Add SCIM as a provider to the Users API search
What does this MR do and why?
Adds SCIM as a provider to the Users API, allowing admins to search for SCIM identities within the instance.
How to set up and validate locally
- Add SCIM identity to a user
ScimIdentity.new(extern_uid:"{ScimIdentity}", user_id: {ID}).save
- Make a GET request to the endpoint
https://gitlab.example.com/api/v4/users?extern_uid={ScimIdentity}&provider=scim
- Observe the user details as a response
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Query plans
SELECT
"users".*
FROM
"users"
INNER JOIN "scim_identities" ON "scim_identities"."user_id" = "users"."id"
WHERE
(LOWER("scim_identities"."extern_uid") = LOWER('00ux21b4ukJP0UHMF0h7'))
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/20099/commands/65579
Nested Loop (cost=0.98..7.02 rows=1 width=1466) (actual time=21.720..21.726 rows=1 loops=1)
Buffers: shared hit=5 read=7
I/O Timings: read=21.508 write=0.000
-> Index Scan using index_scim_identities_on_lower_extern_uid_and_group_id on public.scim_identities (cost=0.42..3.44 rows=1 width=8) (actual time=9.684..9.688 rows=1 loops=1)
Index Cond: (lower((scim_identities.extern_uid)::text) = '00ux21b4ukjp0uhmf0h7'::text)
Buffers: shared read=4
I/O Timings: read=9.616 write=0.000
-> Index Scan using users_pkey on public.users (cost=0.56..3.58 rows=1 width=1466) (actual time=12.024..12.024 rows=1 loops=1)
Index Cond: (users.id = scim_identities.user_id)
Buffers: shared hit=5 read=3
I/O Timings: read=11.892 write=0.000
Edited by Jio Castillo