delta/gitlab/gitlab-ce.git/lib/api/users.rb, branch normalize_frontend_headers gitlab.com: gitlab-org/gitlab-ce.git Fix Users API to accept confirm parameter 2017-01-11T14:38:41+00:00 Mark Fletcher mark@gitlab.com 2017-01-11T14:38:41+00:00 72c68b98ae5e016254e56afc60eb9fa662a452de 






Fix the failing spec in POST /users API
2017-01-05T12:30:31+00:00

Rémy Coutable
remy@rymai.me

2017-01-04T16:35:59+00:00

8b1914ceb22d2312da6160eae5e0a586e9aa2a65

Signed-off-by: Rémy Coutable <remy@rymai.me>





Signed-off-by: Rémy Coutable <remy@rymai.me>







API: extern_uid is a string
2017-01-03T07:44:33+00:00

Robert Schilling
rschilling@student.tugraz.at

2017-01-03T07:44:33+00:00

15932c360c229bfd7c3fe6d8777de9930e1f2aa1












remove build_user from model User
2016-12-18T23:26:29+00:00

Arsenev Vladislav
nobodywithbody@gmail.com

2016-12-18T21:56:13+00:00

3cc334eae5abf65b0ecb4159e4e9712dab81c33c












 Calls to the API are checked for scope.
2016-12-16T10:59:31+00:00

Timothy Andrew
mail@timothyandrew.net

2016-11-22T09:04:23+00:00

7fa06ed55d18af4d055041eb27d38fecf9b5548f

- Move the `Oauth2::AccessTokenValidationService` class to
  `AccessTokenValidationService`, since it is now being used for
  personal access token validation as well.

- Each API endpoint declares the scopes it accepts (if any). Currently,
  the top level API module declares the `api` scope, and the `Users` API
  module declares the `read_user` scope (for GET requests).

- Move the `find_user_by_private_token` from the API `Helpers` module to
  the `APIGuard` module, to avoid littering `Helpers` with more
  auth-related methods to support `find_user_by_private_token`





- Move the `Oauth2::AccessTokenValidationService` class to
  `AccessTokenValidationService`, since it is now being used for
  personal access token validation as well.

- Each API endpoint declares the scopes it accepts (if any). Currently,
  the top level API module declares the `api` scope, and the `Users` API
  module declares the `read_user` scope (for GET requests).

- Move the `find_user_by_private_token` from the API `Helpers` module to
  the `APIGuard` module, to avoid littering `Helpers` with more
  auth-related methods to support `find_user_by_private_token`







API: Memoize the current_user so that the sudo can work properly
2016-12-12T12:50:31+00:00

Rémy Coutable
remy@rymai.me

2016-12-09T17:48:20+00:00

2f45d3bcf0f28d4cd4124b4c9722edc1d3085201

The issue was arising when `#current_user` was called a second time
after a user was impersonated: the `User#is_admin?` check would be
performed on it and it would fail.

Signed-off-by: Rémy Coutable <remy@rymai.me>





The issue was arising when `#current_user` was called a second time
after a user was impersonated: the `User#is_admin?` check would be
performed on it and it would fail.

Signed-off-by: Rémy Coutable <remy@rymai.me>







adds impersonator variable and makes sudo usage overall more clear
2016-12-07T14:42:51+00:00

tiagonbotelho
tiagonbotelho@hotmail.com

2016-11-21T12:59:37+00:00

3ed96afc47c481db4f8c0a6581602abaee920808












Reenables /user API request to return private-token if user is admin and requested with sudo
2016-12-07T14:42:51+00:00

tiagonbotelho
tiagonbotelho@hotmail.com

2016-11-21T11:42:10+00:00

8b379465a5be48c8062379a3dea8e58110c52d87












Use the pagination helper in the API
2016-12-04T17:11:19+00:00

Robert Schilling
rschilling@student.tugraz.at

2016-12-04T17:11:19+00:00

74c8669b0a96b6afcb41ce5e09b147c7309ecbeb












Fix StrongAttibutes error with Ruby 2.1
2016-11-21T17:47:55+00:00

Rémy Coutable
remy@rymai.me

2016-11-21T16:44:24+00:00

039d4a1cbff5b54dc60363ff5f244e84cb54aacf

Signed-off-by: Rémy Coutable <remy@rymai.me>





Signed-off-by: Rémy Coutable <remy@rymai.me>