Add search autocomplete suggestions for recently viewed epics
What does this MR do?
When typing in the search bar you will now see suggestions for recently viewed epics.
This implements the same thing we implemented for issues and merge requests now for Epics. This required a slightly different approach as the
EpicsFinder
was not suitable for this purpose. At present it only
supports searching within a single group. And extending it to support
wider use cases would likely lead to performance issues as there is no
equivalent group permissions cache like project_authorizations
table
to efficiently determine which groups a user can view epics in.
The simpler thing to do here was to just manually check the permissions for each returned epic. This leaves a very edge case scenarion in which a user was previously able to see an epic and looked at that epic in their last 100 viewed epics and then performs a search and now only sees 4 suggestions (instead of the expected 5). This in theory, if the epic was renamed and the new name contained something important the user shouldn't see, could lead to the leak of an existence of that name in the search results. Considering this edge case is so unlikely it seems safe to not worry too much about it.
See !43964 (comment 422531496) for DB query performance.
You may wish to review this MR commit by commit as the first 2 commits are small refactors to make it easier to add the RecentEpics
class.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Closes #259608 (closed)