1 files changed, 23 insertions, 3 deletions

diff --git a/app/graphql/resolvers/users_resolver.rb b/app/graphql/resolvers/users_resolver.rb
index 90a6bd3e6b2..a512c6bafe1 100644
--- a/app/graphql/resolvers/users_resolver.rb
+++ b/app/graphql/resolvers/users_resolver.rb
@@ -28,10 +28,19 @@ module Resolvers
               default_value: false,
               description: 'Return only admin users.'
 
-    def resolve(ids: nil, usernames: nil, sort: nil, search: nil, admins: nil)
+    argument :group_id, ::Types::GlobalIDType[::Group],
+             required: false,
+             description: 'Return users member of a given group.'
+
+    def resolve(ids: nil, usernames: nil, sort: nil, search: nil, admins: nil, group_id: nil)
       authorize!(usernames)
 
-      ::UsersFinder.new(context[:current_user], finder_params(ids, usernames, sort, search, admins)).execute
+      group = group_id ? find_authorized_group!(group_id) : nil
+
+      ::UsersFinder.new(
+        context[:current_user],
+        finder_params(ids, usernames, sort, search, admins, group)
+      ).execute
     end
 
     def ready?(**args)
@@ -52,16 +61,27 @@ module Resolvers
 
     private
 
-    def finder_params(ids, usernames, sort, search, admins)
+    def finder_params(ids, usernames, sort, search, admins, group)
       params = {}
       params[:sort] = sort if sort
       params[:username] = usernames if usernames
       params[:id] = parse_gids(ids) if ids
       params[:search] = search if search
       params[:admins] = admins if admins
+      params[:group] = group if group
       params
     end
 
+    def find_authorized_group!(group_id)
+      group = GitlabSchema.find_by_gid(group_id).sync
+
+      unless Ability.allowed?(current_user, :read_group, group)
+        raise_resource_not_available_error! "Could not find a Group with ID #{group_id}"
+      end
+
+      group
+    end
+
     def parse_gids(gids)
       gids.map { |gid| GitlabSchema.parse_gid(gid, expected_type: ::User).model_id }
     end