Hide artifact delete button if no permission
What does this MR do and why?
For #382078 (closed)
This page is behind the artifacts_management_page
feature flag.
This MR hides the delete buttons from the artifacts management page unless the user has permission to delete them (can?(current_user, :destroy_artifacts, @project)
).
Screenshots or screen recordings
with permission | without permission |
---|---|
delete buttons at the job level and the file level | no delete buttons |
How to set up and validate locally
git checkout 382078-check-delete-permission
echo "Feature.enable(:artifacts_management_page)" | bundle exec rails console
- navigate to a project, run a pipeline that generates artifacts
- in the sidebar select
CI/CD
=>Artifacts
- once the list of jobs and their artifact files appear on the page, you should see delete buttons next to them (assuming you have permission because you set up this project/pipeline)
- open the same page in a new private browsing session, you should not see delete buttons next to jobs and artifacts (because you are not logged in and therefore cannot have permission to delete artifacts)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Miranda Fluharty