Fix approval rules group finder for unauthorized users
What does this MR do and why?
- Contributes to #366741 (closed) (comment 1027072147)
- Sentry error: https://sentry.gitlab.net/gitlab/gitlabcom/issues/3375037
Problem
GroupPolicyPreloader
does not correctly handles unauthorized users.
Solution
- Show only public groups to unauthorized users
- Don't preload groups for unauthorized users
Screenshots or screen recordings
Before | After |
---|---|
How to set up and validate locally
- Enable feature flag
Feature.enable(:subgroups_approval_rules)
- Visit http://localhost:3000/api/v4/projects/6/merge_requests/1/approvals (As an unauthorized user)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Vasilii Iakliushin