Add GET endpoint to LDAP group link API
Problem to solve
Currently, there are POST and DELETE endpoints for the LDAP group link API, but there is no GET endpoint. This issue proposes adding a GET endpoint, which will allow users to retrieve the LDAP groups synchronized with the GitLab groups via the API.
This was requested by a Premium customer in ticket https://gitlab.zendesk.com/agent/tickets/129765 (internal use only)
Intended users
The customer who requested this feature will use the GET endpoint for their security team to audit which LDAP groups have access to the instance.
Further details
We already have two endpoints set up for the LDAP group links, so adding the GET endpoint is a good addition
Proposal
Add a GET endpoint to the LDAP group links API: https://gitlab.com/gitlab-org/gitlab-ee/blob/master/ee/lib/api/ldap_group_links.rb
Permissions and Security
This endpoint should only be available to group owners and administrators
Documentation
Add documentation for new endpoint: https://docs.gitlab.com/ee/api/groups.html#add-ldap-group-link-core-only
Testing
Add tests for the new API endpoint: https://gitlab.com/gitlab-org/gitlab-ee/blob/master/ee/spec/requests/api/ldap_group_links_spec.rb
What does success look like, and how can we measure that?
The customer can retrieve the LDAP group links for a GitLab group through the API endpoint GET /groups/:id/ldap_group_links
What is the type of buyer?
EE starter and above, as that is the level for LDAP group sync