Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/api/users.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/api/users.rb')
-rw-r--r--lib/api/users.rb8
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/api/users.rb b/lib/api/users.rb
index ce0a0e9b502..eeb5244466a 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -142,11 +142,15 @@ module API
get ":id", feature_category: :users do
forbidden!('Not authorized!') unless current_user
+ if Feature.enabled?(:rate_limit_user_by_id_endpoint, type: :development)
+ check_rate_limit! :users_get_by_id, scope: current_user unless current_user.admin?
+ end
+
user = User.find_by(id: params[:id])
not_found!('User') unless user && can?(current_user, :read_user, user)
- opts = { with: current_user&.admin? ? Entities::UserDetailsWithAdmin : Entities::User, current_user: current_user }
+ opts = { with: current_user.admin? ? Entities::UserDetailsWithAdmin : Entities::User, current_user: current_user }
user, opts = with_custom_attributes(user, opts)
present user, opts
@@ -1072,7 +1076,7 @@ module API
attrs = declared_params(include_missing: false)
- service = ::Users::UpsertCreditCardValidationService.new(attrs).execute
+ service = ::Users::UpsertCreditCardValidationService.new(attrs, user).execute
if service.success?
present user.credit_card_validation, with: Entities::UserCreditCardValidations
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 03:01:27 +0300