Use RolesFinder for populating role selector (!143513) · Merge requests · GitLab.org / GitLab · GitLab

Alex Buijs requested to merge use-member-roles-finder-for-saml-roles into master Feb 01, 2024

What does this MR do and why?

Find member roles using the MemberRoles::RolesFinder instead of directly querying the root group.

This allows instance level custom roles to be assigned as SAML default role or for SAML Group Links.

Issue: #439910 (closed)

How to set up and validate locally

Make sure SaaS mode is turned off

Enable group SAML

gdk config set omniauth.group_saml.enabled true && gdk reconfigure && gdk restart rails-web

Create a group and apply the Ultimate license
Visit http://localhost:3000/admin/application_settings/roles_and_permissions and create an instance level custom role
Visit http://localhost:3000/groups/${new_group}/-/saml and verify the new custom role is an option in the dropdown
Visit http://localhost:3000/groups/${new_group/-/saml_group_links and verify the new custom role is an option in the dropdown

Edited Feb 02, 2024 by Alex Buijs