Skip to content

Fix display 403 errors for cycle analytics

Ezekiel Kigbo requested to merge fix-cycle-analytics-403-error-message into master

What does this MR do?

Prior to moving to the new cycle analytics endpoints in !18514 (merged) and the related MRs api errors would be dispatched to the receiveCycleAnalyticsDataError action which in turn would check if the user has sufficient permissions and set the errorCode state key. The errorCode state key would then be used to display an error message if the user does not have access to the cycle analytics features.

Now that we have multiple requests that need to be dispatched to render the summary table, we need to check for permissions errors if any of those requests fails. This MR:

  • Checks the error code for cycle analytics requests that dispatch after selecting a group and displays a message or throws the error to be caught by receiveCycleAnalyticsDataError if it is a permission error
  • Adds additional specs to ensure the charts do no render if the user does not have permission

Screenshots

With permission No permissions
Screen_Shot_2020-01-15_at_1.53.58_am Screen_Shot_2020-01-15_at_1.55.38_am

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by 🤖 GitLab Bot 🤖

Merge request reports

Loading