summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGo MAEDA <maeda@farend.jp>2018-09-20 14:54:38 +0000
committerGo MAEDA <maeda@farend.jp>2018-09-20 14:54:38 +0000
commit0d29d3208d865e969af8cb268178f3d186d77551 (patch)
tree209bc9c06008866644d151ab6f4c0d7de2180ad4
parente9d15d691b2c5f314d618156077ec3b7f20e5fa2 (diff)
downloadredmine-0d29d3208d865e969af8cb268178f3d186d77551.tar.gz
redmine-0d29d3208d865e969af8cb268178f3d186d77551.zip
Expose the Admin flag on the users api to admin users (#29459).
Patch by Holger Just. git-svn-id: http://svn.redmine.org/redmine/trunk@17496 e93f8b46-1217-0410-a6f0-8f06a7374b81
-rw-r--r--app/views/users/index.api.rsb1
-rw-r--r--app/views/users/show.api.rsb1
-rw-r--r--test/integration/api_test/users_test.rb12
3 files changed, 14 insertions, 0 deletions
diff --git a/app/views/users/index.api.rsb b/app/views/users/index.api.rsb
index 4265a4be4..23e38398e 100644
--- a/app/views/users/index.api.rsb
+++ b/app/views/users/index.api.rsb
@@ -3,6 +3,7 @@ api.array :users, api_meta(:total_count => @user_count, :offset => @offset, :lim
api.user do
api.id user.id
api.login user.login
+ api.admin user.admin?
api.firstname user.firstname
api.lastname user.lastname
api.mail user.mail
diff --git a/app/views/users/show.api.rsb b/app/views/users/show.api.rsb
index e4c49f9b8..d83ad22f6 100644
--- a/app/views/users/show.api.rsb
+++ b/app/views/users/show.api.rsb
@@ -1,6 +1,7 @@
api.user do
api.id @user.id
api.login @user.login if User.current.admin? || (User.current == @user)
+ api.admin @user.admin? if User.current.admin? || (User.current == @user)
api.firstname @user.firstname
api.lastname @user.lastname
api.mail @user.mail if User.current.admin? || !@user.pref.hide_mail
diff --git a/test/integration/api_test/users_test.rb b/test/integration/api_test/users_test.rb
index 192557808..80f237b25 100644
--- a/test/integration/api_test/users_test.rb
+++ b/test/integration/api_test/users_test.rb
@@ -125,6 +125,18 @@ class Redmine::ApiTest::UsersTest < Redmine::ApiTest::Base
assert_select 'user status', :text => User.find(1).status.to_s
end
+ test "GET /users/:id should return admin status for current user" do
+ get '/users/2.xml', :headers => credentials('jsmith')
+ assert_response :success
+ assert_select 'user admin', :text => 'false'
+ end
+
+ test "GET /users/:id should not return admin status for other user" do
+ get '/users/3.xml', :headers => credentials('jsmith')
+ assert_response :success
+ assert_select 'user admin', 0
+ end
+
test "POST /users.xml with valid parameters should create the user" do
assert_difference('User.count') do
post '/users.xml',