From 8c76b1756f8098b0fb63e25b057342dc47309895 Mon Sep 17 00:00:00 2001 From: Kenneth Chu Date: Fri, 22 Jul 2022 19:11:49 +1000 Subject: [PATCH 01/10] Expose `created_by` in the Users API Changelog: added --- doc/api/users.md | 10 +++++++++- lib/api/entities/user_with_admin.rb | 12 ++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/doc/api/users.md b/doc/api/users.md index 333998dffb2f49..6a74df39d2943f 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -378,7 +378,11 @@ Example Responses: "plan": "gold", "trial": true, "sign_in_count": 1337, - "namespace_id": 1 + "namespace_id": 1, + "created_by": { + "id": null, + "username": null + } } ``` @@ -683,6 +687,10 @@ Parameters: "current_sign_in_ip": "196.165.1.102", "last_sign_in_ip": "172.127.2.22", "namespace_id": 1, + "created_by": { + "id": null, + "username": null + }, "note": null } ``` diff --git a/lib/api/entities/user_with_admin.rb b/lib/api/entities/user_with_admin.rb index f9c1a646a4fa98..d7366131c6876c 100644 --- a/lib/api/entities/user_with_admin.rb +++ b/lib/api/entities/user_with_admin.rb @@ -6,6 +6,18 @@ class UserWithAdmin < UserPublic expose :admin?, as: :is_admin expose :note expose :namespace_id + expose :created_by do + expose :id do |user| + if user.created_by + user.created_by.id + end + end + expose :username do |user| + if user.created_by + user.created_by.username + end + end + end end end end -- GitLab From 60188140b00dbf9ee08eab82b764a741294d12f0 Mon Sep 17 00:00:00 2001 From: Ahmed Hemdan Date: Mon, 1 Aug 2022 07:11:00 +0000 Subject: [PATCH 02/10] Refactor to one line conditionals --- lib/api/entities/user_with_admin.rb | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/lib/api/entities/user_with_admin.rb b/lib/api/entities/user_with_admin.rb index d7366131c6876c..1dd72e486a0c87 100644 --- a/lib/api/entities/user_with_admin.rb +++ b/lib/api/entities/user_with_admin.rb @@ -7,16 +7,8 @@ class UserWithAdmin < UserPublic expose :note expose :namespace_id expose :created_by do - expose :id do |user| - if user.created_by - user.created_by.id - end - end - expose :username do |user| - if user.created_by - user.created_by.username - end - end + expose(:id) { |user| user.created_by.id if user.created_by } + expose(:username) { |user| user.created_by.username if user.created_by } end end end -- GitLab From 68487374cc8d5e2aece54ef7c332f91c69b6e420 Mon Sep 17 00:00:00 2001 From: Kenneth Chu Date: Mon, 1 Aug 2022 17:56:05 +1000 Subject: [PATCH 03/10] Add more documentation on `created_by` field --- doc/api/users.md | 43 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 38 insertions(+), 5 deletions(-) diff --git a/doc/api/users.md b/doc/api/users.md index 6a74df39d2943f..75c1fc55765deb 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -106,7 +106,8 @@ GET /users?without_project_bots=true ### For administrators **(FREE SELF)** -> The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. +> - The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. +> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.5. ```plaintext GET /users @@ -161,7 +162,11 @@ GET /users "private_profile": false, "current_sign_in_ip": "196.165.1.102", "last_sign_in_ip": "172.127.2.22", - "namespace_id": 1 + "namespace_id": 1, + "created_by": { + "id": null, + "username": null + } }, { "id": 2, @@ -196,7 +201,11 @@ GET /users "private_profile": false, "current_sign_in_ip": "10.165.1.102", "last_sign_in_ip": "172.127.2.22", - "namespace_id": 2 + "namespace_id": 2, + "created_by": { + "id": null, + "username": null + } } ] ``` @@ -269,6 +278,17 @@ You can include the users' [custom attributes](custom_attributes.md) in the resp GET /users?with_custom_attributes=true ``` +You can see if a user account was created [manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area), or as a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects) with the `created_by` parameter. + +If the values are null, it means the account was created by a user registering an account on the GitLab instance. + +```json + "created_by": { + "id": null, + "username": null + } +``` + ## Single user Get a single user. @@ -315,7 +335,8 @@ Parameters: ### For administrators **(FREE SELF)** -> The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. +> - The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. +> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.5. ```plaintext GET /users/:id @@ -423,6 +444,17 @@ see the `group_saml` option and `provisioned_by_group_id` parameter: } ``` +Administrators can see if a user account was created [manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area), or as a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects) with the `created_by` parameter. + +If the values are null, it means the account was created by a user registering an account on the GitLab instance. + +```json + "created_by": { + "id": null, + "username": null + } +``` + You can include the user's [custom attributes](custom_attributes.md) in the response with: ```plaintext @@ -634,7 +666,8 @@ Users on [GitLab Premium or higher](https://about.gitlab.com/pricing/) also see ### For administrators **(FREE SELF)** -> The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. +> - The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. +> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.5. ```plaintext GET /user -- GitLab From df1a4982f979cf9a3a4b78de763f0038b2379683 Mon Sep 17 00:00:00 2001 From: Kenneth Chu Date: Wed, 12 Oct 2022 14:20:21 +1100 Subject: [PATCH 04/10] Add tests for `created_by` values in the Users API --- spec/requests/api/users_spec.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 96e23337411995..f0cb8ed73a4c1e 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -165,6 +165,7 @@ expect(json_response.first).not_to have_key('note') expect(json_response.first).not_to have_key('namespace_id') + expect(json_response.first).not_to have_key('created_by') end end @@ -175,6 +176,7 @@ expect(json_response.first).not_to have_key('note') expect(json_response.first).not_to have_key('namespace_id') + expect(json_response.first).not_to have_key('created_by') end end @@ -186,6 +188,28 @@ expect(json_response.first).to have_key('note') expect(json_response.first['note']).to eq '2018-11-05 | 2FA removed | user requested | www.gitlab.com' end + + context 'contains the `created_by` details' do + it 'of users that self-registered an account' do + get api("/users", admin), params: { username: user.username } + + expect(response).to have_gitlab_http_status(:success) + expect(json_response.first).to have_key('created_by') + expect(json_response.first['created_by']['id']).to eq(nil) + expect(json_response.first['created_by']['username']).to eq(nil) + end + + it 'of created users' do + creator = create(:user, id: 10, username: 'creator' ) + created = create(:user, username: 'created', created_by_id: creator.id ) + get api("/users", admin), params: { username: created.username } + + expect(response).to have_gitlab_http_status(:success) + expect(json_response.first).to have_key('created_by') + expect(json_response.first['created_by']['id']).to eq(creator.id) + expect(json_response.first['created_by']['username']).to eq(creator.username) + end + end end context 'N+1 queries' do -- GitLab From 8504932bb1c7dc945cc6bf4b5b21e7a23be0c0db Mon Sep 17 00:00:00 2001 From: Kenneth Chu Date: Thu, 13 Oct 2022 15:27:48 +1100 Subject: [PATCH 05/10] Return details from UserBasic instead --- doc/api/users.md | 34 +++++++---------------------- lib/api/entities/user_with_admin.rb | 5 +---- spec/requests/api/users_spec.rb | 3 +-- 3 files changed, 10 insertions(+), 32 deletions(-) diff --git a/doc/api/users.md b/doc/api/users.md index 75c1fc55765deb..7aaa43347fcfd3 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -163,10 +163,7 @@ GET /users "current_sign_in_ip": "196.165.1.102", "last_sign_in_ip": "172.127.2.22", "namespace_id": 1, - "created_by": { - "id": null, - "username": null - } + "created_by": null }, { "id": 2, @@ -202,10 +199,7 @@ GET /users "current_sign_in_ip": "10.165.1.102", "last_sign_in_ip": "172.127.2.22", "namespace_id": 2, - "created_by": { - "id": null, - "username": null - } + "created_by": null } ] ``` @@ -280,13 +274,10 @@ GET /users?with_custom_attributes=true You can see if a user account was created [manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area), or as a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects) with the `created_by` parameter. -If the values are null, it means the account was created by a user registering an account on the GitLab instance. +If the returned value is null, it means the account was created by a user registering an account on the GitLab instance. ```json - "created_by": { - "id": null, - "username": null - } + "created_by": null ``` ## Single user @@ -400,10 +391,7 @@ Example Responses: "trial": true, "sign_in_count": 1337, "namespace_id": 1, - "created_by": { - "id": null, - "username": null - } + "created_by": null } ``` @@ -446,13 +434,10 @@ see the `group_saml` option and `provisioned_by_group_id` parameter: Administrators can see if a user account was created [manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area), or as a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects) with the `created_by` parameter. -If the values are null, it means the account was created by a user registering an account on the GitLab instance. +If the returned value is null, it means the account was created by a user registering an account on the GitLab instance. ```json - "created_by": { - "id": null, - "username": null - } + "created_by": null ``` You can include the user's [custom attributes](custom_attributes.md) in the response with: @@ -720,10 +705,7 @@ Parameters: "current_sign_in_ip": "196.165.1.102", "last_sign_in_ip": "172.127.2.22", "namespace_id": 1, - "created_by": { - "id": null, - "username": null - }, + "created_by": null, "note": null } ``` diff --git a/lib/api/entities/user_with_admin.rb b/lib/api/entities/user_with_admin.rb index 1dd72e486a0c87..53fef7a46e2f3f 100644 --- a/lib/api/entities/user_with_admin.rb +++ b/lib/api/entities/user_with_admin.rb @@ -6,10 +6,7 @@ class UserWithAdmin < UserPublic expose :admin?, as: :is_admin expose :note expose :namespace_id - expose :created_by do - expose(:id) { |user| user.created_by.id if user.created_by } - expose(:username) { |user| user.created_by.username if user.created_by } - end + expose :created_by, with: UserBasic end end end diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index f0cb8ed73a4c1e..c84dcf868f4c8c 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -195,8 +195,7 @@ expect(response).to have_gitlab_http_status(:success) expect(json_response.first).to have_key('created_by') - expect(json_response.first['created_by']['id']).to eq(nil) - expect(json_response.first['created_by']['username']).to eq(nil) + expect(json_response.first['created_by']).to eq(nil) end it 'of created users' do -- GitLab From 0603c3bb34d2a8e98bf065760e327a4a92a534f5 Mon Sep 17 00:00:00 2001 From: Jon Glassman Date: Fri, 14 Oct 2022 05:23:54 +0000 Subject: [PATCH 06/10] Adjust documentation to be more concise --- doc/api/users.md | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/doc/api/users.md b/doc/api/users.md index 7aaa43347fcfd3..bab0c4dd729409 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -272,9 +272,12 @@ You can include the users' [custom attributes](custom_attributes.md) in the resp GET /users?with_custom_attributes=true ``` -You can see if a user account was created [manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area), or as a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects) with the `created_by` parameter. +You can use the `created_by` parameter to see if a user account was created: -If the returned value is null, it means the account was created by a user registering an account on the GitLab instance. +- [Manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area). +- As a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects). + +If the returned value is null, the account was created by a user registering an account on the GitLab instance. ```json "created_by": null @@ -432,9 +435,12 @@ see the `group_saml` option and `provisioned_by_group_id` parameter: } ``` -Administrators can see if a user account was created [manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area), or as a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects) with the `created_by` parameter. +Administrators can use the `created_by` parameter to see if a user account was created: + +- [Manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area). +- As a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects). -If the returned value is null, it means the account was created by a user registering an account on the GitLab instance. +If the returned value is null, the account was created by a user registering an account on the GitLab instance. ```json "created_by": null -- GitLab From d3103f641abc7e58455287fe149de232e358d373 Mon Sep 17 00:00:00 2001 From: Doug Stull Date: Fri, 14 Oct 2022 05:30:35 +0000 Subject: [PATCH 07/10] Adjust test names --- spec/requests/api/users_spec.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index c84dcf868f4c8c..7096b56b745ffa 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -189,8 +189,8 @@ expect(json_response.first['note']).to eq '2018-11-05 | 2FA removed | user requested | www.gitlab.com' end - context 'contains the `created_by` details' do - it 'of users that self-registered an account' do + context 'with `created_by` details' do + it 'has created_by as nil with a self-registered account' do get api("/users", admin), params: { username: user.username } expect(response).to have_gitlab_http_status(:success) @@ -198,7 +198,7 @@ expect(json_response.first['created_by']).to eq(nil) end - it 'of created users' do + it 'is created_by a user and has those details' do creator = create(:user, id: 10, username: 'creator' ) created = create(:user, username: 'created', created_by_id: creator.id ) get api("/users", admin), params: { username: created.username } -- GitLab From 8f5dbd5babf188908b560067ec2d70ae176e0eb9 Mon Sep 17 00:00:00 2001 From: Evan Read Date: Fri, 14 Oct 2022 07:42:57 +0000 Subject: [PATCH 08/10] Remove code block in the `created_by` documentation --- doc/api/users.md | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/doc/api/users.md b/doc/api/users.md index bab0c4dd729409..127905b0e3b403 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -277,11 +277,7 @@ You can use the `created_by` parameter to see if a user account was created: - [Manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area). - As a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects). -If the returned value is null, the account was created by a user registering an account on the GitLab instance. - -```json - "created_by": null -``` +If the returned value is `null`, the account was created by a user who registered an account themselves. ## Single user @@ -440,11 +436,7 @@ Administrators can use the `created_by` parameter to see if a user account was c - [Manually by an administrator](../user/profile/account/create_accounts.md#create-users-in-admin-area). - As a [project bot user](../user/project/settings/project_access_tokens.md#bot-users-for-projects). -If the returned value is null, the account was created by a user registering an account on the GitLab instance. - -```json - "created_by": null -``` +If the returned value is `null`, the account was created by a user who registered an account themselves. You can include the user's [custom attributes](custom_attributes.md) in the response with: -- GitLab From ad9b90ca3f936fb133d75aa7d936ea563522725f Mon Sep 17 00:00:00 2001 From: Doug Stull Date: Mon, 17 Oct 2022 07:42:25 +0000 Subject: [PATCH 09/10] Refactor API test to check created_by values on a created user --- spec/requests/api/users_spec.rb | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 7096b56b745ffa..66a18b9783856f 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -199,14 +199,13 @@ end it 'is created_by a user and has those details' do - creator = create(:user, id: 10, username: 'creator' ) - created = create(:user, username: 'created', created_by_id: creator.id ) + created = create(:user, created_by_id: user.id) + get api("/users", admin), params: { username: created.username } expect(response).to have_gitlab_http_status(:success) - expect(json_response.first).to have_key('created_by') - expect(json_response.first['created_by']['id']).to eq(creator.id) - expect(json_response.first['created_by']['username']).to eq(creator.username) + expect(json_response.first['created_by'].symbolize_keys) + .to eq(API::Entities::UserBasic.new(user).as_json) end end end -- GitLab From 50d191413d7464e611cddbb9138dd9077a07725e Mon Sep 17 00:00:00 2001 From: Kenneth Chu Date: Mon, 17 Oct 2022 18:43:26 +1100 Subject: [PATCH 10/10] Update 'introduced in' text to 15.6 --- doc/api/users.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/api/users.md b/doc/api/users.md index 127905b0e3b403..a76539c375b1d5 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -107,7 +107,7 @@ GET /users?without_project_bots=true ### For administrators **(FREE SELF)** > - The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. -> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.5. +> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.6. ```plaintext GET /users @@ -326,7 +326,7 @@ Parameters: ### For administrators **(FREE SELF)** > - The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. -> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.5. +> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.6. ```plaintext GET /users/:id @@ -650,7 +650,7 @@ Users on [GitLab Premium or higher](https://about.gitlab.com/pricing/) also see ### For administrators **(FREE SELF)** > - The `namespace_id` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82045) in GitLab 14.10. -> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.5. +> - The `created_by` field in the response was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/93092) in GitLab 15.6. ```plaintext GET /user -- GitLab