root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
109,665 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

289 Commits

Author SHA1 Message Date
GitLab Bot 016af097cb Add latest changes from gitlab-org/gitlab@master 2019-12-14 15:07:56 +00:00
GitLab Bot 2e3cbf7d89 Add latest changes from gitlab-org/gitlab@master 2019-12-12 00:07:43 +00:00
GitLab Bot 308146dc39 Add latest changes from gitlab-org/gitlab@master 2019-10-10 00:06:44 +00:00
GitLab Bot 80f61b4035 Add latest changes from gitlab-org/gitlab@master 2019-09-18 14:02:45 +00:00
Alessio Caiazza daf7810e2e Add Scalability/FileUploads cop 
This cop prevents you from using file in API, it points you to the
development documentation about workhorse file acceleration.
 2019-09-10 16:24:10 +00:00
Stan Hu f0400dc7c0 Merge branch '12800-read-and-write-user-admin-notes-via-api-ce' into 'master' 
CE Backport: Read and write User "Admin notes" via API

See merge request gitlab-org/gitlab-ce!30775
 2019-07-16 22:13:26 +00:00
manojmj ce40c12849 CE: Read and write User "Admin notes" via API 
This change adds the ability to read and
write admin notes for a user via the
USER API
 2019-07-17 01:11:10 +05:30
Adam Hegyi 4959d8fd49 Migrate null values for users.private_profile 
- Background migration for changing null values to false
- Set false as default value for private_profile DB column
 2019-07-15 21:07:54 +00:00
Stan Hu d6f20b55b8 Add support for creating random passwords in user creation API 
To avoid having to specify an actual password to create users, admins
can now use the `force_random_password` parameter to let Devise generate
a password.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/63826
 2019-06-27 13:25:37 -07:00
Michael Leopard 8cf85b4bb5 Updating CE repo to include new EE users API changes 
Updated users API documentation
Moved API level changes to the service level
 2019-06-19 20:27:34 +00:00
Imre Farkas 3895e54741 CE port of Move EE specific lines in API::Users 2019-05-28 10:14:26 +00:00
Rubén Dávila e8da6255d9 Backport some changes from EE 
MR: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/9815
 2019-04-02 23:20:43 -05:00
Yorick Peterse 449d2bb0d8
Backport parameters for API::Users 
This backports the EE specific parameters for API::Users, and wraps them
in a conditional.
 2019-03-26 14:18:29 +01:00
Thiago Presa 538741f230 Add highest_role method to User 2019-03-22 09:54:03 +00:00
Nermin Vehabovic ff671366cb Added: Include order by ID desc for tie breakers in pagination 2019-02-16 11:03:42 +01:00
Robert Schilling a612bd0708 Unify user requirements for API slugs 2019-01-31 11:13:23 +01:00
Robert Schilling 2190704c61 API: Support username with dots 2019-01-15 17:16:03 +01:00
Imre Farkas f3cd24a9f3
Display impersonation token value only after creation 
Since we migrated all PersonlAccessTokens to store only its hash in the
DB, the token value can no longer be shown to the user.
 2018-11-12 12:16:25 +01:00
Imre Farkas 8d900ade38
Remove PersonalAccessTokensFinder#find_by method 
find_by_token is overriden by TokenAuthenticatable which can be easily
missed or confused with #find_by(:token) defined by ActiveRecord. First
step for safer usage is to remove #find_by.
 2018-11-05 11:36:45 +01:00
William George 1b153d497b Make getting a user by the username case insensitive 2018-10-18 09:06:44 +00:00
Douwe Maan 9fcd903b60 Merge branch 'features/unauth-access-ssh-keys' into 'master' 
List public ssh keys by id or username without authentication

See merge request gitlab-org/gitlab-ce!20118
 2018-10-05 08:41:04 +00:00
Ronald Claveau 7d55c1353d List public ssh keys by id or username without authentication 2018-10-03 19:28:13 +02:00
Rémy Coutable c874a48134 Merge branch 'lib-api-frozen-string-enable' into 'master' 
Enable frozen string in lib/api and lib/backup

See merge request gitlab-org/gitlab-ce!22005
 2018-10-01 16:39:42 +00:00
Alexis Reigel 801fe04be7
allow users api to set public_email 2018-10-01 13:24:16 +02:00
gfyoung 3836d69119 Enable frozen string in lib/api and lib/backup 
Partially addresses #47424.

Had to make changes to spec files because
stubbing methods on frozen objects is a mess
in RSpec and leads to failures:

https://github.com/rspec/rspec-mocks/issues/1190
 2018-09-29 21:04:50 -07:00
Alexis Reigel 921c96ab0c
remove obsolete parameter from users api 2018-09-26 17:29:30 +02:00
Robert Speicher c7d1eef671 Merge branch 'rubocop-code-reuse' into 'master' 
Add RuboCop cops to enforce code reusing rules

See merge request gitlab-org/gitlab-ce!21391
 2018-09-13 14:53:05 +00:00
Yorick Peterse 2039c8280d
Disable existing offenses for the CodeReuse cops 
This whitelists all existing offenses for the various CodeReuse cops, of
which most are triggered by the CodeReuse/ActiveRecord cop.
 2018-09-11 17:32:00 +02:00
Stan Hu ced2a932d7 Add ability to skip user email confirmation with API 
This gives admins the ability to send a `skip_confirmation` flag in the
`POST /users/:id/email` API endpoint to skip the verification step and
assume the given e-mail address is verified.

Closes #50876
 2018-09-10 22:41:53 -07:00
Bob Van Landuyt b4c4b48a8c Allow users to set a status 
This can be done trough the API for the current user, or on the
profile page.
 2018-07-30 15:01:26 +02:00
JX Terry 99011a61cf Add an option to have a private profile on GitLab 2018-07-24 12:46:19 +00:00
Marko, Peter 6d72bb3832 Add min_access_level filter to projects API 
Signed-off-by: Marko, Peter <peter.marko@siemens.com>
 2018-07-23 20:57:50 +02:00
Lin Jen-Shin 4ee08b77bc Updates from `rubocop -a` 2018-07-09 21:13:08 +08:00
Francisco Javier López df45623b34 Restoring user v3 endpoint 2018-06-13 08:25:01 +00:00
Dmitriy Zaporozhets c87c55bb35 Add 2FA filter to users API for admins only 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2018-04-23 11:54:45 +03:00
Markus Koller b7cd99c376
Allow including custom attributes in API responses 2018-02-08 13:30:34 +01:00
Dmitriy Zaporozhets 28ef8cc56e
Add sorting options for /users API (admin only) 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2018-02-06 16:00:33 +02:00
Yorick Peterse cca61980d5
Track and act upon the number of executed queries 
This ensures that we have more visibility in the number of SQL queries
that are executed in web requests. The current threshold is hardcoded to
100 as we will rarely (maybe once or twice) change it.

In production and development we use Sentry if enabled, in the test
environment we raise an error. This feature is also only enabled in
production/staging when running on GitLab.com as it's not very useful to
other users.
 2018-02-01 17:00:46 +01:00
Francisco Javier López 7c2b7296d4 Added default order to UserFinder 2017-12-04 09:49:53 +00:00
Daniel Juarez 0b9e1e1662 Skip confirmation user api 2017-11-21 15:47:58 +00:00
Douwe Maan fbdf057898 Remove private_token from API user entity 2017-11-02 11:39:01 +01:00
Douwe Maan 0c0c2ecd99 Merge branch 'master' into digitalmoksha/gitlab-ce-feature/verify_secondary_emails 
# Conflicts:
#	app/controllers/admin/users_controller.rb
#	app/controllers/confirmations_controller.rb
#	app/controllers/profiles/emails_controller.rb
#	app/models/user.rb
#	app/services/emails/base_service.rb
#	app/services/emails/destroy_service.rb
#	app/views/devise/mailer/confirmation_instructions.html.haml
#	lib/api/users.rb
#	spec/services/emails/destroy_service_spec.rb
 2017-10-05 12:48:22 +02:00
Markus Koller e9eae3eb0d Support custom attributes on users 2017-09-28 16:49:42 +00:00
James Lopez 1dcb711110 refactor emails service 2017-09-28 08:46:39 +02:00
James Lopez 67d06dee30 refactor users update service 2017-09-28 08:46:39 +02:00
James Lopez 9621dd0c9d refactor services to match EE signature 2017-09-28 08:46:39 +02:00
Tiago Botelho d70b7a490d find_user users helper method no longer overrides find_user API helper method. 2017-09-26 19:14:19 +01:00
Brett Walker b2d5379161 fix calls to Emails::DestroyService 2017-09-23 15:24:53 +02:00
Brett Walker f9f4672275 Send a confirmation email when the user adds a secondary email address. Utilizes the Devise `confirmable` capabilities. Issue #37385 2017-09-23 15:23:11 +02:00
Robert Speicher 3cbaed97f1 Ensure we use `Entities::User` for non-admin `users/:id` API requests 2017-09-15 19:34:52 -04:00
Robert Schilling 97371848c5 API: Add GPG key management for admins 2017-09-05 14:30:53 +02:00
Robert Schilling b69579742b API: Add GPG key management 2017-09-05 14:30:53 +02:00
Robert Schilling dcd4ea473c Update remaining endpoints 2017-08-28 17:10:30 +02:00
Robert Schilling e80313f9ee Conditionally destroy a ressource 2017-08-28 16:40:25 +02:00
Robert Schilling 998afa5f74 API: Respect the 'If-Unmodified-Since' for delete endpoints 2017-08-28 16:40:25 +02:00
Rémy Coutable 09a348eb13
Include the `is_admin` field in the `GET /users/:id` API when current user is an admin 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2017-08-11 15:14:32 +02:00
Dmitriy Zaporozhets 6b8ad689da
Update grape gem 
New version of the gem returns 200 status code on delete with content
instead of 204 so we explicitly set status code to keep existing
behavior

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2017-07-20 16:33:18 +03:00
Rémy Coutable 91f63820a5
Return `is_admin` attribute in the GET /user endpoint for admins 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2017-07-12 12:45:46 +02:00
James Lopez 5e66c6568b fix specs 2017-07-07 16:09:30 +02:00
James Lopez 1a7d2aba3b add created at filter logic to users finder and API 2017-07-07 10:38:57 +02:00
Douwe Maan 5e2f7f25eb Merge branch 'master' into '33580-fix-api-scoping' 
# Conflicts:
#   lib/api/users.rb
 2017-07-04 15:00:01 +00:00
Timothy Andrew d1488268b2 Simplify authentication logic in the v4 users API for !12445. 
- Rather than using an explicit check to turn off authentication for the
  `/users` endpoint, simply call `authenticate_non_get!`.

- All `GET` endpoints we wish to restrict already call
  `authenticated_as_admin!`, and so remain inacessible to anonymous users.

- This _does_ open up the `/users/:id` endpoint to anonymous access. It contains
  the same access check that `/users` users, and so is safe for use here.

- More context: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12445#note_34031323
 2017-07-04 12:19:48 +00:00
Timothy Andrew 5dedea358d Merge remote-tracking branch 'origin/master' into 34141-allow-unauthenticated-access-to-the-users-api 
- Modify policy code to work with the `DeclarativePolicy` refactor
  in 37c401433b.
 2017-06-30 13:45:51 +00:00
Timothy Andrew 3c88a7869b Implement review comments for !12445 from @godfat and @rymai. 
- Use `GlobalPolicy` to authorize the users that a non-authenticated user can
  fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC`
  visibility level is not restricted.

- Further, as before, `/api/v4/users` is only accessible to unauthenticated users if
  the `username` parameter is passed.

- Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual
  route + method, rather than the description.

- Change the type of `current_user` check in `UsersFinder` to be more
  compatible with EE.
 2017-06-30 13:06:03 +00:00
Timothy Andrew 6f1922500b Initial attempt at refactoring API scope declarations. 
- Declaring an endpoint's scopes in a `before` block has proved to be
  unreliable. For example, if we're accessing the `API::Users` endpoint - code
  in a `before` block in `API::API` wouldn't be able to see the scopes set in
  `API::Users` since the `API::API` `before` block runs first.

- This commit moves these declarations to the class level, since they don't need
  to change once set.
 2017-06-28 07:17:13 +00:00
Timothy Andrew 20f679d620 Allow unauthenticated access to the `/api/v4/users` API. 
- The issue filtering frontend code needs access to this API for non-logged-in
  users + public projects. It uses the API to fetch information for a user by
  username.

- We don't authenticate this API anymore, but instead - if the `current_user` is
  not present:

  - Verify that the `username` parameter has been passed. This disallows an
    unauthenticated user from grabbing a list of all users on the instance. The
    `UsersFinder` class performs an exact match on the `username`, so we are
    guaranteed to get 0 or 1 users.
  - Verify that the resulting user (if any) is accessible to be viewed publicly
    by calling `can?(current_user, :read_user, user)`
 2017-06-26 07:20:30 +00:00
James Lopez ae95310523 fix spec failures 2017-06-24 10:00:23 +02:00
James Lopez 859858c7e6 fix spec failures 2017-06-23 21:13:46 +02:00
James Lopez b804db2648 refactor update user service not to do auth checks 2017-06-23 11:41:43 +02:00
James Lopez 12dc3992ea fix spec failures 2017-06-23 11:41:42 +02:00
James Lopez 785cbb79e2 refactor emails service 2017-06-23 11:41:42 +02:00
James Lopez 831b2fccf9 update missing email actions 2017-06-23 11:41:42 +02:00
James Lopez 87bf08c96c fix specs 2017-06-23 11:41:42 +02:00
James Lopez 3bab585bec update to use emails destroy service 2017-06-23 11:41:42 +02:00
James Lopez ad44af2faa fixed specs 2017-06-23 11:41:42 +02:00
James Lopez 158550cf37 added service in the rest of controllers and classes 2017-06-23 11:41:42 +02:00
James Lopez bf3a3f3652 fix api and controller issues 2017-06-23 11:41:41 +02:00
James Lopez ef6a4240e5 update notification settings, fix api specs 2017-06-23 11:41:41 +02:00
Grzegorz Bizon 0430b76441 Enable Style/DotPosition Rubocop 👮 2017-06-21 13:48:12 +00:00
Mike Ricketts 0e7478064f Re-instate is_admin flag in users API is current user is an admin 2017-06-20 14:54:29 +00:00
vanadium23 83a9a472b3 Accept image for avatar in user API 2017-06-16 23:52:15 +03:00
Grzegorz Bizon eebd18c3ac Merge branch '2563-backport-ee1942' into 'master' 
Backport some EE changes from adding shared_runners_minutes_limit to the API

Closes gitlab-ee#2563

See merge request !11936
 2017-06-07 07:04:21 +00:00
Lin Jen-Shin d919f924bf Backport https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1942 2017-06-06 21:42:45 +08:00
Mark Fletcher ad3e180ed3 Introduce an Events API 
* Meld the following disparate endpoints:
 * `/projects/:id/events`
 * `/events`
 * `/users/:id/events`
+ Add result filtering to the above endpoints:
 * action
 * target_type
 * before and after dates
 2017-06-06 20:16:41 +08:00
Nick Thomas 158581a447 Refactor the DeleteUserWorker 2017-06-05 13:08:06 +01:00
Nick Thomas c890c6aaf2 Allow users to be hard-deleted from the API 2017-06-02 18:28:12 +01:00
George Andrinopoulos 872e7b7efe Create a Users Finder 2017-05-15 13:53:12 +00:00
Timothy Andrew 34b71e734b Don't display the `is_admin?` flag for user API responses. 
- To prevent an attacker from enumerating the `/users` API to get a list of all
  the admins.

- Display the `is_admin?` flag wherever we display the `private_token` - at the
  moment, there are two instances:

  - When an admin uses `sudo` to view the `/user` endpoint
  - When logging in using the `/session` endpoint
 2017-04-25 09:46:05 +00:00
Robert Speicher 93e23a5d71 Merge branch 'query-users-by-extern-uid' into 'master' 
Implement search by extern_uid in Users API

See merge request !10509
 2017-04-19 19:50:38 +00:00
Robin Bobbitt ddf7e6ae78 Implement search by extern_uid in Users API 2017-04-18 14:55:32 -04:00
Sean McGivern 380e40fee3 Remove unused user activities code 2017-04-14 15:20:55 +02:00
Rémy Coutable 814212621f Expose `last_activity_on` in the User API 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2017-04-14 15:20:55 +02:00
Sean McGivern 91ac0e038a Port 'Add user activities API' to CE 
CE port of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/962
 2017-04-14 15:20:55 +02:00
Oswaldo Ferreira fd32960e7c Separate CE params on Grape API 2017-04-10 16:13:48 -03:00
blackst0ne 11aff97d88 Remove the User#is_admin? method 2017-04-09 13:20:57 +11:00
Jacopo b996a82ff4 ProjectsFinder should handle more options 
Extended ProjectFinder in order to handle the following options:
 - current_user - which user use
 - project_ids_relation: int[] - project ids to use
 - params:
   -  trending: boolean
   -  non_public: boolean
   -  starred: boolean
   -  sort: string
   -  visibility_level: int
   -  tags: string[]
   -  personal: boolean
   -  search: string
   -  non_archived: boolean

GroupProjectsFinder now inherits from ProjectsFinder.
Changed the code in order to use the new available options.
 2017-04-06 07:11:37 +02:00
Stan Hu 6a2d022d1d Delete users asynchronously 2017-04-02 05:37:05 -07:00
George Andrinopoulos 7c74a0209b Implement new service for creating user 2017-03-27 09:37:24 +00:00
http://jneen.net/ 846e581732 use a magic default :global symbol instead of nil 
to make sure we mean the global permissions
 2017-03-09 11:49:52 -08:00
Tiago Botelho 005749a616 apply codestyle and implementation changes to the respective feature code 2017-03-06 19:18:26 +00:00
Tiago Botelho 2b474dc2b2 refactors finder and correlated code 2017-03-01 13:11:11 +00:00
Tiago Botelho 9f2e4742e3 applies relevant changes to the code and code structure 2017-02-28 22:15:40 +00:00
Tiago Botelho f0ea7130f7 refactors documentation and personal access tokens form to not allow admins to generate non impersionation tokens 2017-02-28 22:15:40 +00:00
Simon Vocella a3dfb58e7f add impersonation token 2017-02-28 22:15:39 +00:00
Simon Vocella 81246e5649 manage personal_access_tokens through api 2017-02-28 22:15:39 +00:00
Robert Schilling 86c58687b2 Return 204 for delete endpoints 2017-02-28 08:32:38 +01:00
Douwe Maan 1fe7501b49 Revert "Prefer leading style for Style/DotPosition" 
This reverts commit cb10b725c8929b8b4460f89c9d96c773af39ba6b.
 2017-02-23 09:33:05 -06:00
Douwe Maan 206953a430 Prefer leading style for Style/DotPosition 2017-02-23 09:32:22 -06:00
Douwe Maan 030baf70d2 Enable Performance/RedundantMerge 2017-02-23 09:31:57 -06:00
Robert Schilling 8f690604a5 API: Use POST to (un)block a user 2017-02-20 15:18:40 +01:00
Robert Schilling 01ea65e0e9 Paginate all endpoints that return an array 2017-02-16 15:32:01 +01:00
Rémy Coutable 6c62ec76c0 Merge branch '1051-api-create-users-without-password' into 'master' 
Optionally make users created via the API set their password

Closes #1051

See merge request !8957
 2017-02-10 18:34:58 +00:00
Joost Rijneveld 6fab6d94ce
Optionally make users created via the API set their password 2017-02-09 20:32:54 +01:00
dixpac 0dacf3c169 Fix inconsistent naming for services that delete things 
* Changed name of delete_user_service and worker to destroy
* Move and change delete_group_service to Groups::DestroyService
* Rename Notes::DeleteService to Notes::DestroyService
 2017-02-08 09:16:43 +01:00
George Andrinopoulos 19dda1606b Force new password after password reset via API 2017-02-02 12:47:23 +02:00
Mark Fletcher 72c68b98ae Fix Users API to accept confirm parameter 2017-01-11 14:38:41 +00:00
Rémy Coutable 8b1914ceb2
Fix the failing spec in POST /users API 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2017-01-05 13:30:31 +01:00
Robert Schilling 15932c360c API: extern_uid is a string 2017-01-03 08:44:33 +01:00
Arsenev Vladislav 3cc334eae5 remove build_user from model User 2016-12-18 23:26:29 +00:00
Timothy Andrew 7fa06ed55d Calls to the API are checked for scope. 
- Move the `Oauth2::AccessTokenValidationService` class to
  `AccessTokenValidationService`, since it is now being used for
  personal access token validation as well.

- Each API endpoint declares the scopes it accepts (if any). Currently,
  the top level API module declares the `api` scope, and the `Users` API
  module declares the `read_user` scope (for GET requests).

- Move the `find_user_by_private_token` from the API `Helpers` module to
  the `APIGuard` module, to avoid littering `Helpers` with more
  auth-related methods to support `find_user_by_private_token`
 2016-12-16 16:29:31 +05:30
Rémy Coutable 2f45d3bcf0 API: Memoize the current_user so that the sudo can work properly 
The issue was arising when `#current_user` was called a second time
after a user was impersonated: the `User#is_admin?` check would be
performed on it and it would fail.

Signed-off-by: Rémy Coutable <remy@rymai.me>
 2016-12-12 13:50:31 +01:00
tiagonbotelho 3ed96afc47 adds impersonator variable and makes sudo usage overall more clear 2016-12-07 14:42:51 +00:00
tiagonbotelho 8b379465a5 Reenables /user API request to return private-token if user is admin and requested with sudo 2016-12-07 14:42:51 +00:00
Robert Schilling 74c8669b0a Use the pagination helper in the API 2016-12-04 18:11:19 +01:00
Rémy Coutable 039d4a1cbf
Fix StrongAttibutes error with Ruby 2.1 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2016-11-21 18:47:55 +01:00
Robert Schilling 4cb3c0b404 Grapify the users API 2016-11-21 10:53:28 +01:00
Yatish Mehta a0aaf93fe5
Add query param to filter users on 'external' & 'blocked' type on API 2016-11-08 12:04:05 -08:00
Airat Shigapov 3685e867c8
Get rid of extra .page call 2016-10-24 22:56:27 +03:00
Airat Shigapov 1a04a51b52
Fix events order in user contributions API 2016-10-24 22:56:27 +03:00
Rémy Coutable 33ce197645
API: New /users/:id/events endpoint 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2016-10-10 13:35:53 +02:00
Dmitriy Zaporozhets d0b556eb1b Add User#organization to users api 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2016-09-27 14:04:39 +03:00
Timothy Andrew 727dff3f15 Don't expose a user's private token in the `/api/v3/user` API. 
- This would allow anyone with a personal access token (even a read-only
  token, once scopes are implemented) to escalate their access by
  obtaining the private token.
 2016-08-31 12:33:24 +05:30
Grzegorz Bizon c370dce01c Enable Style/RedundantParentheses rubocop cop 
See #17478
 2016-05-30 15:07:18 +02:00
Felipe Artur 2366768d3b Add changelog entry 2016-04-18 11:12:28 -03:00
Felipe Artur 820c08cefd Fix documentation and improve permissions code 2016-04-18 11:12:28 -03:00
Felipe Artur ce96d482d9 Insert users check into api 2016-04-18 11:12:27 -03:00
Robert Schilling 62b6963255 Expose user location in API 2016-04-06 15:53:17 +02:00
Achilleas Pipinellis 956e914307 Add missing API docs on external user 
[ci skip]
 2016-03-17 12:21:12 +02:00
Zeger-Jan van de Weg 51300d9b2a API support for setting External flag on existing users 2016-03-17 09:36:00 +01:00
Zeger-Jan van de Weg 42fcd3881f External Users 
The user has the rights of a public user execpt it can never create a project,
 group, or team. Also it cant view internal projects.
 2016-03-13 19:08:04 +01:00
Gabriel Mazetto ac6a10f3e8 Codestyle changes 2016-01-12 12:29:10 -02:00
Gabriel Mazetto 6e7db8e23e Prevent ldap_blocked users from being blocked/unblocked by the API 2016-01-08 16:26:04 -02:00
Michi302 141b8b67ff Make single user API endpoint return Entities::User instead of Entities::UserBasic 2015-12-28 15:50:44 +01:00
Stan Hu 5a8c65b508 Add API support for looking up a user by username 
Needed to support Huboard
 2015-12-24 07:57:13 -08:00
Patricio Cano f60eb60473 Added ability to update or set the identity of an existing user, like the documentation said it was possible, but actually wasn't. 2015-09-22 16:26:59 -05:00
Stan Hu d241c6d057 Restrict users API endpoints to use integer IDs 
Closes #2267
 2015-08-23 06:13:16 -07:00
Douwe Maan 8802846565 Fix indentation 2015-07-31 16:39:51 -04:00
Douwe Maan 4fb6ddfe06 Add ability to manage user email addresses via the API. 2015-07-29 15:40:08 +02:00
Steve Norman b3a751112d Allow user to be blocked and unblocked via the API 2015-07-03 11:17:57 +00:00
Stan Hu e80d7a804f Fix error when deleting a user who has projects 
Closes #1856
Closes https://github.com/gitlabhq/gitlabhq/issues/9394
 2015-06-23 04:39:49 -07:00