Return the maximum group access level in the projects API
What does this MR do?
Currently if a project is inside a nested group and a user doesn't have specific permissions for that group but does have permissions on a parent group the GET /projects/:id
API call will return the following permissions:
permissions: {
project_access: null,
group_access: null
}
It could also happen that the group specific permissions are of lower level than the ones the user has in parent groups. This patch makes it so that the permission returned for group_access
is the highest from amongst the hierarchy, which is (ostensibly) the information that the API user is interested in for that field.
What are the relevant issue numbers?
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/43684
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated via this MR -
Tests added for this feature/bug -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the database guides -
Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process. -
Security reports checked/validated by reviewer
Edited by Alejandro Rodríguez