Bug 416137: WebService function to update a user's information (User.update)

r=mkanat a=LpSolit

diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm
index 908fe00ced5ca8704699fdc77c446a19dbf9ec65..58461e2a12b8b44f8c71d1720db2ad9796b66031 100644 (file)
--- a/Bugzilla/WebService/User.pm
+++ b/Bugzilla/WebService/User.pm
@@ -16,7 +16,7 @@ use Bugzilla::Error;
 use Bugzilla::Group;
 use Bugzilla::User;
 use Bugzilla::Util qw(trim);
-use Bugzilla::WebService::Util qw(filter validate);
+use Bugzilla::WebService::Util qw(filter validate translate params_to_objects);
 
 # Don't need auth to login
 use constant LOGIN_EXEMPT => {
@@ -28,6 +28,20 @@ use constant READ_ONLY => qw(
     get
 );
 
+use constant MAPPED_FIELDS => {
+    email => 'login',
+    full_name => 'name',
+    login_denied_text => 'disabledtext',
+    email_enabled => 'disable_mail'
+};
+
+use constant MAPPED_RETURNS => {
+    login_name => 'email',
+    realname => 'full_name',
+    disabledtext => 'login_denied_text',
+    disable_mail => 'email_enabled'
+};
+
 ##############
 # User Login #
 ##############
@@ -217,6 +231,72 @@ sub get {
     return { users => \@users };
 }
 
+###############
+# User Update #
+###############
+
+sub update {
+    my ($self, $params) = @_;
+
+    my $dbh = Bugzilla->dbh;
+
+    my $user = Bugzilla->login(LOGIN_REQUIRED);
+
+    # Reject access if there is no sense in continuing.
+    $user->in_group('editusers')
+        || ThrowUserError("auth_failure", {group  => "editusers",
+                                           action => "edit",
+                                           object => "users"});
+
+    defined($params->{names}) || defined($params->{ids})
+        || ThrowCodeError('params_required', 
+               { function => 'User.update', params => ['ids', 'names'] });
+
+    my $user_objects = params_to_objects($params, 'Bugzilla::User');
+
+    my $values = translate($params, MAPPED_FIELDS);
+
+    # We delete names and ids to keep only new values to set.
+    delete $values->{names};
+    delete $values->{ids};
+
+    $dbh->bz_start_transaction();
+    foreach my $user (@$user_objects){
+        $user->set_all($values);
+    }
+
+    my %changes;
+    foreach my $user (@$user_objects){
+        my $returned_changes = $user->update();
+        $changes{$user->id} = translate($returned_changes, MAPPED_RETURNS);    
+    }
+    $dbh->bz_commit_transaction();
+
+    my @result;
+    foreach my $user (@$user_objects) {
+        my %hash = (
+            id      => $user->id,
+            changes => {},
+        );
+
+        foreach my $field (keys %{ $changes{$user->id} }) {
+            my $change = $changes{$user->id}->{$field};
+            # We normalize undef to an empty string, so that the API
+            # stays consistent for things that can become empty.
+            $change->[0] = '' if !defined $change->[0];
+            $change->[1] = '' if !defined $change->[1];
+            $hash{changes}{$field} = {
+                removed => $self->type('string', $change->[0]),
+                added   => $self->type('string', $change->[1]) 
+            };
+        }
+
+        push(@result, \%hash);
+    }
+
+    return { users => \@result };
+}
+
 sub _filter_users_by_group {
     my ($self, $users, $params) = @_;
     my ($group_ids, $group_names) = @$params{qw(group_ids groups)};
@@ -368,7 +448,7 @@ Log out the user. Does nothing if there is no user logged in.
 
 =back
 
-=head1 Account Creation
+=head1 Account Creation and Modification
 
 =head2 offer_account_by_email
 
@@ -474,6 +554,104 @@ password is under three characters.)
 
 =back
 
+=head2 update 
+
+B<EXPERIMENTAL>
+
+=over
+
+=item B<Description>
+
+Updates user accounts in Bugzilla.
+
+=item B<Params>
+
+=over
+
+=item C<ids>
+
+C<array> Contains ids of user to update.
+
+=item C<names>
+
+C<array> Contains email/login of user to update.
+
+=item C<full_name>
+
+C<string> The new name of the user.
+
+=item C<email>
+
+C<string> The email of the user. Note that email used to login to bugzilla.
+Also note that you can only update one user at a time when changing the 
+login name / email. (An error will be thrown if you try to update this field 
+for multiple users at once.)
+
+=item C<password>
+
+C<string> The password of the user.
+
+=item C<email_enabled>
+
+C<boolean> A boolean value to enable/disable sending bug-related mail to the user.
+
+=item C<login_denied_text>
+
+C<string> A text field that holds the reason for disabling a user from logging
+into bugzilla, if empty then the user account is enabled otherwise it is
+disabled/closed.
+
+=back
+
+=item B<Returns>
+
+A C<hash> with a single field "users". This points to an array of hashes
+with the following fields:
+
+=over
+
+=item C<id>
+
+C<int> The id of the user that was updated.
+
+=item C<changes>
+
+C<hash> The changes that were actually done on this user. The keys are
+the names of the fields that were changed, and the values are a hash
+with two keys:
+
+=over
+
+=item C<added>
+
+C<string> The values that were added to this field,
+possibly a comma-and-space-separated list if multiple values were added.
+
+=item C<removed>
+
+C<string> The values that were removed from this field, possibly a 
+comma-and-space-separated list if multiple values were removed.
+
+=back
+
+=back
+
+=item B<Errors>
+
+=over
+
+=item 51 (Bad Login Name)
+
+You passed an invalid login name in the "names" array.
+
+=item 304 (Authorization Required)
+
+Logged-in users are not authorized to edit other users.
+
+=back
+
+=back
+
 =head1 User Info
 
 =head2 get