Add expires_before arg and count support to user personal access tokens GraphQL endpoint

Eugie Limpinrequested to merge
el-add-user-pats-count-field-and-expires-before-filter into master

What does this MR do and why?

  1. Add expires_before argument to user { personalAccessTokens } GraphQL field to enable filtering for tokens that expire before a specified date
  2. Support user { personalAccessTokens { count } } GraphQL query

References

[BE] Get PAT statistics from GraphQL (#581649).

Screenshots or screen recordings

Screenshot_2025-12-12_at_3.36.02_PM

How to set up and validate locally

  1. Login with any user
  2. Create a personal access token for the user
  3. Go to http://localhost:3000/-/graphql-explorer and run the following query 
    query {
  user(id: "gid://gitlab/User/<user_id>") {
    personalAccessTokens(state: ACTIVE, expiresBefore: "2099-12-31") {
      count
    }
  }
}
  4. Verify that the query succeeds and count field is present

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Eugie Limpin

Merge request reports