WebService.NewAction action = controller.createAction("search")
.setDescription("Get a list of active users. <br/>" +
"Administer System permission is required to show the 'groups' field.<br/>" +
+ "Field 'tokensCount' is only accessible to System Administrator and logged in user.<br/>" +
"When accessed anonymously, only logins and names are returned.")
.setSince("3.6")
.setChangelog(
setIfNeeded(FIELD_ACTIVE, fields, user.isActive(), userBuilder::setActive);
setIfNeeded(FIELD_LOCAL, fields, user.isLocal(), userBuilder::setLocal);
setIfNeeded(FIELD_EXTERNAL_PROVIDER, fields, user.getExternalIdentityProvider(), userBuilder::setExternalProvider);
- setIfNeeded(FIELD_TOKENS_COUNT, fields, tokensCount, userBuilder::setTokensCount);
+ setIfNeeded(isNeeded(FIELD_TOKENS_COUNT, fields) && user.getLogin().equals(userSession.getLogin()), tokensCount, userBuilder::setTokensCount);
setIfNeeded(isNeeded(FIELD_SCM_ACCOUNTS, fields) && !user.getScmAccountsAsList().isEmpty(), user.getScmAccountsAsList(),
scm -> userBuilder.setScmAccounts(ScmAccounts.newBuilder().addAllScmAccounts(scm)));
}
setIfNeeded(isNeeded(FIELD_GROUPS, fields) && !groups.isEmpty(), groups,
g -> userBuilder.setGroups(Groups.newBuilder().addAllGroups(g)));
setIfNeeded(FIELD_EXTERNAL_IDENTITY, fields, user.getExternalLogin(), userBuilder::setExternalIdentity);
+ setIfNeeded(FIELD_TOKENS_COUNT, fields, tokensCount, userBuilder::setTokensCount);
}
return userBuilder.build();
}
}
@Test
- public void return_tokens_count() {
+ public void return_tokens_count_for_logged_user() {
UserDto user = db.users().insertUser();
db.users().insertToken(user);
db.users().insertToken(user);
userIndexer.indexOnStartup(null);
+
userSession.logIn();
+ assertThat(ws.newRequest()
+ .executeProtobuf(SearchWsResponse.class).getUsersList())
+ .extracting(User::getLogin, User::hasTokensCount)
+ .containsExactlyInAnyOrder(tuple(user.getLogin(), false));
- SearchWsResponse response = ws.newRequest()
- .executeProtobuf(SearchWsResponse.class);
+ userSession.logIn(user);
+ assertThat(ws.newRequest()
+ .executeProtobuf(SearchWsResponse.class).getUsersList())
+ .extracting(User::getLogin, User::getTokensCount)
+ .containsExactlyInAnyOrder(tuple(user.getLogin(), 2));
+ }
- assertThat(response.getUsersList())
- .extracting(User::getLogin, User::getTokensCount)
- .containsExactlyInAnyOrder(tuple(user.getLogin(), 2));
+ @Test
+ public void return_tokens_count_when_system_administer() {
+ UserDto user = db.users().insertUser();
+ db.users().insertToken(user);
+ db.users().insertToken(user);
+ userIndexer.indexOnStartup(null);
+
+ userSession.logIn().setSystemAdministrator();
+ assertThat(ws.newRequest()
+ .executeProtobuf(SearchWsResponse.class).getUsersList())
+ .extracting(User::getLogin, User::getTokensCount)
+ .containsExactlyInAnyOrder(tuple(user.getLogin(), 2));
+
+ userSession.logIn();
+ assertThat(ws.newRequest()
+ .executeProtobuf(SearchWsResponse.class).getUsersList())
+ .extracting(User::getLogin, User::hasTokensCount)
+ .containsExactlyInAnyOrder(tuple(user.getLogin(), false));
}
@Test