Resolve "Allow a template in a namespace which is out of the hierarchy of the Group owning the template"
What does this MR do?
Before:
(Case as described in #9768 (closed))
We have a Group with several subgroups. One of the subgroups contains only our templates.
The structure of our group looks something like this
- Group
- Subgroup A
- App A
- App B
- Subgroup B
- App C
- App D
- Templates
- App T
In the settings of
Group
I setGroup/Templates
as the custom project templates group.Now if I want to create a new project in
Group/Subgroup A
which uses a template fromGroup/Templates
I get the following errorThe form contains the following error: Namespace is out of the hierarchy of the Group owning the template
Fix:
The current implementation has a validation being run to make sure that the project is being created in the namespace that is inside the hierarchy of the group owning the template. However, the check considers only the ancestor and it's own group as valid namespaces.
With the current fix, all descendants of the group that has the custom project template set are considered valid.
After:
After the fix, user is able to create projects from templates that is inside a different group, when it's a descendant of the of the parent of the group that is set as the template source.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation created/updated or follow-up review issue created -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Performance and testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Closes #9768 (closed)