summaryrefslogtreecommitdiff
path: root/lib/api/users.rb
Commit message (Collapse)AuthorAgeFilesLines
* Don't expose a user's private token in the `/api/v3/user` API.Timothy Andrew2016-08-311-1/+1
| | | | | | - This would allow anyone with a personal access token (even a read-only token, once scopes are implemented) to escalate their access by obtaining the private token.
* Enable Style/RedundantParentheses rubocop coprubocop/enable-redundant-parentheses-copGrzegorz Bizon2016-05-301-1/+1
| | | | See #17478
* Add changelog entryFelipe Artur2016-04-181-1/+1
|
* Fix documentation and improve permissions codeFelipe Artur2016-04-181-1/+1
|
* Insert users check into apiFelipe Artur2016-04-181-2/+8
|
* Expose user location in APIRobert Schilling2016-04-061-2/+4
|
* Add missing API docs on external userAchilleas Pipinellis2016-03-171-2/+2
| | | | [ci skip]
* API support for setting External flag on existing usersZeger-Jan van de Weg2016-03-171-1/+2
|
* External UsersZeger-Jan van de Weg2016-03-131-2/+3
| | | | | The user has the rights of a public user execpt it can never create a project, group, or team. Also it cant view internal projects.
* Codestyle changesGabriel Mazetto2016-01-121-3/+3
|
* Prevent ldap_blocked users from being blocked/unblocked by the APIGabriel Mazetto2016-01-081-4/+8
|
* Make single user API endpoint return Entities::User instead of ↵Michi3022015-12-281-1/+1
| | | | Entities::UserBasic
* Add API support for looking up a user by usernameStan Hu2015-12-241-4/+10
| | | | Needed to support Huboard
* Added ability to update or set the identity of an existing user, like the ↵fix-user-identities-apiPatricio Cano2015-09-221-0/+11
| | | | documentation said it was possible, but actually wasn't.
* Restrict users API endpoints to use integer IDsStan Hu2015-08-231-1/+1
| | | | Closes #2267
* Fix indentationDouwe Maan2015-07-311-11/+11
|
* Add ability to manage user email addresses via the API.Douwe Maan2015-07-291-0/+111
|
* Allow user to be blocked and unblocked via the APISteve Norman2015-07-031-0/+30
|
* Fix error when deleting a user who has projectsStan Hu2015-06-231-1/+1
| | | | | Closes #1856 Closes https://github.com/gitlabhq/gitlabhq/issues/9394
* You can not remove user if he/she is an only owner of groupDmitriy Zaporozhets2015-05-281-1/+1
| | | | | | | To prevent loose of group data you need to transfer or remove group first before you can remove user Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Change ordering so that confirm is removed from attrs before attempting to ↵RICKETTM@uk.ibm.com2015-03-241-2/+2
| | | | User.build_user
* Merge branch 'master' into mmonaco/gitlab-ce-api-user-noconfirmDmitriy Zaporozhets2015-02-271-5/+9
|\ | | | | | | | | Conflicts: lib/api/users.rb
| * Supporting for multiple omniauth provider for the same userValery Sizov2014-12-041-4/+8
| |
* | Add 'confirm' option to users apiMatthew Monaco2014-11-031-1/+4
|/
* Improve error reporting on users APIjubianchi2014-09-161-21/+37
| | | | | | | | * users (#6878, #3526, #4209): Validation error messages are now exposed through 400 responses, 409 response are sent in case of duplicate email or username * MRs (#5335): 409 responses are sent in case of duplicate merge request (source/target branches), 422 responses are sent when submiting MR fo/from unrelated forks * issues * labels * projects
* Fix signup and project visibilityDmitriy Zaporozhets2014-06-301-1/+1
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Make app works with strong paramsDmitriy Zaporozhets2014-06-261-1/+1
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Dont expose user email via APIDmitriy Zaporozhets2014-06-131-4/+14
| | | | | | | | | | | | | To prevent leaking of users info we reduce amount of user information retrieved via API for normal users. What user can get via API: * if not admin: only id, state, name, username and avatar_url * if admin: all user information * about himself: all informaion Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Implement GET /users/:uid/keys for admin usersTimm Friebe2014-04-181-0/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | Complements POST operation added in gitlabhq/gitlabhq#3146 Implement DELETE /users/:uid/keys/:id for admin users Fix "Line is too long. [83/80]" Use single quotes as advised Use single quotes as advised Use single quotes as advised Fix missing space around { and } Fix typo in documentation Only catch ActiveRecord::RecordNotFound, let other exceptions propagate Raise a "404 Not found" if key to be deleted cannot be found As requested by @jvanbaarsen in https://github.com/gitlabhq/gitlabhq/pull/6781#discussion_r11735114 Remove tab Unconfigured vim on this box, grrrr./
* Merge pull request #6075 from skv-headless/remove_deprecated_findersDmitriy Zaporozhets2014-01-221-1/+1
|\ | | | | Remove deprecated finders
| * Remove deprecated findersskv2014-01-191-1/+1
| |
* | Add website url to userJerome Dalbert2014-01-181-1/+3
|/
* fix most of warningsskv2013-12-151-1/+1
|
* Extended User API to expose admin and can_create_group for user ↵Boyan Tabakov2013-09-291-3/+11
| | | | | | | creation/updating. Also, is_admin and can_create_group are exposed in the user information. Fixed attributes_for_keys to process properly keys with boolean values (since false.present? is false).
* Update to only provide one way to get a default userIzaak Alpert2013-09-111-3/+2
| | | | | | -calling build_user will now apply defaults and only override them if as: :admin is set Change-Id: Id1d938c0967752ecc14370af54f2d88128d18c44
* Update User api to respect default settingsIzaak Alpert2013-09-111-1/+1
| | | | | | -API now respects default_projects_limit, default_can_create_group, and default_can_create_team Change-Id: I059d060d576df1050e5371e707381c5e8c608a7a
* Refactor API classes. So api classes like Gitlab::Issues become API::IssuesDmitriy Zaporozhets2013-05-141-1/+1
|
* modify api to work with new deploy keysDmitriy Zaporozhets2013-05-061-1/+1
|
* Paginate users in users apiDmitriy Zaporozhets2013-04-161-0/+1
|
* Dont show blocked users in autocompleteDmitriy Zaporozhets2013-03-191-0/+1
|
* Abilities added to /user and /sign_in requestsAlex Denisov2013-03-181-1/+1
|
* Result of misspellings run.Kevin Lyda2013-03-171-1/+1
| | | | | | | | | Most of these are comments but a few are strings for users. Might be an idea to run this from time to time: https://github.com/lyda/misspell-check It runs mostly clean now.
* add api users filter and integrate users select2Dmitriy Zaporozhets2013-03-131-1/+2
|
* Merge branch 'master' into fixes/api, code clean up and tests fixedSebastian Ziebell2013-03-071-0/+20
|\ | | | | | | | | | | Conflicts: doc/api/projects.md spec/requests/api/projects_spec.rb
| * Additional Admin APIsAngus MacArthur2013-03-051-0/+20
| |
* | API: extracted helper method to validate required parameters, code clean upSebastian Ziebell2013-02-271-7/+2
| | | | | | | | | | | | Added a helper method to check if required parameters are given in an API call. Can be used to return a `400 Bad Request` return code if a required attribute is missing. Code clean up and fixed tests.
* | API: fixes return codes, documentation updated with status codes, tests addedSebastian Ziebell2013-02-201-5/+19
|/ | | | | | | | The users API updated with return codes, e.g. if required parameters are missing a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions, e.g. deletion of a ssh key is an idempotent function now. The API documentation is updated to reflect the current status of the API. Descriptions are more detailed and complete, infos to return values are added to all functions.
* Extended users API to support updating and deleting users.Boyan Tabakov2012-12-181-1/+46
| | | | Also added tests.
* Validates presence of User#nameCyril2012-12-121-2/+0
| | | | | | | | | The 2 reasons are : - creation of user fail if name is empty : in after_save, it tries to create a namespace with namespace.name = user.name and namespece validates presence Namespace#name - in the web app links to team members are broken with empty User#name because they are of the form <a href'...'> user.name </a>
* Fixed spinach and tests. Build should pass nowDmitriy Zaporozhets2012-11-231-1/+1
|
View Lorry Controller Status