Update container cleanup policy permissions
🔎 What does this MR do and why?
This MR updates the permissions involving container repository cleanup policies from Developer
to Maintainer
.
The UI page that controls these settings requires maintainer access, however, the API only requires developer. This change is meant to make the two match each other to prevent confusion and also conform with most other similar settings throughout GitLab.
📷 Screenshots or screen recordings
💻 How to set up and validate locally
- Create a project, or choose an existing project.
- Create a user
- Add the new user to the project as a Developer.
- While logged in as the Developer user, use the graphql explorer: http://gdk.test:3000/-/graphql-explorer to try to update the container expiration policy settings using the query below:
mutation { updateContainerExpirationPolicy(input: {projectPath: "<project-full-path>", enabled:false, keepN:FIFTY_TAGS}) { containerExpirationPolicy { enabled keepN } } }
- The request should be unsuccessful
- Optionally, you could try the request again while logged in as a maintainer or the owner of the project, the request should be successful.
🛃 MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #350682 (closed)
Edited by Steve Abrams