Make the /manage/personal_access_tokens GET endpoint use the credentials_inventory_pat_finder
- Related to #511922 (closed) & #511922 (closed)
- Blocked by !193375 (merged)
What does this MR do and why?
- Makes the
groups/:id/manage/personal_access_tokensAPI use the new::Authn::CredentialsInventoryPersonalAccessTokensFinderto handle performance issue - Flagged behind
credentials_inventory_pat_finderfeature-flag
How to set up and validate locally
Top-level group owners should fetch only Enterprise Users on gitlab.com
Steps on GDK
- Create a top-level-group (save the group_id) and create a PAT with an API scope(save this), ssh_key, GrAT and PrAT with its owner
- Create 2 users, each with a PAT & ssh_key
- Run the following
Enable SAAS mode
export GITLAB_SIMULATE_SAAS=1
gdk restart - Create an ultimate Gitlab group & add in a few users
- Impersonate those users to create PATs
- Make them enterprise users (making the admin an enterprise user should be sufficient)
gdk rails console
group = Group.find(<group_id>)
user = group.users.human.last
user.enterprise_group_id = group.id
user.save!
reload!Requests as a top-level-group owner
curl --header "PRIVATE-TOKEN: <group_owner_pat>" "https://gdk.test:3443/api/v4/groups/<group_id/manage/personal_access_tokens" -k
curl --header "PRIVATE-TOKEN: <group_owner_pat>" "https://gdk.test:3443/api/v4/groups/<group_id/manage/resource_access_tokens" -k
curl --header "PRIVATE-TOKEN: <group_owner_pat>" "https://gdk.test:3443/api/v4/groups/<group_id>/manage/ssh_keys" -kMR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Hakeem Abdul-Razak