Allow provisioning group owners to view billable user's email address
Problem
When an admin for a group queries the billable members API endpoint, the email address returned for each user is the public email (if one is set).
Similar #26068 (closed), enterprise groups that provision users require access to the billable member's private email address.
Proposal
Extend the solution implemented in !105595 (merged) to conditionally expose the private email address on the billable members entity, if the authenticated user is an admin of the provisioning group.
We could possibly inherit this behaviour from the existing UserWithProvisionedAttrs entity.
We should ensure we have adequate test coverage for this change to ensure we're only returning the email address to users with the correct privileges.
Availability and Testing
- No new E2E tests or updates needed at this time
- Consider adding request specs for the
billable_members
endpoint to test querying for the email as a:- Group owner
- Admin
- User that is not a group owner nor admin
Edited by Valerie Burton