New REST api endpoint to fetch CI_JOB_TOKEN access settings
What does this MR do and why?
This MR works towards the first task of the issue (feature) #351740 (closed) .
Screenshots or screen recordings
Here is the reponse when requesting the new api endpoint, see http://127.0.0.1:3000/api/v4/projects/7/job_token_scope
{
"inbound_enabled": true,
"outbound_enabled": false
}
How to set up and validate locally
- Create a personal access token with the respective rights
- Ensure the user of the personal access token is at least maintainer of the project
- Execute the following curl command
curl --request GET \
--url http://127.0.0.1:3000/api/v4/projects/7/job_token_scope?private_token=<personal_access_token_of_project_maintainer>
TODO
-
Ensure correct permissions for request, i.e. maintainer or higher, see #351740 (closed) -
Add test -
Check if there are other properties that should be exposed in the response -
Check if the right error codes are returned -
Check for correct configuration in openapi.yml
-
Check if the personal access token need to have admin_mode
-
Add tests to new entity
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR. -
Changelog entry added, if necessary -
[-]
Documentation created/updated via this MR -
Documentation reviewed by technical writer or follow-up review issue created -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
[-]
Conforms to the javascript style guides -
[-]
Conforms to the database guides
Related to #351740 (closed)