As a SonarQube admin I do not necessarily have enough LDAP rights to manage groups in my corporate LDAP server (and use Group Mapping feature of LDAP Plugin). I therefore wish to provision LDAP users SonarQube, so that I can assign them to groups and give them permissions before they even did a first log-in (e.g. as part of an onboarding process).
As a SonarQube admin I wish to transition SonarQube authentication from local (because team was small so far) to LDAP-managed (thanks to LDAP Plugin) without losing all the group/permission management I have already done, nor having users lose their preferences and/or issues assigned to them.
- a user created in SonarQube is considered local, externalProvider=sonarqube
- a user logged-in via LDAP (thanks to LDAP Plugin) is considered local, externalProvider=sonarqube
- other authentication plugins result in non local users with externalProvider of their own
- whether a user is local or not be changed
A first step would be to allow /api/users/create (and api/users/update) to set whether user is local or not. That would already cover the main use-cases above.