User API PATCH removes group membership?

[j-da]

Please confirm you have done the following before posting your bug report:

• I have enabled debug mode
• I have read checked the Common Issues page

Describe the bug
I have a script that utilizes the Snipe IT API, specifically /users/:id to update a user's department_id and company_id fields. When sending a HTTP PATCH for this userID it updates the fields as I would expect, but it also removes the user from all groups inside the Snipe IT application. This caused me to lock out a bunch of our IT staff from checking out/managing assets until I realized what was going on.

As far as I can see this is not documented on the API reference, is this a bug or intended?

To Reproduce
Steps to reproduce the behavior:

1. Send a HTTP PATCH to the endpoint https://domain.com/api/v1/users/15 with the body parameters company_id = 1 and department_id = 1.
2. Get success response from the API
3. On the website, check to see company and department are updated correctly, but the user is no longer a member of any groups.

Expected behavior
Only update the fields that are passed in the body of the PATCH request.

Screenshots
N/A

Server (please complete the following information):

• Snipe-IT Version
• OS: Ubuntu
• Web Server: Apache
• PHP Version: 7.2.19

Desktop (please complete the following information):

• OS: Windows
• Browser N/A
• Version N/A

Error Messages
No errors.

Additional context

• Is this a fresh install or an upgrade?
  Not related to install/upgrade.
• What OS and web server you're running Snipe-IT on
  Ubuntu - Apache
• What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
  Git
• Include what you've done so far in the installation, and if you got any error messages along the way.
  N/A
• Indicate whether or not you've manually edited any data directly in the database
  No

[j-da]

Sorry, I just noticed this is a duplicate of #7186. I must have looked over this post before I made mine.

[snipe]

Closing as duplicate of #7186.