Use access code suggestions policy
What does this MR do and why?
This MR refactors the authorisation logic in code_suggestions/tokens
API to
use the access_code_suggestions
permission.
Areas that currently use this permission are:
Screenshots or screen recordings
N/A
How to set up and validate locally
- Set the feature flag on rails console
bundle exec rails c
Feature.enable(:code_suggestions_tokens_api)
- Enable
code_suggestions
group settings for all root groups as well as profile setting.user = User.first user.groups.by_parent(nil).map { |g| g.update(code_suggestions: true) } user.namespace.update(code_suggestions: true)
- Execute a cURL request to create a new access token
curl --request POST \ --url http://gdk.test:3000/api/v4/code_suggestions/tokens \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer <oauth/pat>'
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Tan Le