From 4e97f26649a7756bef843fca74e3c58eadd117e1 Mon Sep 17 00:00:00 2001
From: jubianchi <contact@jubianchi.fr>
Date: Fri, 30 Jan 2015 10:46:08 +0100
Subject: Acces groups with their path in API

---
 lib/api/group_members.rb | 16 ----------------
 1 file changed, 16 deletions(-)

(limited to 'lib/api/group_members.rb')

diff --git a/lib/api/group_members.rb b/lib/api/group_members.rb
index d596517c816..4373070083a 100644
--- a/lib/api/group_members.rb
+++ b/lib/api/group_members.rb
@@ -3,22 +3,6 @@ module API
     before { authenticate! }
 
     resource :groups do
-      helpers do
-        def find_group(id)
-          group = Group.find(id)
-
-          if can?(current_user, :read_group, group)
-            group
-          else
-            render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403)
-          end
-        end
-
-        def validate_access_level?(level)
-          Gitlab::Access.options_with_owner.values.include? level.to_i
-        end
-      end
-
       # Get a list of group members viewable by the authenticated user.
       #
       # Example Request:
-- 
cgit v1.2.1


From b0dacc8eb06615cf5d0afb1fc8d799dd64325846 Mon Sep 17 00:00:00 2001
From: Vinnie Okada <vokada@mrvinn.com>
Date: Tue, 20 Jan 2015 20:34:09 -0700
Subject: Edit group members via API

Add an API endpoint to update the access level of an existing group
member.
---
 lib/api/group_members.rb | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'lib/api/group_members.rb')

diff --git a/lib/api/group_members.rb b/lib/api/group_members.rb
index 4373070083a..c9c9ccbcb2e 100644
--- a/lib/api/group_members.rb
+++ b/lib/api/group_members.rb
@@ -40,6 +40,30 @@ module API
         present member.user, with: Entities::GroupMember, group: group
       end
 
+      # Update group member
+      #
+      # Parameters:
+      #   id (required) - The ID of a group
+      #   user_id (required) - The ID of a group member
+      #   access_level (required) - Project access level
+      # Example Request:
+      #   PUT /groups/:id/members/:user_id
+      put ':id/members/:user_id' do
+        group = find_group(params[:id])
+        authorize! :manage_group, group
+        required_attributes! [:access_level]
+
+        team_member = group.group_members.find_by(user_id: params[:user_id])
+        not_found!('User can not be found') if team_member.nil?
+
+        if team_member.update_attributes(access_level: params[:access_level])
+          @member = team_member.user
+          present @member, with: Entities::GroupMember, group: group
+        else
+          handle_member_errors team_member.errors
+        end
+      end
+
       # Remove member.
       #
       # Parameters:
-- 
cgit v1.2.1