Fix(oncallschedules): limit users to current project / avatar fix
What does this MR do?
An MVC as part of https://gitlab.com/gitlab-org/gitlab/-/issues/322137 that:
- Updates the user search query inside the Add/Edit rotation modal to restrict users to the current project only.
- Update the property path for the rotation assignees to render the user's avatar.
How/What to test
This feature is behind the feature flag oncall_schedules_mvc
and the minimal license is GitLab Premium. You can enable this feature flag by running in your console:
❯ echo "Feature.enable(:oncall_schedules_mvc)" | rails c
To check Enable the feature flag:
- Navigate to Operations => On-call Schedules or direct link is
your_project/-/oncall_schedules
e.g. http://127.0.0.1:3000/gitlab-org/gitlab-shell/-/oncall_schedules - Click
Add schedule
in the empty state - Add a base schedule with a name, description, and timezone
- You will see an empty grid with no rotations
- Click add a rotation on the top right of the grid
- Add a rotation with a handful of members that have access to the current project and pick a start date/time
- A rotation will be added
- Each rotation will have a selection of assignee's drawn against the schedule/rotation data
- Each rotation assignee can be hovered over to confirm their start/end time
- Each rotation assignee should have their username and their avatar
Screenshots (strongly suggested)
Grid | Rotation Modal |
---|---|
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
- [-] Documentation (if required)
- [-] Code review guidelines
- [-] Merge request performance guidelines
- [-] Style guides
- [-] Database guides
- [-] Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Related to #322137
Edited by David O'Regan