Enterprise Users - Distinguish enterprise from regular users at group level

Release notes

Problem to solve

We implemented #283935 (closed) and #268142 (closed) which captures users that were created by SAML/SCIM and gives group admins access to those accounts. However, this information is not visible in the UI.

Proposal

Show which users were provisioned by the group. For an MVC, we can show this as a label in the member's list for all groups, subgroups and projects that roll up to the group the user was provisioned in. It is OK to show this information to any user role that can see the members list. If a user is a member of other groups/projects that don't roll up to the group the user is provisioned by, we should not show it there.

In the future, we should also show this information in the users list once it is built out.

Implementation plan

Expose provisioned_by_this_group? in ee/app/serializers/ee/member_entity.rb. This will automatically be passed to the frontend
Update ee/spec/serializers/member_entity_spec.rb
In ee/app/assets/javascripts/members/utils.js#L13 add a badge:

{
  show: member.provisionedByThisGroup,
  text: __('Enterprise'),
  variant: 'info',
},

Update ee/spec/frontend/members/utils_spec.js
Add a section in SCIM provisioning using SAML SSO for GitLab.com groups docs that shows a screenshot of a member with the badge and explains what it means.

Edited May 13, 2021 by Peter Hegman