' optional :without_project_bots, type: Boolean, default: false, desc: 'Filters users without project bots' optional :admins, type: Boolean, default: false, desc: 'Filters only admin users' + optional :two_factor, type: String, desc: 'Filter users by Two-factor authentication.' all_or_none_of :extern_uid, :provider use :sort_params @@ -108,10 +109,12 @@ module API end # rubocop: disable CodeReuse/ActiveRecord get feature_category: :user_profile, urgency: :low do - authenticated_as_admin! if params[:extern_uid].present? && params[:provider].present? + index_params = declared_params(include_missing: false) + + authenticated_as_admin! if index_params[:extern_uid].present? && index_params[:provider].present? unless current_user&.can_read_all_resources? - params.except!(:created_after, :created_before, :order_by, :sort, :two_factor, :without_projects) + index_params.except!(:created_after, :created_before, :order_by, :sort, :two_factor, :without_projects) end authorized = can?(current_user, :read_users_list) @@ -121,11 +124,11 @@ module API # a list of all the users on the GitLab instance. `UsersFinder` performs # an exact match on the `username` parameter, so we are guaranteed to # get either 0 or 1 `users` here. - authorized &&= params[:username].present? if current_user.blank? + authorized &&= index_params[:username].present? if current_user.blank? forbidden!("Not authorized to access /api/v4/users") unless authorized - users = UsersFinder.new(current_user, params).execute + users = UsersFinder.new(current_user, index_params).execute users = reorder_users(users) entity = current_user&.can_read_all_resources? ? Entities::UserWithAdmin : Entities::UserBasic @@ -707,9 +710,13 @@ module API user = User.find_by(id: params[:id]) not_found!('User') unless user - forbidden!('A blocked user must be unblocked to be activated') if user.blocked? - user.activate + result = ::Users::ActivateService.new(current_user).execute(user) + if result[:status] == :success + true + else + render_api_error!(result[:message], result[:reason] || :bad_request) + end end desc 'Approve a pending user. Available only for admins.' @@ -1239,7 +1246,7 @@ module API params do optional :view_diffs_file_by_file, type: Boolean, desc: 'Flag indicating the user sees only one file diff per page' optional :show_whitespace_in_diffs, type: Boolean, desc: 'Flag indicating the user sees whitespace changes in diffs' - optional :pass_user_identities_to_ci_jwt, type: Boolean, desc: 'Flag indicating the user passes their external identities as CI information' + optional :pass_user_identities_to_ci_jwt, type: Boolean, desc: 'Flag indicating the user passes their external identities to a CI job as part of a JSON web token.' at_least_one_of :view_diffs_file_by_file, :show_whitespace_in_diffs, :pass_user_identities_to_ci_jwt end put "preferences", feature_category: :user_profile, urgency: :high do |