Rebuild MR report approval rules on group access changes
What does this MR do and why?
Scan result policies allow specifying merge request approvers by specifying their username or ID. Currently, when a user is referenced in a policy and only afterwards given project access through group membership, merge request approvers are not updated. Hence, the added user is unable to approve merge requests he is listed as approver for.
Project access changes are handled in !113681 (merged).
How to set up and validate locally
- Create a new group
- Create a new project within the group
- Create a Scan Result Policy that lists
user_approvers
without group/project access. - Create a new MR and note that the MR rule lists no members
- Invite the one of the users listed in the policy to the group
- Verify the user is listed as a rule approver on the MR
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #359278 (closed)
Edited by Vitali Tatarintev