Mirrors/redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2024-09-13 23:56:26 +02:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merged r11518 from trunk (#8529).

Browse Source 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/2.3-stable@11570 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2013-03-09 10:19:39 +00:00
parent 4413e0e52e
commit f4def66c58
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/views/users/show.api.rsb
View File

@ -6,6 +6,7 @@ api.user do
api.mail @user.mail if User.current.admin? || !@user.pref.hide_mail
api.created_on @user.created_on
api.last_login_on @user.last_login_on
api.api_key @user.api_key if User.current.admin? || (User.current == @user)
render_api_custom_values @user.visible_custom_field_values, api

12
test/integration/api_test/users_test.rb
View File

@ -108,6 +108,18 @@ class Redmine::ApiTest::UsersTest < Redmine::ApiTest::Base
assert_tag 'user', :child => {:tag => 'login', :content => 'jsmith'}
end
test "GET /users/:id should not return api_key for other user" do
get '/users/3.xml', {}, credentials('jsmith')
assert_response :success
assert_no_tag 'user', :child => {:tag => 'api_key'}
end
test "GET /users/:id should return api_key for current user" do
get '/users/2.xml', {}, credentials('jsmith')
assert_response :success
assert_tag 'user', :child => {:tag => 'api_key', :content => User.find(2).api_key}
end
context "POST /users" do
context "with valid parameters" do
setup do