From 221a09d3bd314353b985dc051d79ad8d279335bd Mon Sep 17 00:00:00 2001 From: Holger Just Date: Wed, 29 Aug 2018 16:12:13 +0200 Subject: [PATCH] Expose the Admin flag on the users api to admin users --- app/views/users/index.api.rsb | 1 + app/views/users/show.api.rsb | 1 + test/integration/api_test/users_test.rb | 12 ++++++++++++ 3 files changed, 14 insertions(+) diff --git a/app/views/users/index.api.rsb b/app/views/users/index.api.rsb index 4265a4be41..23e38398ef 100644 --- a/app/views/users/index.api.rsb +++ b/app/views/users/index.api.rsb @@ -3,6 +3,7 @@ api.array :users, api_meta(:total_count => @user_count, :offset => @offset, :lim api.user do api.id user.id api.login user.login + api.admin user.admin? api.firstname user.firstname api.lastname user.lastname api.mail user.mail diff --git a/app/views/users/show.api.rsb b/app/views/users/show.api.rsb index e4c49f9b87..d83ad22f6b 100644 --- a/app/views/users/show.api.rsb +++ b/app/views/users/show.api.rsb @@ -1,6 +1,7 @@ api.user do api.id @user.id api.login @user.login if User.current.admin? || (User.current == @user) + api.admin @user.admin? if User.current.admin? || (User.current == @user) api.firstname @user.firstname api.lastname @user.lastname api.mail @user.mail if User.current.admin? || !@user.pref.hide_mail diff --git a/test/integration/api_test/users_test.rb b/test/integration/api_test/users_test.rb index 1925578085..80f237b25b 100644 --- a/test/integration/api_test/users_test.rb +++ b/test/integration/api_test/users_test.rb @@ -125,6 +125,18 @@ class Redmine::ApiTest::UsersTest < Redmine::ApiTest::Base assert_select 'user status', :text => User.find(1).status.to_s end + test "GET /users/:id should return admin status for current user" do + get '/users/2.xml', :headers => credentials('jsmith') + assert_response :success + assert_select 'user admin', :text => 'false' + end + + test "GET /users/:id should not return admin status for other user" do + get '/users/3.xml', :headers => credentials('jsmith') + assert_response :success + assert_select 'user admin', 0 + end + test "POST /users.xml with valid parameters should create the user" do assert_difference('User.count') do post '/users.xml', -- 2.18.0