Skip to content

Assign source role to user when inviting groups with member role

Hinam Mehra requested to merge 443369-update-logic into master

What does this MR do and why?

  • This MR updates what role a user is assigned when a group is invited with a custom role
  • Previously, when the group was invited with a custom role, users in that group that had the same access_level, were assigned the invited custom role as the max role. However, based on the discussion in #443369 (comment 2045824094), it was concluded that the role that the user has in the group should be the max role.
  • The acceptance criteria is listed in detail #443369 (comment 2045824094)

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

The only change is user "Lyndia Hartmann"

Before After
Screenshot_2024-08-27_at_3.01.32_PM Screenshot_2024-08-27_at_3.01.13_PM

How to set up and validate locally

  1. Make you are on an Ultimate license and you have SaaS mode on with:
export GITLAB_SIMULATE_SAAS=1
gdk restart
  1. Create two private groups - QA group & Frontend group
  2. In the rails console, create custom roles:
# enable feature-flag
Feature.enable(:assign_custom_roles_to_group_links_saas)

# create member roles in both QA group and Frontend group
MemberRole.create(base_access_level: 10, name: "Guest basic", read_code: true, namespace_id: <FRONTEND_GROUP_ID>)
MemberRole.create(base_access_level: 10, name: "Guest basic", read_code: true, namespace_id: <QA_GROUP_ID>)


MemberRole.create(base_access_level: 10, name: "Guest elevated", read_vulnerability: true, namespace_id: <FRONTEND_GROUP_ID>)
MemberRole.create(base_access_level: 10, name: "Guest elevated", read_vulnerability: true, namespace_id: <QA_GROUP_ID>)

MemberRole.create(base_access_level: 30, name: "Developer Lead", read_vulnerability: true, admin_vulnerability: true, namespace_id: <FRONTEND_GROUP_ID>)
MemberRole.create(base_access_level: 30, name: "Developer Lead", read_vulnerability: true, admin_vulnerability: true, namespace_id: <QA_GROUP_ID>)
  1. Add any 4 members to the QA group with the roles - Guest, Guest basic, Guest elevated, Developer, Developer Lead
  2. Then, navigate to the members page of the Frontend group and invite QA group with different max roles - Guest, Guest basic, Guest elevated, Developer, Developer Lead.
  3. Each time you change the custom role, check that the users are assigned the correct role in Frontend group, against the acceptance criteria listed in #443369 (comment 2045824094)

Related to #443369

Edited by Abdul Wadood

Merge request reports