This Issue for creating an API creating users of type Service Accounts. We may need to make changes to POST API call for users to handle user of type Service Accounts
Need to make changes to API call to accept requests from group admins as well.
@dblessing
I think we need a bit of prioritisation here ..
Are we going to work on controllers for service account user and pat creation for the frontend ? Are we going to work on APIs first?
@eduardosanz Is your intention to implement the UI via Vue or Controller + HAML? I know we went back and forth a bit on not using Vue so we could deliver faster in absence of our ability to create public API endpoints. But subsequently we said that public APIs are acceptable.
In the interest of an MVC I think we should go for APIs as we originally discussed. But then we can create controllers as necessary if we aren't intending to use Vue at this time.
My intention is to use Vue + REST API. I would suggest the REST API to be private at the moment (not in https://gitlab.example.com/api/...).
A controller + HAML is always necessary to mount the Vue component. The HAML is simply the placeholder for a div element with certain id, like this, for example.
@eduardosanz We don't have a mechanism for private API at the moment. I don't know that we gain anything by trying down that path since we've agreed a public API is acceptable. But please share your thoughts.
Thanks for clarifying on the controller requirement. We can build that quickly.
@dblessing, when I mentioned the public API I was referring to be accessed via the GitLab API URL. When I referred to private API I was simply implying creating a controller that returns JSON on a different endpoint.
I believe that if we make this addition to the public API we are committing with our customers. Modifying or evolving it maybe more challenging. On the other hand, if made the controller + JSON available in a different URL to our public API, then there is no such commitment. That was the reasoning behind the public vs private API.
@eduardosanz Smriti and I are working on regular public APIs vs. JSON endpoints. For SaaS it will be something like groups/:id/service_accounts or groups/:id/users/service_accounts.
What does users means in groups/:id/users/service_accounts?
The new service account won't be a member of the group with that id automatically, correct? Why does the URL contains groups/:id. I thought you advocate for a two steps process: