Skip to content

Update epic tree permissions

Eugenia Grieff requested to merge 382507-update-epic-items-tree-fe into master

Related to #382507 (closed)

What does this MR do and why?

With !106415 (merged) the permissions required to add and remove a child epic were updated so these need to be matched in the epic tree dropdown:

Before:

Name Permission Description
canAdmin can?(current_user, :admin_epic, issuable) User has at least Reporter role in epic's group

After:

Name Permission Description
canAdminRelation can?(current_user, :admin_epic_relation, issuable) User has at least Guest role in epic's group

Note that the changes only apply to child epics so we have to to keep canAdmin for handling child issues. With #382506 (closed) we'll be able to apply the new permissions to child issues as well.

Screenshots or screen recordings

Guest user - Before Guest user - After Non-member - Unchanged
Screenshot_2022-12-08_at_14.36.48 Screenshot_2022-12-08_at_14.36.08 Screenshot_2022-12-08_at_14.36.48

How to set up and validate locally

  1. Visit an epic impersonating a user with Guest access to the epic's group
  2. Click on the Add button in the Child issues and epics component. The epics options should be shown.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Eugenia Grieff

Merge request reports