Re-instantiate `is_admin` for put requests sent to /users api
Description
As discussed on issues gitlab-ce#33260 and gitlab-ce#34325, some changes where made a while back to hide the is_admin
flag from several API queries and then it was re-added in certain circumstances. One such use case that I believe should include the is_admin
flag is the HTTP response from PUT requests sent to the /users API when making modifications to a user. For example, suppose you want to change a user who is currently not an admin and make them an admin via the API. You first need to send a PUT request to the /users/ID enpoint with the parameter admin=True
and upon completion the response includes the JSON data describing the user with the modifications applied. However, the JSON returned from this endpoint never actually includes the is_admin
flag. This should be fixed, in at least the same circumstances as the other Gitlab issues I mentioned above.
Proposal
When authenticating as an administrator and sending PUT requests to the /users API endpoint, the resulting JSON data should include the is_admin
flag, both when making modifications to themselves AND when making modifications to other users.
When authenticating as a limited user and making modifications to your own user profile (ie: either using the /users or the /user API endpoints), the resulting JSON should also include the is_admin
flag as well.
Links / references
gitlab-ce#33260 gitlab-ce#34325