Support assigning an Organization to a User namespace
This is related to #411832 . In order to track the work related to User namespaces, this issue was created
When we create a user, we also create an User Namespace. This namespace should have an Organization. On all code paths that create a user, we need to decide what organization that will be.
From !144049 (comment 1787226472)
-
Make organization
an optional argument (def assign_personal_namespace(organization=nil)
) -
Then, create a few MR's that will take care of passing the organization_id
from the controller (or api method) (oftenCurrent.organization
but there are also other options) -
Release MR that adds a personal_namespace_require_org
derisk feature flag- If disabled, we do not require organization_id in call to
user.assign_personal_namespace
- If enabled, we require organization_id in call to
user.assign_personal_namespace
- If disabled, we do not require organization_id in call to
-
Gradually roll out -
Clean up feature flag
Code paths
In these code paths, we create Users. These need to adapted. It will be straightforward (adding a organization_id
to the call to the Service that creates the user)
-
Calls to
assign_personal_namespace
- some Fixtures
Users::Internal
Users::BuildService
-
Users::CreateService
(all of these are addressed in !145956 (merged))- app/controllers/admin/users_controller.rb
- ee/app/services/users/service_accounts/create_service.rb
- ee/lib/api/service_accounts.rb
- ee/app/services/namespaces/service_accounts/create_service.rb
- ee/lib/api/group_service_accounts.rb
-
Users::AuthorizedCreateService
-
app/services/resource_access_tokens/create_service.rb # Use organization of project or group !146360 (merged)
- app/controllers/concerns/access_tokens_actions.rb
- app/controllers/groups/settings/access_tokens_controller.rb
- app/controllers/projects/settings/access_tokens_controller.rb
- ee/app/services/product_analytics/cube_data_query_service.rb
- ee/app/graphql/resolvers/product_analytics/state_resolver.rb
- ee/app/models/concerns/product_analytics_helpers.rb # used in state resolver
- ee/lib/api/analytics/product_analytics.rb
- ee/app/services/projects/register_suggested_reviewers_project_service.rb
- ee/app/workers/projects/register_suggested_reviewers_project_worker.rb
- ee/app/services/ee/projects/update_service.rb
- ee/app/workers/projects/register_suggested_reviewers_project_worker.rb
- ee/lib/api/internal/suggested_reviewers.rb
- lib/api/resource_access_tokens.rb
- app/controllers/concerns/access_tokens_actions.rb
-
ee/app/services/security/orchestration/create_bot_service.rb # Use organization of project !146632 (merged)
- ee/app/workers/security/orchestration_configuration_create_bot_worker.rb
- ee/app/services/ee/projects/create_service.rb
- ee/app/services/security/orchestration/assign_service.rb
- ee/app/workers/security/orchestration_policy_rule_schedule_namespace_worker.rb
- ee/app/workers/security/orchestration_policy_rule_schedule_worker.rb
- ee/app/workers/security/orchestration_configuration_create_bot_worker.rb
- ee/lib/gitlab/auth/smartcard/certificate.rb
- ee/app/controllers/smartcard_controller.rb Self-managed, use default organization !146745 (merged)
- ee/lib/gitlab/auth/smartcard/ldap_certificate.rb
- ee/app/controllers/smartcard_controller.rb
- lib/api/users.rb !146786 (merged)
-
app/services/resource_access_tokens/create_service.rb # Use organization of project or group !146360 (merged)
Edited by Rutger Wessels