Update user attributes for Group SAML enterprise users
What does this MR do and why?
Implements #321940 (closed)
GitLab currently supports 'syncing' user attributes such as
project_limit
and can_create_groups
from Group SAML on user
creation. With this change, enterprise/provisioned users will
also have these attributes updated on subsequent sign-ins.
How to set up and validate locally
- Requires Group SAML to be configured and for the SAML IdP to send attributes such as
can_create_groups
and/orprojects_limit
. - Sign-in as either a new or existing provisioned SAML user.
- Observe that
can_create_groups
and/orprojects_limit
are set as prescribed by the IdP.
Video showing behavior
The first clip shows the values set for a new user. The second shows the same user's values updated.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Drew Blessing