BE [Group Owner bypass] Skip confirmation when allow bypass of placeholder user confirmation is enabled
About
This is part of the epic &17871. See that epic for more context.
Implementation
@ameyadarshan).
This issue follows from the work implemented in #534329 (closed) and should be behind a feature flag importer_user_mapping_allow_bypass_of_confirmation
backend must make correct checks before allowing the bypass.
All of these must be true for us to allow the by-pass:
- Feature flag (
importer_user_mapping_allow_bypass_of_confirmation) is enabled - Group has the setting added in #534329 (closed) enabled
- Group has correct license tier
- User being reassigned is one of the group's enterprise users
- It's GitLab.com
- Group is a top-level group.
This is a combination of checking our feature flag is enabled, the setting added in #534329 (closed) is enabled, and User#managed_by_group?(group) which takes care of the other checks.
We must validate in both:
- the service/controller layer and
- also within the model - see the implementation of admin bypass !190272 (merged)
The logic should be encapsulated in a class in Import::UserMapping that resembles the admin by-pass class #542284 (comment 2513379053).
Note a follow-up issue BE [Group Owner bypass ] Implement "enterprise ... (#540573 - closed) will add an "expiry" time to the check later.