Add "Managed Account" badge for GMA users
What does this MR do?
See #214385 (closed)
Adds a "Managed Account" badge to user accounts that are part of a Group Managed Account. This MR also does some refactoring of the existing badges to remove redundant code and improve consistency of styling.
Local Testing
- Install an EE license: https://about.gitlab.com/handbook/developer-onboarding/#working-on-gitlab-ee.
- Enable the following feature flags:
group_saml,enforced_sso,group_managed_accounts,sign_up_on_sso, andconvert_user_to_group_managed_accounts - Add
group_samltoconfig/gitlab.yml. See https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/saml.md#gitlab-configuration. Note: Ensure this is added to thedevelopment:section of your config - Follow the instructions in https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/saml.md for setting up a local SAML provider using docker. You will need to enable HTTPS
- Create a group
- Navigate to "Settings -> SAML SSO"
- Toggle on "Enable SAML authentication for this group." and add the "Identity provider single sign on URL" and "Certificate fingerprint" from https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/saml.md#configuring-the-group
- Navigate to "GitLab single sign on URL" found in "Settings -> SAML SSO" and authorize your account.
- In "Settings -> SAML SSO" enable "Enforce SSO-only authentication for this group" and "Enforce users to have dedicated group managed accounts for this group"
- In a private/incognito window navigate to the "GitLab single sign on URL" found in "Settings -> SAML SSO" and create a user with the
user2credentials (https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/saml.md#credentials) - With your group owner account navigate to the "Members" section of the group.
user2should have the "Managed Account" badge.
Screenshots
Expand
| Page | Before | After |
|---|---|---|
| GMA members |  |
 |
| GMA members mobile |  |
 |
| GMA members (all badges shown) |  |
 |
| GMA members mobile (all badges shown) |  |
 |
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry: behind the
group_managed_accountsfeature flag -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec - [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Peter Hegman