Add API to set credit card validation timestamp on user in GitLab
What does this MR do?
Quick background: as part of epic https://gitlab.com/groups/gitlab-org/-/epics/5917, we need to validate and record user's credit card validation for free
and trial
users to run pipeline.
This MR is part of issue #329141. Issue #329141 map to the the step 4(If it is valid, this is recorded so future pipelines by this user can be started
) of the User attempts to add a credit card to validate their account` workflow
Issue #329141's implementation has 3 parts:
- in Gitlab, create table
user_credit_card_validations
, which is MR !60626 (merged) - in Gitlab, add Gitlab api to set credit card validation timestamp(
credit_card_validated_at
) for user --- this MR - in CustomersDot, add credit card validation zuora callback
zuora_callback/credit_card_validation
, which is MR https://gitlab.com/gitlab-org/customers-gitlab-com/-/merge_requests/3177
So far, the only use case of this GitLab API, is: once Zuora validated a user's credit card, it triggers the CustomersDot Zuora callback zuora_callback/credit_card_validation
, which calls this Gitlab API to set credit_card_validated_at
.
Screenshots (strongly suggested)
Does this MR meet the acceptance criteria?
Conformity
-
📋 Does this MR need a changelog?-
I have included a changelog entry. -
I have not included a changelog entry because _____.
-
-
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Related to #329141