Unable to update some project attributes using REST API

There are some optional parameters allowed by projects REST API update endpoint that are not accepted when present solo in a request.

This is happening because we are using a grape method on the project update endpoint(at_least_one_of) filter to early fail requests without a payload. If a request with a single parameter not present in the filter happens the endpoint will consider it empty.

For example, the request below will fail with a 400 response:

curl --request PUT --header "PRIVATE-TOKEN: <your-token>" \
     --url 'https://gitlab.com/api/v4/projects/<your-project-ID>' \
     --data "only_mirror_protected_branches=true" 

Last checked the parameters not present on at_least_one_of filter were:

• :default_branch (CE)
• :mirror_user_id (EE)
• :only_mirror_protected_branches (EE)
• :mirror_overwrites_diverged_branches (EE)

It is possible that the same situation is present at other resources endpoints.

Solution

Add missing parameters like the ones above to update_params_at_least_one_of array. Also notice that the array is overridden to cover EE only parameters.

Bonus: Find a way to prevent this from happening when new parameters are added. For example, fail a spec when an optional parameter is added but not included in the update_params_at_least_one_of array.

The following discussion from !79968 (merged) should be addressed:

• @felipe_artur started a discussion: (+1 comment)

  I think we need a follow-up here, there are some optional attributes that are not present on this array, which means, if they are passed without any other attribute the request will fail.