PUT /[groups|projects]/:id/members/:user_id accepts member_role_id
What does this MR do and why?
-
member_role_id
is the attribute used to associate a member record with a custom role (member_role) - By adding this param to the PUT endpoint, we are enabling:
- associating group members with custom roles
- associating project members with custom roles
- de-associating group/project members from a custom role (removing a custm role from a user)
- Custom roles is a feature available to Ultimate customers and is
currently behind the
customizable_roles
feature flag: https://gitlab.com/gitlab-org/gitlab/-/blob/c9c210dced6696277734ecceaa4abef59f9817c3/ee/config/feature_flags/development/customizable_roles.yml - A previous MR added a
PATCH /groups/:id/members/:user_id/member_role
endpoint for associating existing group members with a custom role. - The PATCH endpoint can be removed after this is merged because that behavior is now covered by the existing endpoint.
- #387769 (closed)
- #385495 (closed)
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
How to set up and validate locally
- Enable the
customizable_roles
feature flag for the top-level Ultimate licensed group for which you are the owner and plan to create custom roles. - Create the custom GUEST role for the group via the API:
curl --request POST --header "Content-Type: application/json" --header "Authorization: Bearer $YOUR_ACCESS_TOKEN" --data '{"base_access_level":10, "read_code":1}' "http://localhost:3000/api/v4/groups/$GROUP_PATH/member_roles"
- Invite a test user account to the root group as a GUEST
- Associate membership with a custom role using the API endpoint added in this MR
curl --request PUT --header "Content-Type: application/json" --header "Authorization: Bearer $YOUR_ACCESS_TOKEN" --data '{"member_role_id":$MEMBER_ROLE_ID, "access_level": 10}' "http://localhost:3000/api/v4/groups/$GROUP_ID/members/$GUEST_USER_ID"
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Jessie Young