Skip to content

Rc/add metrics dashboard policy

Ryan Cobb requested to merge rc/add_metrics_dashboard_policy into master

What does this MR do?

Issue: #201924 (closed)

This MR adds a new policy for access to a projects metrics dashboard. Access to the metrics dashboard requires access to read_prometheus, read_environment and read_deployment. This MR also includes a couple small frontend fixes in support of this feature.

The table below shows permission permutations with this new feature flag. Bolded items are new permissions.

Project Feature User Permission
Public Private anonymous no
Public Private guest no
Public Private reporter yes
Public Enabled anonymous yes
Public Enabled guest yes
Public Enabled reporter yes
Internal Private anonymous no
Internal Private guest no
Internal Private reporter yes
Internal Enabled anonymous no
Internal Enabled guest yes
Internal Enabled reporter yes
Private Private anonymous no
Private Private guest no
Private Private reporter yes
Private Enabled anonymous no
Private Enabled guest no
Private Enabled reporter yes

Screenshots

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Craig Norris

Merge request reports

Loading