Add additional attributes to the Update an enterprise user endpoint

What does this MR do and why?

Add additional attributes to the Update an enterprise user API endpoint so group owners don't have to rely on a user's next SAML authentication to retrieve the latest values.

Adds projects_limit and can_create_group as optional parameters and adds audit events when the user is updated.

References

Screenshots or screen recordings

Before After

How to set up and validate locally

Regular users:

  1. Create a test user
  2. Modify the Projects limit for a user
  3. Prevent a user from creating top-level groups
  4. Save changes
  5. Observe that the values have changed and the instance contains audit events for the changes

Enterprise users:

  1. Simulate SaaS
  2. Create a test user
  3. Create a top-level group
  4. Verify the domain within the top-level group.
group = Group.find(GROUP_ID)
project = group.projects.sample
project.pages_domains.create!(domain: 'example.com', verified_at: Time.current)
  1. If set up correctly, the user will be claimed as an Enterprise user. For testing purposes in the local environment, you can claim the user manually from the Rails console:
User.find_by_username('USERNAME').user_detail.update(enterprise_group_id: GROUP_ID, enterprise_group_associated_at: Time.current)
  1. Change the enterprise user attributes
    1. Using admin with the same instructions above
    2. Using the API endpoint.
curl --request PATCH --header "PRIVATE-TOKEN: <your_access_token>" --data "projects_limit=0&can_create_group=false" "https://gitlab.example.com/api/v4/groups/:id/enterprise_users/:user_id"
  1. Observe that the values have changed and the group contains audit events for the changes

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #603254 (closed)

Edited by Jio Castillo

Merge request reports

Loading