fix: Drop crossjoin from Sbom::Occurrence#visible_to
What does this MR do and why?
Removes cross-join from Sbom::Occurrence#visible_to
method which relies of pulling project_authorizations.
I believe this is only used through Sbom::DependenciesFinder
, in which case we skip this scope for user.can_read_all_resources?
or current_user.blank?
. Realistically, this should be the maximum possible projects a given user has access to which should hopefully be a reasonable quantity.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Closes #477112
Edited by Lucas Charles