Commit e7d362bd authored by Blair Lunceford's avatar Blair Lunceford Committed by Imre Farkas

Add delete identity API endpoint to users API

parent f46fc221
---
title: Add delete identity endpoint on the users API
merge_request: 24122
author:
type: added
......@@ -437,6 +437,19 @@ Note, at the moment this method does only return a `404` error,
even in cases where a `409` (Conflict) would be more appropriate,
e.g. when renaming the email address to some existing one.
## Delete authentication identity from user
Deletes a user's authentication identity using the provider name associated with that identity. Available only for administrators.
```
DELETE /users/:id/identities/:provider
```
Parameters:
- `id` (required) - The ID of the user
- `provider` (required) - External provider name
## User deletion
Deletes a user. Available only for administrators.
......
......@@ -225,6 +225,27 @@ module API
end
# rubocop: enable CodeReuse/ActiveRecord
desc "Delete a user's identity. Available only for admins" do
success Entities::UserWithAdmin
end
params do
requires :id, type: Integer, desc: 'The ID of the user'
requires :provider, type: String, desc: 'The external provider'
end
# rubocop: disable CodeReuse/ActiveRecord
delete ":id/identities/:provider" do
authenticated_as_admin!
user = User.find_by(id: params[:id])
not_found!('User') unless user
identity = user.identities.find_by(provider: params[:provider])
not_found!('Identity') unless identity
destroy_conditionally!(identity)
end
# rubocop: enable CodeReuse/ActiveRecord
desc 'Add an SSH key to a specified user. Available only for admins.' do
success Entities::SSHKey
end
......
......@@ -949,6 +949,45 @@ describe API::Users do
end
end
describe "DELETE /users/:id/identities/:provider" do
let(:test_user) { create(:omniauth_user, provider: 'ldapmain') }
context 'when unauthenticated' do
it 'returns authentication error' do
delete api("/users/#{test_user.id}/identities/ldapmain")
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
context 'when authenticated' do
it 'deletes identity of given provider' do
expect do
delete api("/users/#{test_user.id}/identities/ldapmain", admin)
end.to change { test_user.identities.count }.by(-1)
expect(response).to have_gitlab_http_status(:no_content)
end
it_behaves_like '412 response' do
let(:request) { api("/users/#{test_user.id}/identities/ldapmain", admin) }
end
it 'returns 404 error if user not found' do
delete api("/users/0/identities/ldapmain", admin)
expect(response).to have_gitlab_http_status(:not_found)
expect(json_response['message']).to eq('404 User Not Found')
end
it 'returns 404 error if identity not found' do
delete api("/users/#{test_user.id}/identities/saml", admin)
expect(response).to have_gitlab_http_status(:not_found)
expect(json_response['message']).to eq('404 Identity Not Found')
end
end
end
describe "POST /users/:id/keys" do
before do
admin
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment