Feature #23307
open
Include auth_source field in User API response
Added by Roger Mårtensson almost 8 years ago. Updated 3 months ago.
0%
Description
it would've been nice to be able to get which auth_source_id a given user has through the REST API. A nice complement to when creating user where it is possible to set the auth_source_id.
Files
| add_auth_source_id_to_api.patch (3.92 KB) add_auth_source_id_to_api.patch | Anonymous, 2018-02-06 18:00 | ||
| 0001-Add-auth_source-to-the-users-API-response.patch (1.8 KB) 0001-Add-auth_source-to-the-users-API-response.patch | Go MAEDA, 2019-09-08 05:03 |
Related issues
Updated by Toshi MARUYAMA over 7 years ago
- Related to Feature #23306: Support for authentication sources in REST API added
Updated by Anonymous about 6 years ago
I agree. This feature is also useful for admin scripts which needs to distinguish between "external" and LDAP users.
I attached a patch for this feature. auth_source_id only gets visible for admin users in it, as I do not see the need for standard users.
Updated by Anonymous about 6 years ago
toshio harita MARUYAMA : Do you have an opinion on this issue?
Updated by
Updated by Go MAEDA over 5 years ago
- Target version set to Candidate for next major release
Updated by Go MAEDA over 4 years ago
I think the response should include not only id but also name. Maybe the response does not include "auth_source" if the user uses internal authentication.
{
"user": {
"id": 1,
"login": "admin",
"firstname": "Redmine",
"lastname": "Admin",
"created_on": "2006-07-19T17:12:21Z",
"last_login_on": "2019-09-06T06:37:53Z",
"auth_source": {
"id": 1,
"name": "LDAP test server"
}
}
}
Updated by Go MAEDA over 4 years ago
- File 0001-Add-auth_source-to-the-users-API-response.patch 0001-Add-auth_source-to-the-users-API-response.patch added
Here is a patch to add auth_source to the response of GET /users/:id.(xml|json). auth_source is included only when the users auth_source is not nil and the current user is an administrator.
"auth_source": {
"id": 1,
"name": "LDAP test server"
},
Updated by Go MAEDA about 2 years ago
- Related to Feature #36659: Add "auth_source_id" to GET request for Endpoint /users.:format added
Updated by Marius BĂLTEANU 3 months ago
- Status changed from New to Resolved
- Assignee set to Marius BĂLTEANU
- Target version changed from Candidate for next major release to 6.0.0
- Resolution set to Fixed
Feature added in r22636. You can now get auth_source if your request contains "include=auth_source".
Updated by Marius BĂLTEANU 3 months ago
- Related to deleted (Feature #23306: Support for authentication sources in REST API)
Updated by Marius BĂLTEANU 3 months ago
- Related to Feature #23306: Support for authentication sources in REST API added
Updated by Marius BĂLTEANU 3 months ago
Should we include the auth_source also in index.api response?
Updated by Marius BĂLTEANU 3 months ago
- Subject changed from Get which auth_source_id of a user to Add auth_source_id field to User API
- Assignee changed from Marius BĂLTEANU to Go MAEDA
I've added the field also to /user list API.
Looking again on the implementation, I think we should return "internal" if user doesn't not have an auth_source because right now there is no difference between a request made without include=auth_source and a request with include=auth_source and user(s) with auth_source nil.
Go MAEDA, what do you think?
Updated by Marius BĂLTEANU 3 months ago
- Subject changed from Add auth_source_id field to User API to Add auth_source field to User API
Updated by Marius BĂLTEANU 3 months ago
- Subject changed from Add auth_source field to User API to Include auth_source field in User API response
Updated by Go MAEDA 3 months ago
Marius BĂLTEANU wrote in #note-13:
Looking again on the implementation, I think we should return "internal" if user doesn't not have an auth_source because right now there is no difference between a request made without
include=auth_sourceand a request withinclude=auth_sourceand user(s) with auth_source nil.
You are right, I think it is better to return some value to indicate the internal authentication.