Cascading Setting for "Enable delayed project removal" group setting
📖 What does this MR do?
Related to #324097 (closed) and #321724 (closed)
~"group::access" is working on creating an "inherited settings framework" that allows settings to be "enforced" at the application level (for self-managed) or at the group/namespace level (for GitLab.com and self-managed). This MR adds new HAML partials that render an "Enforce for all subgroups" checkbox and JavaScript that displays a popover when a lock icon is hovered/focused. As a MVC we are focusing on just the "Enable delayed project removal" setting. In the future we will add this functionality to more settings.
The cascading settings framework (and this MR) support enforcing a setting at the application/namespace level. The "Enable delayed project removal" setting, however, does not yet exist at the application/namespace level but will be added in a future iteration. Work for this is being tracked in #326742
📋 Summary of changes
- Create a HAML partial (
app/views/shared/namespaces/cascading_settings/_setting_label.html.haml
) for displaying the setting label with a lock icon when the settings enforced. - Create a HAML partial for displaying the enforcement checkbox (
app/views/shared/namespaces/cascading_settings/_enforcement_checkbox.html.haml
). - Create a Vue component that displays a popover when the lock icon is hovered over.
- Update other checkbox settings in the "Permissions, LFS, 2FA" section to use the new GitLab UI checkbox CSS. This ensures that the checkboxes line up correctly in that section.
- Add Rspec shared example that can be used to test this setting and other cascading settings in the future.
Example group structure
└── Group 1
├── Group 2
│ └── Group 3
└── Group 4
💻 Local testing
Based on "Example group structure"
- Enable the
cascading_namespace_settings
feature flagbin/rails console
Feature.enable(:cascading_namespace_settings)
- Navigate to "Group 1" -> "Settings" -> "General" -> "Permissions, LFS, 2FA"
- Check the "Enforce for all subgroups" under the "Enable delayed project removal" setting
- Navigate to "Group 2, 3, or 4" -> "Settings" -> "General" -> "Permissions, LFS, 2FA". The "Enable delayed project removal" setting should be enforced.
📷 Screenshots
Based on "Example group structure"
View | Before | After |
---|---|---|
Group 1 | ||
Group 2 |
🚦 Does this MR meet the acceptance criteria?
Conformity
-
📋 Does this MR need a changelog?-
I have included a changelog entry. -
I have not included a changelog entry because this change is behind a feature flag.
-
- [-] Documentation (if required)
- Documentation will be added in subsequent MRs
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team