Replace query to get SAML users and service accounts (!138075) · Merge requests · GitLab.org / GitLab

Eduardo Sanz García requested to merge eduardosanz/frontend-new-groups-api into master Nov 28, 2023

What does this MR do and why?

In the group and project member pages, the invite user modal is used to query and filter users. When the top-level group has a SAML provider enabled and the option Enforce SSO-only authentication for web activity for this group only SAML users are returned.

Following !134570 (merged), we replace the user API endpoint (/api/v4/users.json) for the new group user API endpoint (/api/v4/groups/[groupId]/users.json) to get a list of users that have a SAML identity connected to the group, or service accounts created by the group or subgroups

Screenshots or screen recordings

No changes.

Screen_Recording_2023-11-28_at_17.12.35

How to set up and validate locally

Enabled SAML for a top-level group
Enabled Enforce SSO-only authentication for web activity for this group.
Go to a group or project member page that belong to the top-level group in step #1
Select Invite members button or Invite team members from the navigation superbar.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

TODO in follow-ups

Remove filter_id from the backend
Rename the users_filter from saml_provider_id to saml
Search for users when input is manually focused (as it should according to the test)

Edited Dec 05, 2023 by Eduardo Sanz García

Replace query to get SAML users and service accounts

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

TODO in follow-ups

Merge request reports