Expose is_auditor user role via API

Similar to how we expose is_admin when using the user API as an admin, provide is_auditor field Changelog: changed Add changelog entry

Expose is_auditor user role via API
Similar to how we expose is_admin when using the user API as an admin, provide is_auditor field Changelog: changed Add changelog entry
66aae34b · Serena Fang · 0b2d6f3f · 66aae34b · 66aae34b · 66aae34b
Commit 66aae34b authored May 05, 2021 by Serena Fang
3 changed files
--- a/changelogs/unreleased/expose-is-auditor.yml
+++ b/changelogs/unreleased/expose-is-auditor.yml
+---
+title: Expose is_auditor user role via API
+merge_request: 61058
+author:
+type: changed
--- a/lib/api/entities/user_with_admin.rb
+++ b/lib/api/entities/user_with_admin.rb
@@ -4,6 +4,7 @@ module API
  module Entities
    class UserWithAdmin < UserPublic
      expose :admin?, as: :is_admin
+      expose :auditor, as: :is_auditor
      expose :note
    end
  end

--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -536,6 +536,13 @@ RSpec.describe API::Users do
      expect(json_response.keys).not_to include 'is_admin'
    end

+    it "does not return the user's `is_auditor` flag" do
+      get api("/users/#{user.id}", user)
+
+      expect(response).to match_response_schema('public_api/v4/user/basic')
+      expect(json_response.keys).not_to include 'is_auditor'
+    end
+
    it "does not return the user's `highest_role`" do
      get api("/users/#{user.id}", user)

@@ -582,6 +589,13 @@ RSpec.describe API::Users do
        expect(json_response['is_admin']).to be(false)
      end

+      it 'includes the `is_auditor` field' do
+        get api("/users/#{user.id}", admin)
+
+        expect(response).to match_response_schema('public_api/v4/user/admin')
+        expect(json_response['is_auditor']).to be(false)
+      end
+
      it "includes the `created_at` field for private users" do
        get api("/users/#{private_user.id}", admin)