Improve group issues query for Reporters and above (!122423) · Merge requests · GitLab.org / GitLab

Heinrich Lee Yu requested to merge skip-issues-confidentiality-check-for-reporters into master Jun 02, 2023

What does this MR do and why?

We can skip the confidentiality clause for Reporters and above since these users will be able to see all confidential issues in the group

Context: We had this optimization before but lost it unintentionally in the refactor in dd860654

Previously we had:

if project? && project
  project.team.max_member_access(current_user.id) >= CONFIDENTIAL_ACCESS_LEVEL
elsif group
  group.max_member_access_for_user(current_user) >= CONFIDENTIAL_ACCESS_LEVEL

But when this was changed to a policy check, we forgot to enable the ability for group reporters. This is enabled for project reporters in https://gitlab.com/gitlab-org/gitlab/-/blob/27e4707eaa0e4e3c6a771e0054f59d56c62a4c33/app/policies/project_policy.rb#L368

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jun 02, 2023 by Heinrich Lee Yu

Improve group issues query for Reporters and above

What does this MR do and why?

MR acceptance checklist

Merge request reports