Skip to content

Groups API fails to return `runners_token` when `with_projects` is false

Summary

According to the documentation for GET /groups/:id:

In case the user that requests is administrator of the group, it returns the runners_token for the group too.

However, that only works if with_projects is true (the default). If with_projects=false runners_token is missing, even if the user is administrator of the group.

Steps to reproduce

  1. Create a group
  2. Make a Groups API request like: https://staging.gitlab.com/api/v4/groups/gitlab-qa-sandbox-group?with_projects=true
  3. Note runners_token is present.
  4. Now change the request to: https://staging.gitlab.com/api/v4/groups/gitlab-qa-sandbox-group?with_projects=false

The last request doesn't include runners_token

What is the current bug behavior?

A request to GET /groups/:id with with_projects=false doesn't include runners_token when made by a group admin.

What is the expected correct behavior?

A request to GET /groups/:id with with_projects=false includes runners_token when made by a group admin.

Possible fixes

Maybe move runners_token from API::Entities::GroupDetail to API::Entities::Group?