Redirect `/-/u/:id` to user page
What does this MR do and why?
Redirect /-/u/:id to a users page, similar to Redirect `/-/g/:id` to groups page (!165889 - merged)
Why this MR? In customer notifications such as our emails to customers after incidents on GitLab.com, we write generic emails that provide User IDs to customers for privacy reasons, but that makes it hard for users to determine the exact user account we are referring to. We could provide instructions to use the API with the IDs, but that is not user friendly. I want to add a more user-friendly redirect that users can use to determine the exact user account we are referring to.
Possible discussion points
- I am not sure if
feature_category :user_managementis the right category. - Visiting
/api/v4/users/<id>as an unauthenticated user will receive a403 forbidden. As such, I've made it so that visiting/-/u/:idas an unauthenticated user will also present a 403 page.
How to set up and validate locally
- As an unauthenticated user, navigate to
http://<gitlab_instance>/-/u/1. You should be presented with a 403 page. - As an authenticated user, navigate to
http://<gitlab_instance>/-/u/1. You should be given redirected to the user page of the admin user (first user of the instance). - As an authenticated user, navigate to
http://<gitlab_instance>/-/u/99999999999999. (Some User ID that doesn't exist). You should be given presented with a 404 page.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.