API Support for project user management - Max role
Release notes
Users with the Owner role for a project can now use the GraphQL API to change the maximum access level of non-inherited users of a project. This release brings more administrative features to users with the Owner role for projects on GitLab.com, and lays the foundation for future administrative bulk actions.
Problem to solve
Coming from Mass admin user actions (#5532)
There is a need to apply administrative capabilities in bulk (coming from a customer request):
- Change Max Role in project (non inherited users)
This issue introduces a new API that will do a single user action, but scripts can be created that use this API to allow changes in bulk.
Proposal
- For this iteration we will be adding only change max role for project (non inherited users), similar to what has been done in API Support for group user management - Max role (#354749 - closed).
- We already have APIs to get multiple members of group/project https://docs.gitlab.com/ee/api/members.html#list-all-members-of-a-group-or-project.
- We can also update the membership expiry in addition to the max role like we did in !96763 (merged).
- As we have already refactored the
Members::UpdateService
in !96745 (diffs) to update multiple members at once we only need to add the mutation for project members as we did for groups in !96763 (merged). - The API should fail in case this was run from a non (namespace) owner with a message stating that the user did not have appropriate permissions.
- The API should fail in case this was run on an inherited member with a message stating that this user's permissions cannot be changed from this level as it is an inherited user.
Intended users
Project Owners
Feature Usage Metrics
Number of times this API was called
Availability and Testing
- In addition to unit and integration tests, a request spec should also be added for this new API endpoint. At minimum, this test should cover these cases for both expiration and max role:
- Updating direct members as an owner is allowed
- Updating direct members as a non-owner is not allowed
- Updating inherited members is not allowed
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.