API Support for group user management - Max role
Release notes
Users with the Owner role for a group can now use the GraphQL API to change the maximum access level of non-inherited users of a group. This release brings more administrative features to users with the Owner role for groups on GitLab.com, and lays the foundation for future administrative bulk actions.
Problem to solve
Coming from Mass admin user actions (#5532)
There is a need to apply administrative capabilities in bulk (coming from a customer request):
- Change Max Role in project/group (non inherited users)
This issue introduces a new API that will do a single user action, but scripts can be created that use this API to allow changes in bulk.
Proposal
Create an API that can get the data and that can set the data
For a first iteration we will be adding only change max role for group (non inherited users) But when creating the API we should be thinking that additional actions will be added later on
The API should fail incase this was run from a non (namespace) owner with a message stating that the user did not have appropriate permissions.
The API should fail incase this was run on an inherited member a message stating that this user's permissions cannot be changed from this level as it is an inherited user
Intended users
Group/Project Owners
Feature Usage Metrics
Number of times this API was called
Availability and Testing
- In addition to unit and integration tests, a request spec should also be added for this new API endpoint. At minimum, this test should also cover these cases:
- Changing max role for an inherited user is not allowed
- Non (namespace) owner changing the max role for a user is not allowed
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.