Backend changes for user permission export
What does this MR do?
This MR adds the backend capabilities for an administrator of an instance to download the User Permissions report.
The workflow is as below:
- API to
create
a User Permission Export (Admin::UserPermissionExportsController#create
). This API will be invoked when a an admin requests for an export (#273496 (closed)) in the Users section of the admin dashboard. The API does the following:- Invokes a
CreateService
that created auser_permission_export_upload
record for the admin user. Schedules a job to generate the report
- Invokes a
- The job executes the
ExportService
that generates the csv data, sends an email with the download link of the report and schedules a export deletion job after an hour - The download api fetches and returns the csv file requested by the admin user
- The export deletion job scheduled to be run after an hour of the report creation, deletes the
user_permission_export_upload
record
Feature Flag
export_user_permissions_feature_flag
, defaulted to false
License
Premium and above
Mentions #273482 (closed)
Screenshots (strongly suggested)
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
- [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Aishwarya Subramanian