Skip to content

Skip shared group validation for the approval form

What does this MR do and why?

Contributes to #350596 (closed)

It is only a temporary fix to mitigate the bug severity

Problem

User access to shared group validation applies only to the group itself and does not check if the user has inherited access rights.

Solution

Skip validation before we find a way to correctly verify user permissions.

Screenshots or screen recordings

FF off FF on (Group C is available)
Screenshot_2022-02-14_at_18.48.09 Screenshot_2022-02-14_at_18.46.57

How to set up and validate locally

Enable feature flag:

Feature.enable(:permit_all_shared_groups_for_approval)
  1. Share a group with a project (Project information -> Members -> Groups (tab))
  2. Setup a user that has access to the project, but don't have access to the group
  3. Create a merge request as a user
  4. Edit merge request and click on Approval rules
  5. Click Add approval rule button
  6. Click on Add approvers field
  7. Verify that shared group name is present there (when feature flag is on)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Vasilii Iakliushin

Merge request reports

Loading