Skip to content

Include group links in access level check

mo khan requested to merge mokhax/462596/highest-group-member into master

What does this MR do and why?

This change attempts to reproduce the defect described in #462596 (closed) and resolve it.

Related to:

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Group Hierarchy Custom Role gitlab-org membership gitlab-org/secure/managers membership gitlab-org/secure/managers group membership gitlab-org/security-products/analyzers membership gitlab-org/security-products/analyzers group membership

Before After
Before: 500 error After: Custom Role Assigned

How to set up and validate locally

  1. Create the following group hierarchies
    • gitlab-org/security-products/analyzers
    • gitlab-org/secure/managers
  2. Create a custom role for gitlab-org called "Developer+Vuln Admin" with the :admin_vulnerability permission and Developer as the base role.
  3. Create a new user account named @thiagocsf
  4. Create a new user account named @smtan
  5. Add thiagocsf as a Developer to gitlab-org
  6. Add thiagocsf as an Owner to gitlab-org/secure/managers
  7. Add the gitlab-org group to the gitlab-org/secure/managers group as a Developer
  8. Add the gitlab-org/secure/managers group to the gitlab-org/security-products/analyzers group as an Owner.
  9. Log in as thiagocsf
  10. Navigate to http://gdk.test:3000/gitlab-org/secure/analyzers/-/group_members and invite @smtan as a Developer+Vuln Admin role.
Edited by mo khan

Merge request reports

Loading