users.rb
1.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
module Noosfero
module API
module V1
class Users < Grape::API
resource :users do
get do
users = select_filtered_collection_of(environment, 'users', params)
users = users.select{|u| u.person.display_info_to? current_person}
present users, :with => Entities::User, :current_person => current_person
end
get "/me" do
authenticate!
present current_user, :with => Entities::User, :current_person => current_person
end
get ":id" do
user = environment.users.find_by id: params[:id]
unless user.person.display_info_to? current_person
unauthorized!
end
present user, :with => Entities::User, :current_person => current_person
end
get ":id/permissions" do
authenticate!
user = environment.users.find(params[:id])
output = {}
user.person.role_assignments.map do |role_assigment|
if role_assigment.resource.respond_to?(:identifier) && role_assigment.resource.identifier == params[:profile]
output[:permissions] = role_assigment.role.permissions
end
end
present output
end
end
end
end
end
end