Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Browse Source

Added users/me resource. Fixed issue#241.

Martin Edenhofer 8 years ago
parent
1ddbb5d59e
commit
da2a11cb8c
3 changed files with 70 additions and 0 deletions
Split View Show Diff Stats
  1. 28 0
      app/controllers/users_controller.rb
  2. 2 0
      config/routes/user.rb
  3. 40 0
      test/controllers/user_organization_controller_test.rb

+ 28 - 0
app/controllers/users_controller.rb
View File 

@@ -306,6 +306,34 @@ class UsersController < ApplicationController
 
     model_destory_render(User, params)
 
   end
 
 
+  # @path       [GET] /users/me
 
+  #
 
+  # @summary          Returns the User record of current user.
 
+  # @notes            The requestor need to have a valid authentication.
 
+  #
 
+  # @parameter        full         [Bool]    If set a Asset structure with all connected Assets gets returned.
 
+  #
 
+  # @response_message 200 [User] User record matching the requested identifier.
 
+  # @response_message 401        Invalid session.
 
+  def me
 
+
 
+    if params[:expand]
 
+      user = current_user.attributes_with_relation_names
 
+      render json: user, status: :ok
 
+      return
 
+    end
 
+
 
+    if params[:full]
 
+      full = User.full(current_user.id)
 
+      render json: full
 
+      return
 
+    end
 
+
 
+    user = current_user.attributes_with_associations
 
+    user.delete('password')
 
+    render json: user
 
+  end
 
+
 
   # @path       [GET] /users/search
 
   #
 
   # @tag Search

+ 2 - 0
config/routes/user.rb
View File 

@@ -15,6 +15,8 @@ Zammad::Application.routes.draw do
 
   match api_path + '/users/avatar',                to: 'users#avatar_destroy',        via: :delete
 
   match api_path + '/users/avatar/set',            to: 'users#avatar_set_default',    via: :post
 
 
+  match api_path + '/users/me',                    to: 'users#me',                    via: :get
 
+
 
   match api_path + '/users',                       to: 'users#index',                 via: :get
 
   match api_path + '/users/:id',                   to: 'users#show',                  via: :get
 
   match api_path + '/users/history/:id',           to: 'users#history',               via: :get

+ 40 - 0
test/controllers/user_organization_controller_test.rb
View File 

@@ -147,11 +147,23 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
 
     assert_response(401)
 
     result = JSON.parse(@response.body)
 
     assert_equal('authentication failed', result['error'])
 
+
 
+    # me
 
+    get '/api/v1/users/me', {}, @headers
 
+    assert_response(401)
 
+    result = JSON.parse(@response.body)
 
+    assert_equal('authentication failed', result['error'])
 
   end
 
 
   test 'auth tests - not existing user' do
 
     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('not_existing@example.com', 'adminpw')
 
 
+    # me
 
+    get '/api/v1/users/me', {}, @headers.merge('Authorization' => credentials)
 
+    assert_response(401)
 
+    result = JSON.parse(@response.body)
 
+    assert_equal('authentication failed', result['error'])
 
+
 
     get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
 
     assert_response(401)
 
     result = JSON.parse(@response.body)
 
@@ -199,6 +211,13 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
 
     # email auth
 
     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
 
 
+    # me
 
+    get '/api/v1/users/me', {}, @headers.merge('Authorization' => credentials)
 
+    assert_response(200)
 
+    result = JSON.parse(@response.body)
 
+    assert(result)
 
+    assert_equal(result['email'], 'rest-admin@example.com')
 
+
 
     # index
 
     get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
 
     assert_response(200)
 
@@ -307,6 +326,13 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
 
 
     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-agent@example.com', 'agentpw')
 
 
+    # me
 
+    get '/api/v1/users/me', {}, @headers.merge('Authorization' => credentials)
 
+    assert_response(200)
 
+    result = JSON.parse(@response.body)
 
+    assert(result)
 
+    assert_equal(result['email'], 'rest-agent@example.com')
 
+
 
     # index
 
     get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
 
     assert_response(200)
 
@@ -407,6 +433,13 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
 
 
     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
 
 
+    # me
 
+    get '/api/v1/users/me', {}, @headers.merge('Authorization' => credentials)
 
+    assert_response(200)
 
+    result = JSON.parse(@response.body)
 
+    assert(result)
 
+    assert_equal(result['email'], 'rest-customer1@example.com')
 
+
 
     # index
 
     get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
 
     assert_response(200)
 
@@ -449,6 +482,13 @@ class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
 
 
     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
 
 
+    # me
 
+    get '/api/v1/users/me', {}, @headers.merge('Authorization' => credentials)
 
+    assert_response(200)
 
+    result = JSON.parse(@response.body)
 
+    assert(result)
 
+    assert_equal(result['email'], 'rest-customer2@example.com')
 
+
 
     # index
 
     get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
 
     assert_response(200)