Draft: New custom permissions generators
What does this MR do and why?
It simplifies the implementation of a new permission, running 2 scripts will
- generate a permission definition yaml file
- generate a migration for adding a new column to the database
- generate a request spec
- TODO: re-generate a documentation for all implemented custom permissions
This was inspired by audit events generator and therefore the code is similar in many cases and could be refactored. As this is just a working prototype I didn't spend time on this.
How to set up and validate locally
Generation of the permission yaml file
interactively: ./bin/custom-permission permission_name
, eg. ./bin/custom-permission admin_merge_request
or with arguments:
./bin/custom-permission -d "description." -c feature_category -g -p -i "https://TODO" -m "https:/TODO" permission_name
eg. ./bin/custom-permission -d "Allows read-only access to the vulnerability reports.." -c vulnerability_management -g -p -i "https://TODO" -m "https:/TODO" read_vulnerability
Generation of migration, request spec file
rails g gitlab:custom_roles:code --permission permission_name
, eg. rails g gitlab:custom_roles:code --permission admin_group_member
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.