Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

Resolve "Allow a template in a namespace which is out of the hierarchy of the Group owning the template"

Review changes
Download
Patches
Plain diff

Manoj M J requested to merge 9768-allow-a-template-in-a-namespace-which-is-out-of-the-hierarchy-of-the-group-owning-the-template into master Jul 02, 2019

Overview 49
Commits 1
Pipelines 16
Changes 7

What does this MR do?

Before:

(Case as described in #9768 (closed))

We have a Group with several subgroups. One of the subgroups contains only our templates.

The structure of our group looks something like this

Group

Subgroup A

App A

App B

Subgroup B

App C

App D

Templates

App T

In the settings of Group I set Group/Templates as the custom project templates group.

Now if I want to create a new project in Group/Subgroup A which uses a template from Group/Templates I get the following error

The form contains the following error: Namespace is out of the hierarchy of the Group owning the template

Fix:

The current implementation has a validation being run to make sure that the project is being created in the namespace that is inside the hierarchy of the group owning the template. However, the check considers only the ancestor and it's own group as valid namespaces.

With the current fix, all descendants of the group that has the custom project template set are considered valid.

After:

After the fix, user is able to create projects from templates that is inside a different group, when it's a descendant of the of the parent of the group that is set as the template source.

Does this MR meet the acceptance criteria?

Conformity

Changelog entry
Documentation created/updated or follow-up review issue created
Code review guidelines
Merge request performance guidelines
Style guides
Database guides
Separation of EE specific content

Performance and testing

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
Tested in all supported browsers

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
Security reports checked/validated by a reviewer from the AppSec team

Closes #9768 (closed)

Edited Apr 26, 2023 by 🤖 GitLab Bot 🤖

Merge request reports

Assignee

Reviewers

Request review from

Time tracking