Skip to content

Add PATCH /groups/:id/enterprise_users/:user_id API endpoint

sameer shaikrequested to merge
enterprise-email-change into master

What does this MR do and why?

The main goal of this MR is to allow group Owners change primary emails for their enterprise users to emails that are owned by the group. See #425837

To achieve this - this MR adds PATCH /groups/:id/enterprise_users/:user_id API endpoint that allows group Owner update attributes of their enterprise users. Currently this API endpoint only allows to update name and email attributes, but we will be able to extend the list of attributes to update in the future.

Group Owners should be able to update email attribute for their enterprise users to only those emails that belong to the group, as per domain verification. While updating enterprise user primary email to another group's email by group Owners, the new email should be automatically confirmed, similarly as it is implemented for SAML or SCIM provisioning.

This MR adds specs to ensure those requirements are met.

How to set up and validate locally

  1. Make sure the GitLab instance simulates or a SaaS instance since Enterprise Users is a SaaS feature
  2. Create a top-level group
  3. Configure "Automatic claims of enterprise users". For testing purposes on the local environment you can claim the user manually from the Rails console:
User.find_by_username('USERNAME').user_detail.update(enterprise_group_id: GROUP_ID, enterprise_group_associated_at: Time.current)
  1. Verify domain within the top-level group.
group = Group.find(GROUP_ID)
project = group.projects.sample
project.pages_domains.create!(domain: 'example.com', verified_at: Time.current)
  1. Change the enterprise user email by using the API endpoint.
curl --request PATCH --header "PRIVATE-TOKEN: <your_access_token>" --data "email=new-email@example.com" "https://gitlab.example.com/api/v4/groups/:id/enterprise_users/:user_id"
  1. For for more scenarios to test manually see tests added in this MR in ee/spec/requests/api/group_enterprise_users_spec.rb file.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Bogdan Denkovych

Merge request reports