Ensure Current.organization is set in REST API
What does this MR do and why?
In !158626 (merged), Current.organization is being set using Gitlab::Current::Organization. This works for web and GraphQL requests but not for Grape API (REST), because it is not using Rails ApplicationController.
This MR adds a before hook that will set Current.organization for the current request
Related to #474831 (closed)
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
We can validate this change by creating a new Group using REST API. The validation of this change is not trivial, because the database has DEFAULT 1 for namespaces.organization_id column. So even without a Organization, the Group will be created. For the sake of testing, we remove the default 1:
- Create a Personal Access Token using http://gdk.test:3000/-/user_settings/personal_access_tokens
- Using
gdk psql:alter table namespaces alter column organization_id drop default, alter column organization_id set not null; - Enable feature flag using
gdk rails c:Feature.enable(:require_organization)
on master branch, this will fail
curl -XPOST --header "Content-Type: application/json" -d '{"name":"My New Group", "path":"my_new_group"}' --header "PRIVATE-TOKEN: <your token>" "http://gdk.test:3000/api/v4/groups"
on this branch, it will succeed and the group will be created
Don't forget to restore the database:
alter table namespaces alter column organization_id default 1, alter column organization_id set not null;Merge request reports
Activity
changed milestone to %17.3
assigned to @rutgerwessels
added pipelinetier-1 label
- A deleted user
added backend label
1 Warning 
featureaddition and featureenhancement merge requests normally have a documentation change. Consider adding a documentation update or confirming the documentation plan with the Technical Writer counterpart.
For more information, see:
- The Handbook page on merge request types.
- The definition of done documentation.
Reviewer roulette
Category Reviewer Maintainer backend @ahegyi(UTC+2, same timezone as author)
@michold(UTC+2, same timezone as author)
Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.
If needed, you can retry the
danger-reviewjob that generated this comment.Generated by
Edited by Ghost Useradded 1 commit
- 2c43a7a6 - Ensure Current.organization is set in REST API
added 1 commit
- 1c12a5ae - Ensure Current.organization is set in REST API
added 1 commit
- 4ef855e8 - Ensure Current.organization is set in REST API
Resolved by Thong Kuah@alexpooley Can you please backend review this?
- Last reply by Alex Pooley
requested review from @alexpooley
added workflowin review label and removed workflowin dev label
added 1 commit
- 2e496f6d - Add test for assignment to nil if Current organization can't be found
requested review from @tkuah
added pipeline:mr-approved label
added pipelinetier-3 label and removed pipelinetier-1 label
Before you set this MR to auto-merge
This merge request will progress on pipeline tiers until it reaches the last tier: pipelinetier-3. We will trigger a new pipeline for each transition to a higher tier.
Before you set this MR to auto-merge, please check the following:
- You are the last maintainer of this merge request
- The latest pipeline for this merge request is pipelinetier-3 (You can find which tier it is in the pipeline name)
- This pipeline is recent enough (created in the last 8 hours)
If all the criteria above apply, please set auto-merge for this merge request.
See pipeline tiers and merging a merge request for more details.
