0001-Expose-the-Admin-flag-on-the-users-api-to-admin-user.patch

Holger Just, 2018-08-29 16:41

Download (2.35 KB)

View differences:

app/views/users/index.api.rsb
3 3
    api.user do
4 4
      api.id         user.id
5 5
      api.login      user.login
6
      api.admin      user.admin?
6 7
      api.firstname  user.firstname
7 8
      api.lastname   user.lastname
8 9
      api.mail       user.mail
app/views/users/show.api.rsb
1 1
api.user do
2 2
  api.id         @user.id
3 3
  api.login      @user.login if User.current.admin? || (User.current == @user)
4
  api.admin      @user.admin? if User.current.admin? || (User.current == @user)
4 5
  api.firstname  @user.firstname
5 6
  api.lastname   @user.lastname
6 7
  api.mail       @user.mail if User.current.admin? || !@user.pref.hide_mail
test/integration/api_test/users_test.rb
125 125
    assert_select 'user status', :text => User.find(1).status.to_s
126 126
  end
127 127

  
128
  test "GET /users/:id should return admin status for current user" do
129
    get '/users/2.xml', :headers => credentials('jsmith')
130
    assert_response :success
131
    assert_select 'user admin', :text => 'false'
132
  end
133

  
134
  test "GET /users/:id should not return admin status for other user" do
135
    get '/users/3.xml', :headers => credentials('jsmith')
136
    assert_response :success
137
    assert_select 'user admin', 0
138
  end
139

  
128 140
  test "POST /users.xml with valid parameters should create the user" do
129 141
    assert_difference('User.count') do
130 142
      post '/users.xml',
131
-