Username and password fields are not required when configuring JIRA via API
Summary
Username and password fields are not required when configuring JIRA via API
These fields are required in the web interface and the API should mirror these requirements
Steps to reproduce
- Create a new project
- Configure JIRA integration via the API
- Exclude password and username from the request parameters
Example request:
curl -v -H "Content-Type: application/json" \
-H "PRIVATE-TOKEN: token" \
-X PUT \
--data '{"url": "https://example.jira.com"}' \
https://gitlab.example.com/api/v4/projects/:project_path/services/jira
Example Project
N/A
What is the current bug behavior?
Allows JIRA integration to be configured without fields that seem to be necessary via the web form
What is the expected correct behavior?
The same requirements would be placed on integration setup in the API and the Web interface
Relevant logs and/or screenshots
(Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's very hard to read otherwise.)
Output of checks
(If you are reporting a bug on GitLab.com, write: This bug happens on GitLab.com)
Results of GitLab environment info
reproduced on GitLab.com v9.5.0-rc4
Results of GitLab application Check
reproduced on GitLab.com v9.5.0-rc4
Possible fixes
Only the URL is deemed necessary by the validations in the JiraService
. Maybe the validations enforced in the web interface should also be enforced at the model level