Skip to content

Version Control for Snippets: Access Rights Check for project snippet

Mark Chao requested to merge 39514-access-check into master

What does this MR do?

Implements MVC for checking project snippet. Personal snippet will be done in the next iteration.

For this iteration, only actors being User or Key is considered.

This does not include checks to enforce single file constraint. It will also be done in another iteration.

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Related to #39514 (closed)

Edited by 🤖 GitLab Bot 🤖

Merge request reports

Loading