Disable manual job action button for users without correct permissions
What does this MR do and why?
What: This MR changes the behavior of the manual action trigger button on the pipeline graph - it shows a disabled action button when the user does not have permission to run the manual action, and adds an explanatory hover tooltip.
Why: We don't currently show the action button at all in this case, which leads to confusion about whether the job has a manual action and why a user can or can't run that manual action.
Technically, this MR
- adds the
label
field to thedetailedStatus
object that we fetch for a job because thislabel
gets "(not allowed)" appended to it when the user is not allowed to trigger the action - shows a disabled action button when a manual job doesn't have an authorized action (no
job.action
is passed in this case) and thelabel
contains "(not allowed)" - moves the tooltip for the action button to an element that isn't the button itself because disabled buttons can't have tooltips
Screenshots or screen recordings
before | with this MR |
---|---|
unclear whether the job has a manual action at all | clear that the job has a manual action, but the user isn't authorized to run it |
How to set up and validate locally
- add a manual action to a public project's
.gitlab-ci.yml
, here's one I prepared earlier:
stop-staging:
stage: deploy
script: echo 'hello'
when: manual
environment:
name: staging
action: stop
- run a pipeline for the project
- navigate to the pipeline page, find the manual action and verify that it is active by hovering over it:
- log out (or open a private browsing window) and navigate to the pipeline page again
- hover over the manual action and verify that it is disabled and shows the
Not authorized to access this job's protected environment
tooltip
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #342783 (closed)
Edited by Peter Hegman