Patch #29459 ยป 0001-Expose-the-Admin-flag-on-the-users-api-to-admin-user.patch
| app/views/users/index.api.rsb | ||
|---|---|---|
| 3 | 3 |
api.user do |
| 4 | 4 |
api.id user.id |
| 5 | 5 |
api.login user.login |
| 6 |
api.admin user.admin? |
|
| 6 | 7 |
api.firstname user.firstname |
| 7 | 8 |
api.lastname user.lastname |
| 8 | 9 |
api.mail user.mail |
| app/views/users/show.api.rsb | ||
|---|---|---|
| 1 | 1 |
api.user do |
| 2 | 2 |
api.id @user.id |
| 3 | 3 |
api.login @user.login if User.current.admin? || (User.current == @user) |
| 4 |
api.admin @user.admin? if User.current.admin? || (User.current == @user) |
|
| 4 | 5 |
api.firstname @user.firstname |
| 5 | 6 |
api.lastname @user.lastname |
| 6 | 7 |
api.mail @user.mail if User.current.admin? || !@user.pref.hide_mail |
| test/integration/api_test/users_test.rb | ||
|---|---|---|
| 125 | 125 |
assert_select 'user status', :text => User.find(1).status.to_s |
| 126 | 126 |
end |
| 127 | 127 | |
| 128 |
test "GET /users/:id should return admin status for current user" do |
|
| 129 |
get '/users/2.xml', :headers => credentials('jsmith')
|
|
| 130 |
assert_response :success |
|
| 131 |
assert_select 'user admin', :text => 'false' |
|
| 132 |
end |
|
| 133 | ||
| 134 |
test "GET /users/:id should not return admin status for other user" do |
|
| 135 |
get '/users/3.xml', :headers => credentials('jsmith')
|
|
| 136 |
assert_response :success |
|
| 137 |
assert_select 'user admin', 0 |
|
| 138 |
end |
|
| 139 | ||
| 128 | 140 |
test "POST /users.xml with valid parameters should create the user" do |
| 129 | 141 |
assert_difference('User.count') do
|
| 130 | 142 |
post '/users.xml', |