Add check if user is bot to Users API
Problem to solve
This is a follow-up from this discussion
With the recent introduction of Security bot
we added changes to Users popup to show some specific information about bots. Now the check if User is a bot is performed on the frontend, but this is ~"technical debt" and it has to be changed.
We need to expose info if the user is a bot (Boolean). That change will help to show specific info about bots and increase the credibility of bots.
Intended users
User experience goal
Make GitLab bots more credible.
Proposal
We need to add change to GET /users/:id to expose info if the user is a bot (Boolean).
Implementation plan
-
In lib/api/users.rb
Update 'Get the currently authenticated user' endpoint-
Update Entities::UserPublic
by adding exposing ofbot
field. `expose :bot?, as: :bot do |user| user.bot?
-
-
Update tests for lib/api/users.rb
Permissions and Security
No change in permissions.
Documentation
We need to add a new field to the api doc
Availability & Testing
need to add relevant tests for the api endpoint and serializers.
What does success look like, and how can we measure that?
TBA
What is the type of buyer?
Same as buyer of auto-fix feature.
Is this a cross-stage feature?
Yes, groupcomposition analysis is working on Security bot, but in general bots belong to ~"group::access"