Remove todos of users without access to targets (migration)
What does this MR do?
It removes todos for users who don't have access to todos targets anymore. Following cases are covered:
- removing project todos for users who are not members of private projects
- removing confidential issues todos for users who are not at least project reporters, authors or assignees of the issues
- removing todos for targets based on project feature visibilities (mrs, issues, repos)
Are there points in the code the reviewer needs to double check?
- performance improvements?
Why was this MR needed?
We will remove permissions check from TodosFinder in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20675. We added removing todos when a user looses permissions in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20665 but there are probably still todos in the db that users don't have access to. That's why we need this migration.
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added -
Tests added for this feature/bug - Conforms to the code review guidelines
-
Has been reviewed by a UX Designer -
Has been reviewed by a Frontend maintainer -
Has been reviewed by a Backend maintainer -
Has been reviewed by a Database specialist
-
-
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the database guides -
If you have multiple commits, please combine them into a few logically organized commits by squashing them -
Internationalization required/considered -
End-to-end tests pass ( package-and-qamanual pipeline job)
What are the relevant issue numbers?
gitlab-ee#5481
Edited by Yorick Peterse