Commit ba276e5c authored by Jiaan Louw's avatar Jiaan Louw Committed by Robert Hunt

Add admin users serializer and entity

- Created new serializer and entity to generate data for the admin
users table
- Added new tests
- Added changelog
parent 4c3a6eff
# frozen_string_literal: true
module Admin
module UserActionsHelper
def admin_actions(user)
return [] if user.internal?
@actions ||= ['edit']
return @actions if user == current_user
@user ||= user
blocked_actions
deactivate_actions
unlock_actions
delete_actions
@actions
end
private
def blocked_actions
if @user.ldap_blocked?
@actions << 'ldap'
elsif @user.blocked? && @user.blocked_pending_approval?
@actions << 'approve'
@actions << 'reject'
elsif @user.blocked?
@actions << 'unblock'
else
@actions << 'block'
end
end
def deactivate_actions
if @user.can_be_deactivated?
@actions << 'deactivate'
elsif @user.deactivated?
@actions << 'activate'
end
end
def unlock_actions
@actions << 'unlock' if @user.access_locked?
end
def delete_actions
return unless can?(current_user, :destroy_user, @user) && !@user.blocked_pending_approval? && @user.can_be_removed?
@actions << 'delete'
@actions << 'delete_with_contributions'
end
end
end
# frozen_string_literal: true
module Admin
class UserEntity < API::Entities::UserSafe
include RequestAwareEntity
include UsersHelper
include UserActionsHelper
expose :created_at
expose :email
expose :last_activity_on
expose :avatar_url
expose :badges do |user|
user_badges_in_admin_section(user)
end
expose :projects_count do |user|
user.authorized_projects.length
end
expose :actions do |user|
admin_actions(user)
end
private
def current_user
options[:current_user]
end
end
end
# frozen_string_literal: true
module Admin
class UserSerializer < BaseSerializer
entity UserEntity
end
end
---
title: Add admin users serializer and entity
merge_request: 48791
author:
type: added
# frozen_string_literal: true
require "spec_helper"
RSpec.describe Admin::UserActionsHelper do
describe '#admin_actions' do
let_it_be(:current_user) { build(:user) }
subject { helper.admin_actions(user) }
before do
allow(helper).to receive(:current_user).and_return(current_user)
allow(helper).to receive(:can?).with(current_user, :destroy_user, user).and_return(true)
end
context 'the user is a bot' do
let_it_be(:user) { build(:user, :bot) }
it { is_expected.to be_empty }
end
context 'the current user and user are the same' do
let_it_be(:user) { build(:user) }
let_it_be(:current_user) { user }
it { is_expected.to contain_exactly("edit") }
end
context 'the user is a standard user' do
let_it_be(:user) { create(:user) }
it { is_expected.to contain_exactly("edit", "block", "deactivate", "delete", "delete_with_contributions") }
end
context 'the user is an admin user' do
let_it_be(:user) { create(:user, :admin) }
it { is_expected.to contain_exactly("edit", "block", "deactivate", "delete", "delete_with_contributions") }
end
context 'the user is blocked by LDAP' do
let_it_be(:user) { create(:omniauth_user, :ldap_blocked) }
it { is_expected.to contain_exactly("edit", "ldap", "delete", "delete_with_contributions") }
end
context 'the user is blocked pending approval' do
let_it_be(:user) { create(:user, :blocked_pending_approval) }
it { is_expected.to contain_exactly("edit", "approve", "reject") }
end
context 'the user is blocked' do
let_it_be(:user) { create(:user, :blocked) }
it { is_expected.to contain_exactly("edit", "unblock", "delete", "delete_with_contributions") }
end
context 'the user is deactivated' do
let_it_be(:user) { create(:user, :deactivated) }
it { is_expected.to contain_exactly("edit", "block", "activate", "delete", "delete_with_contributions") }
end
context 'the user is locked' do
let_it_be(:user) { create(:user) }
before do
user.lock_access!
end
it {
is_expected.to contain_exactly(
"edit",
"block",
"deactivate",
"unlock",
"delete",
"delete_with_contributions"
)
}
end
context 'the current_user does not have permission to delete the user' do
let_it_be(:user) { build(:user) }
before do
allow(helper).to receive(:can?).with(current_user, :destroy_user, user).and_return(false)
end
it { is_expected.to contain_exactly("edit", "block", "deactivate") }
end
context 'the user is a sole owner of a group' do
let_it_be(:group) { create(:group) }
let_it_be(:user) { create(:user) }
before do
group.add_owner(user)
end
it { is_expected.to contain_exactly("edit", "block", "deactivate") }
end
end
end
# frozen_string_literal: true
require "spec_helper"
RSpec.describe Admin::UserEntity do
let_it_be(:user) { build_stubbed(:user) }
let(:request) { double('request') }
let(:entity) do
described_class.new(user, request: request)
end
describe '#as_json' do
subject { entity.as_json&.keys }
it 'exposes correct attributes' do
is_expected.to contain_exactly(
:id,
:name,
:created_at,
:email,
:username,
:last_activity_on,
:avatar_url,
:badges,
:projects_count,
:actions
)
end
end
end
# frozen_string_literal: true
require "spec_helper"
RSpec.describe Admin::UserSerializer do
let(:resource) { build(:user) }
subject { described_class.new.represent(resource).keys }
context 'when there is a single object provided' do
it 'contains important elements for the admin user table' do
is_expected.to contain_exactly(
:id,
:name,
:created_at,
:email,
:username,
:last_activity_on,
:avatar_url,
:badges,
:projects_count,
:actions
)
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment