Skip to content

Add API to activate memberships

Nicolas Dular requested to merge nd/activate-member-state-api into master

What does this MR do and why?

This API will be used for the Usage Quota page to toggle the membership state on free groups. It changes the membership states for all related memberships of a user to the given group to active. It also makes sure that free namespaces can't activate members when they are at limit when the feature flag is enabled.

Related Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/352638

The opposite API endpoint (to de-activated) is implemented at: !85685 (merged)

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

  1. Get an access token http://localhost:3000/-/profile/personal_access_tokens that allows modification via API
  2. Start the gdk with 
    export GITLAB_SIMULATE_SAAS=1
gdk start

Test activation

  1. Find a group and user that you want to test it on - make sure that the Group has a free or default plan (required for testing the limit) 
    g = Group.first # or any other Group ID you want to test it on
puts g.id # get the group ID for the API call
puts g.members.last.user.id # get a user ID for the API call
  2. Deactivate the user's membership 
    g.members.last.wait
g.members.last.awaiting? # => should output `true`
  3. Execute the curl request for a user within the group 
     curl --request PUT --header "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/groups/GROUP_ID/billable_members/USER_ID/activate"
  4. Check the user's membership status now 
    g.members.last.awaiting? # => should be `false`
g.members.last.active? # => should be `true`

Testing limit

  1. Now let's deactivate the user again and enable free_user_cap for the Group: 
    g.members.last.wait
::Feature.enable(:free_user_cap, g)
  2. Add members to the group so it's at least 5 members: http://localhost:3000/groups/GROUP_NAME/-/group_members
  3. Try activating our user again: 
     curl --request PUT --header "PRIVATE-TOKEN: TOKEN" "http://localhost:3000/api/v4/groups/GROUP_ID/billable_members/USER_ID/activate"
  4. You should see the error Bad request - You reached the user limit

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Nicolas Dular

Merge request reports