Cannot access a private group's issue board when not a member of the group
Summary
Regression discussed in https://gitlab.com/gitlab-org/gitlab-ce/issues/54042#note_144234833
Zendesk Ticket: https://gitlab.zendesk.com/agent/tickets/114275
When a user is not a member of a private group but is a member of some projects under that group, we give access to the group page with issues scoped only to the projects the user has access to.
After a security release a few weeks ago, the issue boards page for this case no longer works.
The /-/boards/1/lists
endpoint returns a 403
CC @J-roen
Edited by Heinrich Lee Yu