2 files changed, 25 insertions, 3 deletions

diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index e37083165f5..7909f9c7a00 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -294,6 +294,30 @@ module API
       end
       # rubocop: enable CodeReuse/ActiveRecord
 
+      desc 'List merge requests that are related to the issue'  do
+        success Entities::MergeRequestBasic
+      end
+      params do
+        requires :issue_iid, type: Integer, desc: 'The internal ID of a project issue'
+      end
+      get ':id/issues/:issue_iid/related_merge_requests' do
+        issue = find_project_issue(params[:issue_iid])
+
+        merge_request_iids = ::Issues::ReferencedMergeRequestsService.new(user_project, current_user)
+          .execute(issue)
+          .flatten
+          .map(&:iid)
+
+        merge_requests =
+          if merge_request_iids.present?
+            MergeRequestsFinder.new(current_user, project_id: user_project.id, iids: merge_request_iids).execute
+          else
+            MergeRequest.none
+          end
+
+        present paginate(merge_requests), with: Entities::MergeRequestBasic, current_user: current_user, project: user_project
+      end
+
       desc 'List merge requests closing issue'  do
         success Entities::MergeRequestBasic
       end
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 47382b09207..2a56506f3a5 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -512,11 +512,9 @@ module API
               PersonalAccessTokensFinder.new({ user: user, impersonation: true }.merge(options))
             end
 
-            # rubocop: disable CodeReuse/ActiveRecord
             def find_impersonation_token
-              finder.find_by(id: declared_params[:impersonation_token_id]) || not_found!('Impersonation Token')
+              finder.find_by_id(declared_params[:impersonation_token_id]) || not_found!('Impersonation Token')
             end
-            # rubocop: enable CodeReuse/ActiveRecord
           end
 
           before { authenticated_as_admin! }