Enable pages feature for read-only Namespaces (!106292) · Merge requests · GitLab.org / GitLab

Vijay Hawoldar requested to merge vij-pages-policies into master Dec 07, 2022

What does this MR do and why?

In https://gitlab.com/gitlab-org/gitlab/-/issues/363473 we are adjusting which features/abilities are restricted when a Namespace is made read-only.

This MR handles Pages from that list and allows the feature to be available

Please note: Read-only mode is not yet in use because it relates to unreleased work described in the linked issue above

How to set up and validate locally

As noted in this comment, the create_pages ability is not one that is ever explicitly allowed/enabled, so it's not really possible to validate this change for it, but for the others (update_pages, admin_pages) we can validate with:

Checkout master branch
Adjust the read_only? method to return true
```
  def read_only?
    true
  end
```

In a rails console:

  u = User.first # or some other user of yours
  p = Project.first # or some other project the user has access to

  u.can?(:admin_pages, p)
  => false

  u.can?(:update_pages, p)
  => false

Checkout this branch (vij-pages-policies)

In a rails console:

  u.can?(:admin_pages, p)
  => true

  u.can?(:update_pages, p)
  => true

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Dec 12, 2022 by Vijay Hawoldar

Enable pages feature for read-only Namespaces

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports