Project

General

Profile

Actions
Copy link

Feature #23307

closed

Include auth_source field in User API response

Added by Roger Mårtensson almost 8 years ago. Updated 5 days ago.

Status:
Closed
Priority:
Normal
Assignee:
Go MAEDA
Category:
REST API
Target version:
6.0.0
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed

Description

it would've been nice to be able to get which auth_source_id a given user has through the REST API. A nice complement to when creating user where it is possible to set the auth_source_id.

Files

Download all files
add_auth_source_id_to_api.patch (3.92 KB) add_auth_source_id_to_api.patch Anonymous, 2018-02-06 18:00
0001-Add-auth_source-to-the-users-API-response.patch (1.8 KB) 0001-Add-auth_source-to-the-users-API-response.patch Go MAEDA, 2019-09-08 05:03

Related issues

Related to Redmine - Feature #36659: Add "auth_source_id" to GET request for Endpoint /users.:formatClosedMarius BĂLTEANU

Actions
Related to Redmine - Feature #23306: Support for authentication sources in REST APINew

Actions
Actions
Copy link
 #1

Updated by Toshi MARUYAMA almost 8 years ago

  • Related to Feature #23306: Support for authentication sources in REST API added
Actions
Copy link
 #2

Updated by Anonymous over 6 years ago

I agree. This feature is also useful for admin scripts which needs to distinguish between "external" and LDAP users.

I attached a patch for this feature. auth_source_id only gets visible for admin users in it, as I do not see the need for standard users.

Actions
Copy link
 #3

Updated by Anonymous over 6 years ago

toshio harita MARUYAMA : Do you have an opinion on this issue?

Actions
Copy link
 #4

Updated by Roger Mårtensson over 5 years ago

What is the status of this issue?

Actions
Copy link
 #5

Updated by Go MAEDA over 5 years ago

  • Target version set to Candidate for next major release
Actions
Copy link
 #6

Updated by Go MAEDA over 4 years ago

I think the response should include not only id but also name. Maybe the response does not include "auth_source" if the user uses internal authentication.

{
  "user": {
    "id": 1,
    "login": "admin",
    "firstname": "Redmine",
    "lastname": "Admin",
    "created_on": "2006-07-19T17:12:21Z",
    "last_login_on": "2019-09-06T06:37:53Z",
    "auth_source": {
      "id": 1,
      "name": "LDAP test server" 
    }
  }
}
Actions
Copy link
 #7

Updated by Go MAEDA over 4 years ago

Here is a patch to add auth_source to the response of GET /users/:id.(xml|json). auth_source is included only when the users auth_source is not nil and the current user is an administrator.

    "auth_source": {
      "id": 1,
      "name": "LDAP test server" 
    },
Actions
Copy link
 #8

Updated by Go MAEDA about 2 years ago

  • Related to Feature #36659: Add "auth_source_id" to GET request for Endpoint /users.:format added
Actions
Copy link
 #9

Updated by Marius BĂLTEANU 4 months ago

  • Status changed from New to Resolved
  • Assignee set to Marius BĂLTEANU
  • Target version changed from Candidate for next major release to 6.0.0
  • Resolution set to Fixed

Feature added in r22636. You can now get auth_source if your request contains "include=auth_source".

Actions
Copy link
 #10

Updated by Marius BĂLTEANU 4 months ago

  • Related to deleted (Feature #23306: Support for authentication sources in REST API)
Actions
Copy link
 #11

Updated by Marius BĂLTEANU 4 months ago

  • Related to Feature #23306: Support for authentication sources in REST API added
Actions
Copy link
 #12

Updated by Marius BĂLTEANU 4 months ago

Should we include the auth_source also in index.api response?

Actions
Copy link
 #13

Updated by Marius BĂLTEANU 4 months ago

  • Subject changed from Get which auth_source_id of a user to Add auth_source_id field to User API
  • Assignee changed from Marius BĂLTEANU to Go MAEDA

I've added the field also to /user list API.

Looking again on the implementation, I think we should return "internal" if user doesn't not have an auth_source because right now there is no difference between a request made without include=auth_source and a request with include=auth_source and user(s) with auth_source nil.

Go MAEDA, what do you think?

Actions
Copy link
 #14

Updated by Marius BĂLTEANU 4 months ago

  • Subject changed from Add auth_source_id field to User API to Add auth_source field to User API
Actions
Copy link
 #15

Updated by Marius BĂLTEANU 4 months ago

  • Subject changed from Add auth_source field to User API to Include auth_source field in User API response
Actions
Copy link
 #16

Updated by Go MAEDA 4 months ago

Marius BĂLTEANU wrote in #note-13:

Looking again on the implementation, I think we should return "internal" if user doesn't not have an auth_source because right now there is no difference between a request made without include=auth_source and a request with include=auth_source and user(s) with auth_source nil.

You are right, I think it is better to return some value to indicate the internal authentication.

Actions
Copy link
 #17

Updated by Marius BĂLTEANU 5 days ago

  • Status changed from Resolved to Closed

Go MAEDA wrote in #note-16:

Marius BĂLTEANU wrote in #note-13:

Looking again on the implementation, I think we should return "internal" if user doesn't not have an auth_source because right now there is no difference between a request made without include=auth_source and a request with include=auth_source and user(s) with auth_source nil.

You are right, I think it is better to return some value to indicate the internal authentication.

We should track this change in another ticket because we should modify also the user listing to show "Internal".

Actions
Copy link

Also available in: Atom PDF