Add "default_membership_role" column to "saml_providers" table
What does this MR do?
This MR is the first step towards building #214523 (closed)
This adds a new column default_membership_role
to saml_providers
table, which has a default value of 10 (Guest Role access, which we have been historically using as membership level to any new member being added to a group via SSO)
In an upcoming MR, we will be exposing this attribute in the UI as part of the SAML settings form, where the group owner can set the default membership role from a dropdown, and this will be used as the role for any member added to the group from then on.
Up migration
== 20200722084623 AddDefaultMembershipRoleToSamlProvider: migrating ===========
-- add_column(:saml_providers, :default_membership_role, :smallint, {:default=>10, :null=>false})
-> 0.0053s
== 20200722084623 AddDefaultMembershipRoleToSamlProvider: migrated (0.0054s) ==
Down migration
== 20200722084623 AddDefaultMembershipRoleToSamlProvider: reverting ===========
-- remove_column(:saml_providers, :default_membership_role, :smallint, {:default=>10, :null=>false})
-> 0.0033s
== 20200722084623 AddDefaultMembershipRoleToSamlProvider: reverted (0.0052s) ==
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Merge request reports
Activity
changed milestone to %13.3
added Next Up backend customer devopsmanage direction groupauthentication and authorization [DEPRECATED] typefeature workflowin dev + 1 deleted label
assigned to @manojmj
marked the checklist item Changelog entry as completed
added 1 commit
- 66729aa1 - Add "default_membership_role" column to "saml_providers" table
added database databasereview pending labels
1 Warning You’ve made some app changes, but didn’t add any tests.
That’s OK as long as you’re refactoring existing code,
but please consider adding any of the ~”tooling”, ~”tooling::pipelines”, ~”tooling::workflow”, ~”documentation”, ~”QA” labels.Reviewer roulette
Changes that require review have been detected! A merge request is normally reviewed by both a reviewer and a maintainer in its primary category (e.g. frontend or backend), and by a maintainer in all other categories.
To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited, or the chosen person is unavailable.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, mention them as you normally would! Danger does not automatically notify them for you.
Category Reviewer Maintainer database Alex Ives ( @alexives
)Tiger Watson ( @tigerwnz
)If needed, you can retry the
danger-review
job that generated this comment.Generated by
DangerEdited by 🤖 GitLab Bot 🤖- Resolved by Toon Claes
added databasereviewed label and removed databasereview pending label
added databaseapproved label and removed databasereviewed label
enabled an automatic merge when the pipeline for ccb7b74a succeeds
mentioned in commit b413926f
added workflowstaging label and removed workflowin dev label
added workflowcanary label and removed workflowstaging label
mentioned in issue gitlab-com/www-gitlab-com#5437 (closed)
added workflowproduction label and removed workflowcanary label