Add API to query group MR approval settings
🧩 What does this MR do?
This MR adds database table and RESTful API to allow managing group-level MR approval settings.
This feature is behind a feature flag :group_merge_request_approval_settings_feature_flag
⚙ Implementation
- Endpoints:
GET /groups/:id/merge_request_approval_setting
- Permissions:
Admin
orOwner
role - EE License:
:group_merge_request_approval_settings
(GitLab Premium)
Example response payload:
{
"allow_author_approval": true
}
🐘 Database
Table
gitlabhq_development=# \d group_merge_request_approval_settings;
Table "public.group_merge_request_approval_settings"
Column | Type | Collation | Nullable | Default
-----------------------+--------------------------+-----------+----------+---------
created_at | timestamp with time zone | | not null |
updated_at | timestamp with time zone | | not null |
group_id | bigint | | not null |
allow_author_approval | boolean | | not null | false
Indexes:
"group_merge_request_approval_settings_pkey" PRIMARY KEY, btree (group_id)
Foreign-key constraints:
"fk_rails_37b6b4cdba" FOREIGN KEY (group_id) REFERENCES namespaces(id) ON DELETE CASCADE
Query
The below query is used by the GET endpoint to retrieve the group_merge_request_approval_settings
for a given group_id
. This is a new table and there is currently no facility to insert/update records yet.
gitlabhq_development=# EXPLAIN ANALYZE SELECT "group_merge_request_approval_settings".* FROM "group_merge_request_approval_settings" WHERE "group_merge_request_approval_settings"."group_id" = 22 LIMIT 1;
QUERY PLAN
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Limit (cost=0.15..2.17 rows=1 width=25) (actual time=0.032..0.033 rows=1 loops=1)
-> Index Scan using group_merge_request_approval_settings_pkey on group_merge_request_approval_settings (cost=0.15..2.17 rows=1 width=25) (actual time=0.032..0.032 rows=1 loops=1)
Index Cond: (group_id = 22)
Planning Time: 0.427 ms
Execution Time: 0.075 ms
(5 rows)
Revert
== 20201217070530 AddGroupMergeRequestApprovalSettings: reverting =============
-- drop_table(:group_merge_request_approval_settings)
-> 0.0020s
== 20201217070530 AddGroupMergeRequestApprovalSettings: reverted (0.0160s) ====
Migrate
== 20201217070530 AddGroupMergeRequestApprovalSettings: migrating =============
-- table_exists?(:group_merge_request_approval_settings)
-> 0.0012s
-- create_table(:group_merge_request_approval_settings, {:id=>false})
-> 0.0118s
== 20201217070530 AddGroupMergeRequestApprovalSettings: migrated (0.0163s) ====
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Related to #273544 (closed)
Edited by Tan Le