Skip to content

Expose LDAP Override attribute in API

Peter requested to merge peterl/gitlab:pl-override-api into master

What does this MR do?

It is currently possible to override LDAP permissions from the GitLab web interface, but not from the GitLab API.

This MR adds a new GitLab API route which allows manipulation of the override member attribute. This makes it possible to override LDAP permissions from the GitLab API.

See #4875 (closed) for more details.

Are there points in the code the reviewer needs to double check?

  • I can't see a way to get around modifying lib/api/entities.rb to add the prepend -- this causes CI to fail

Why was this MR needed?

We have a need to script the override of LDAP permissions. While this is possible by screenscraping the web UI, this is not elegant and is likely to be more fragile in the future. (And was also broken by the token scope restriction in GitLab 11.5.1)

@davinwalker (EE support request #89929) has indicated that GitLab Inc would be open to extending the API to support this.

Screenshots (if relevant)

Does this MR meet the acceptance criteria?

What are the relevant issue numbers?

Closes #4875 (closed)

Edited by Peter

Merge request reports

Loading