Skip to content

Set default project scope based on user permissions

Terri Chu requested to merge tchu-proposal-for-default-project-scope into master

Background

Discovered while fixing #408364 (closed) , !118358 (merged) was implemented as a frontend only fix but was reverted. The original exposed some other edge cases and we chose to fix them in one MR

The additional edge cases caused a few UI bugs:

  • no search tabs in project scoped search results page
  • no tab being selected some tabs were shown
  • tabs being shown that the user does not have permission to view for project scoped searches

This was due to the backend defaulting project scoped searches to blobs if no scope is chosen and allowing scopes to be selected when the user does not have permissions for the scope.

What does this MR do and why?

This MR has frontend and backend changes split into two commits, they can be reviewed by commit.

frontend changes

  • fix for edge case where no search term is showing search tabs in the old navigation

backend changes

  • the ~default scope is now set by looking at allowed scopes & taking into account permissions for the user
  • fixed a few of the tabs condition checks for project scoped searches
  • added/updated specs

Screenshots or screen recordings

before after
frontend before after
backend before after

How to set up and validate locally

frontend

  1. Check the new navigation and old navigation
  2. Visit the search page with no search term http://gdk.test:3000/search?scope=issues&search=
  3. The search page should not show any search tabs

backend

  1. Create a public project
  2. Disable Repository and Issues for the project in Project Settings - General
  3. Login as a user who does not have access to the project
  4. Run a project scoped search with NO scope: http://gdk.test:3000/search?project_id=8&search=* (use project id from step 1)
  5. Verify the Code tab doesn't show up and that a tab is selected
  6. Run a project scoped search with the issues scope: http://gdk.test:3000/search?project_id=8&search=*&scope=issues (use project id from step 1)
  7. Verify the Issues tab doesn't show up and that a tab is selected

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Terri Chu

Merge request reports