The requests were missing multiple required attributes, while testing for single attribute missing.
Added test for checking username as required attribute.
* users (#6878, #3526, #4209): Validation error messages are now exposed through 400 responses, 409 response are sent in case of duplicate email or username
* MRs (#5335): 409 responses are sent in case of duplicate merge request (source/target branches), 422 responses are sent when submiting MR fo/from unrelated forks
* issues
* labels
* projects
To prevent leaking of users info we reduce amount of user information
retrieved via API for normal users.
What user can get via API:
* if not admin: only id, state, name, username and avatar_url
* if admin: all user information
* about himself: all informaion
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Complements POST operation added in gitlabhq/gitlabhq#3146
Implement DELETE /users/:uid/keys/:id for admin users
Fix "Line is too long. [83/80]"
Use single quotes as advised
Use single quotes as advised
Use single quotes as advised
Fix missing space around { and }
Fix typo in documentation
Only catch ActiveRecord::RecordNotFound, let other exceptions propagate
Raise a "404 Not found" if key to be deleted cannot be found
As requested by @jvanbaarsen in https://github.com/gitlabhq/gitlabhq/pull/6781#discussion_r11735114
Remove tab
Unconfigured vim on this box, grrrr./
Also, is_admin and can_create_group are exposed in the user information.
Fixed attributes_for_keys to process properly keys with boolean values (since false.present? is false).
Most of these are comments but a few are strings for users.
Might be an idea to run this from time to time:
https://github.com/lyda/misspell-check
It runs mostly clean now.
The users API updated with return codes, e.g. if required parameters are missing
a `400 Bad Request` error is returned instead of `404`. Fixes return codes of functions,
e.g. deletion of a ssh key is an idempotent function now.
The API documentation is updated to reflect the current status of the API. Descriptions
are more detailed and complete, infos to return values are added to all functions.
Changes:
* Move spec/monkeypatch to spec/support
* Remove unused support/shared_examples
* Move support/api to support/api_helpers to match module name
* Move support/login to support/login_helpers to match module name
* Move API specs to requests/api (convention over configuration)
* Remove unused support/js_patch
* Simplify login_as helper
* Move DatabaseCleaner stuff to its own support file
* Remove unnecessary configuration and requires from spec_helper
Douwe Maan
Steve Norman
Stan Hu
Dmitriy Zaporozhets
Nihad Abbasov
Boyan Tabakov
Jeroen van Baarsen
Valery Sizov
Ciro Santilli
Marin Jankovski
Liam Monahan
jubianchi
Timm Friebe
skv
Izaak Alpert
Johannes Schleifenbaum
Alex Denisov
Kevin Lyda
Sebastian Ziebell
Angus MacArthur
Vincent Bonmalais
Robert Speicher