Project

General

Profile

Actions

Feature #23307

closed

Include auth_source field in User API response

Added by Roger Mårtensson almost 8 years ago. Updated about 1 month ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
REST API
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed

Description

it would've been nice to be able to get which auth_source_id a given user has through the REST API. A nice complement to when creating user where it is possible to set the auth_source_id.


Files


Related issues

Related to Redmine - Feature #36659: Add "auth_source_id" to GET request for Endpoint /users.:formatClosedMarius BĂLTEANU

Actions
Related to Redmine - Feature #23306: Support for authentication sources in REST APINew

Actions
Actions #1

Updated by Toshi MARUYAMA almost 8 years ago

  • Related to Feature #23306: Support for authentication sources in REST API added
Actions #2

Updated by Anonymous over 6 years ago

I agree. This feature is also useful for admin scripts which needs to distinguish between "external" and LDAP users.

I attached a patch for this feature. auth_source_id only gets visible for admin users in it, as I do not see the need for standard users.

Actions #3

Updated by Anonymous over 6 years ago

toshio harita MARUYAMA : Do you have an opinion on this issue?

Actions #4

Updated by Roger Mårtensson over 5 years ago

What is the status of this issue?

Actions #5

Updated by Go MAEDA over 5 years ago

  • Target version set to Candidate for next major release
Actions #6

Updated by Go MAEDA almost 5 years ago

I think the response should include not only id but also name. Maybe the response does not include "auth_source" if the user uses internal authentication.

{
  "user": {
    "id": 1,
    "login": "admin",
    "firstname": "Redmine",
    "lastname": "Admin",
    "created_on": "2006-07-19T17:12:21Z",
    "last_login_on": "2019-09-06T06:37:53Z",
    "auth_source": {
      "id": 1,
      "name": "LDAP test server" 
    }
  }
}
Actions #7

Updated by Go MAEDA almost 5 years ago

Here is a patch to add auth_source to the response of GET /users/:id.(xml|json). auth_source is included only when the users auth_source is not nil and the current user is an administrator.

    "auth_source": {
      "id": 1,
      "name": "LDAP test server" 
    },
Actions #8

Updated by Go MAEDA over 2 years ago

  • Related to Feature #36659: Add "auth_source_id" to GET request for Endpoint /users.:format added
Actions #9

Updated by Marius BĂLTEANU 5 months ago

  • Status changed from New to Resolved
  • Assignee set to Marius BĂLTEANU
  • Target version changed from Candidate for next major release to 6.0.0
  • Resolution set to Fixed

Feature added in r22636. You can now get auth_source if your request contains "include=auth_source".

Actions #10

Updated by Marius BĂLTEANU 5 months ago

  • Related to deleted (Feature #23306: Support for authentication sources in REST API)
Actions #11

Updated by Marius BĂLTEANU 5 months ago

  • Related to Feature #23306: Support for authentication sources in REST API added
Actions #12

Updated by Marius BĂLTEANU 5 months ago

Should we include the auth_source also in index.api response?

Actions #13

Updated by Marius BĂLTEANU 5 months ago

  • Subject changed from Get which auth_source_id of a user to Add auth_source_id field to User API
  • Assignee changed from Marius BĂLTEANU to Go MAEDA

I've added the field also to /user list API.

Looking again on the implementation, I think we should return "internal" if user doesn't not have an auth_source because right now there is no difference between a request made without include=auth_source and a request with include=auth_source and user(s) with auth_source nil.

Go MAEDA, what do you think?

Actions #14

Updated by Marius BĂLTEANU 5 months ago

  • Subject changed from Add auth_source_id field to User API to Add auth_source field to User API
Actions #15

Updated by Marius BĂLTEANU 5 months ago

  • Subject changed from Add auth_source field to User API to Include auth_source field in User API response
Actions #16

Updated by Go MAEDA 5 months ago

Marius BĂLTEANU wrote in #note-13:

Looking again on the implementation, I think we should return "internal" if user doesn't not have an auth_source because right now there is no difference between a request made without include=auth_source and a request with include=auth_source and user(s) with auth_source nil.

You are right, I think it is better to return some value to indicate the internal authentication.

Actions #17

Updated by Marius BĂLTEANU about 1 month ago

  • Status changed from Resolved to Closed

Go MAEDA wrote in #note-16:

Marius BĂLTEANU wrote in #note-13:

Looking again on the implementation, I think we should return "internal" if user doesn't not have an auth_source because right now there is no difference between a request made without include=auth_source and a request with include=auth_source and user(s) with auth_source nil.

You are right, I think it is better to return some value to indicate the internal authentication.

We should track this change in another ticket because we should modify also the user listing to show "Internal".

Actions

Also available in: Atom PDF