Adds support for requesting information about current user using /users/current (#7141).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4544 e93f8b46-1217-0410-a6f0-8f06a7374b81

Adds support for requesting information about current user using /users/current (#7141).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4544 e93f8b46-1217-0410-a6f0-8f06a7374b81
599bc450 · Jean-Philippe Lang · 84dd413f · 599bc450 · 599bc450 · 599bc450
Commit 599bc450 authored Dec 20, 2010 by Jean-Philippe Lang
4 changed files
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -19,6 +19,7 @@ class UsersController < ApplicationController
  layout 'admin'
  
  before_filter :require_admin, :except => :show
+  before_filter :find_user, :only => [:show, :edit, :update, :edit_membership, :destroy_membership]
  accept_key_auth :index, :show, :create, :update

  helper :sort
@@ -61,8 +62,6 @@ class UsersController < ApplicationController
  end
  
  def show
-    @user = User.find(params[:id])
-    
    # show projects based on current user visibility
    @memberships = @user.memberships.all(:conditions => Project.visible_by(User.current))
    
@@ -80,8 +79,6 @@ class UsersController < ApplicationController
      format.html { render :layout => 'base' }
      format.api
    end
-  rescue ActiveRecord::RecordNotFound
-    render_404
  end

  def new
@@ -130,16 +127,12 @@ class UsersController < ApplicationController
  end

  def edit
-    @user = User.find(params[:id])
-
    @auth_sources = AuthSource.find(:all)
    @membership ||= Member.new
  end
  
  verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
  def update
-    @user = User.find(params[:id])
-
    @user.admin = params[:user][:admin] if params[:user][:admin]
    @user.login = params[:user][:login] if params[:user][:login]
    if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
@@ -185,7 +178,6 @@ class UsersController < ApplicationController
  end

  def edit_membership
-    @user = User.find(params[:id])
    @membership = Member.edit_membership(params[:membership_id], params[:membership], @user)
    @membership.save if request.post?
    respond_to do |format|
@@ -208,7 +200,6 @@ class UsersController < ApplicationController
  end
  
  def destroy_membership
-    @user = User.find(params[:id])
    @membership = Member.find(params[:membership_id])
    if request.post? && @membership.deletable?
      @membership.destroy
@@ -218,4 +209,17 @@ class UsersController < ApplicationController
      format.js { render(:update) {|page| page.replace_html "tab-content-memberships", :partial => 'users/memberships'} }
    end
  end
+  
+  private
+  
+  def find_user
+    if params[:id] == 'current'
+      require_login || return
+      @user = User.current
+    else
+      @user = User.find(params[:id])
+    end
+  rescue ActiveRecord::RecordNotFound
+    render_404
+  end
 end
--- a/test/functional/users_controller_test.rb
+++ b/test/functional/users_controller_test.rb
@@ -120,6 +120,20 @@ class UsersControllerTest < ActionController::TestCase
    assert project_ids.include?(2) #private project admin can see
  end
  
+  def test_show_current_should_require_authentication
+    @request.session[:user_id] = nil
+    get :show, :id => 'current'
+    assert_response 302
+  end
+  
+  def test_show_current
+    @request.session[:user_id] = 2
+    get :show, :id => 'current'
+    assert_response :success
+    assert_template 'show'
+    assert_equal User.find(2), assigns(:user)
+  end
+  
  def test_new
    get :new
    

--- a/test/integration/api_test/users_test.rb
+++ b/test/integration/api_test/users_test.rb
@@ -50,6 +50,23 @@ class ApiTest::UsersTest < ActionController::IntegrationTest
      end
    end
  end
+  
+  context "GET /users/current" do
+    context ".xml" do
+      should "require authentication" do
+        get '/users/current.xml'
+        
+        assert_response 401
+      end
+      
+      should "return current user" do
+        get '/users/current.xml', {}, :authorization => credentials('jsmith')
+        
+        assert_tag :tag => 'user',
+          :child => {:tag => 'id', :content => '2'}
+      end
+    end
+  end

  context "POST /users" do
    context "with valid parameters" do

--- a/test/integration/routing_test.rb
+++ b/test/integration/routing_test.rb
@@ -286,6 +286,7 @@ class RoutingTest < ActionController::IntegrationTest
  context "users" do
    should_route :get, "/users", :controller => 'users', :action => 'index'
    should_route :get, "/users/44", :controller => 'users', :action => 'show', :id => '44'
+    should_route :get, "/users/current", :controller => 'users', :action => 'show', :id => 'current'
    should_route :get, "/users/new", :controller => 'users', :action => 'new'
    should_route :get, "/users/444/edit", :controller => 'users', :action => 'edit', :id => '444'
    should_route :get, "/users/222/edit/membership", :controller => 'users', :action => 'edit', :id => '222', :tab => 'membership'