Skip to content

Draft: For free SaaS namespaces, limit Invite/member API

Serhii Yarynovskyi requested to merge sy-limit-invite-member-api-free-saas into master

What does this MR do and why?

Related to https://gitlab.com/gitlab-org/gitlab/-/issues/356619+

Our current approach to manage users that are added to a free SaaS namespace via the Invite/Member API is to place members that exceed the 5 user limit in the "waiting" state. This issue is intended to capture an iteration where we prevent members being added from the Invite/Member API from exceeding the 5 user limit in total.

  • add an error for that specific invite(email or username) in the errors
    • only affect the API use of the service for now - service layer should only use this logic based upon a parameter perhaps - similar to skip_authorization use in other services 🤔
  • error text: Member can not be added. Over the limit for members on free namespaces.

Screenshots or screen recordings
Screenshot_2022-08-17_at_17.18.13 Screenshot_2022-08-09_at_19.00.35

How to set up and validate locally

  1. Sign in as admin user.
  2. Go to free private root group members page and try to invite 6 members. See the error.
  3. Make sure under limit users are invited.
  4. Go to admin -> group page. Try to add member. See the error.
  5. Create new API token. Open postman. Create new request with OAuth v2 authentication using token.
  6. Send POST request to http://localhost:3000/api/v4/groups/[group id]/invitations with body:

Screenshot_2022-08-18_at_16.29.57

Make sure response has errors for email and user id separated.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Serhii Yarynovskyi

Merge request reports