Group import | The importing user is added as an owner on the imported group
Summary
Replicated on 12.9.0-ee
If a user is importing a group via the API https://docs.gitlab.com/ee/api/group_import_export.html and they weren't originally a member on the group, they are then assigned owner permissions on the imported group.
Steps to reproduce
Assume there are 2 GitLab instances with the following:
- GitLab Alpha
- User: root
- GitLab Beta
- User: root
- User: another-user
On GitLab Alpha
- Login to GitLab Alpha as root.
- Create a new group. The owner on the group is root, ensure no other users have permissions.
- Export the group using an API token for root, as per https://docs.gitlab.com/ee/api/group_import_export.html
On GitLab Beta
- Import the group using an API token for another-user, as per https://docs.gitlab.com/ee/api/group_import_export.html#import-a-file
- Login to GitLab Beta as another-user
- The group imported will be owned by both root and another user.
What is the current bug behavior?
An imported group adds the importing user as an owner even if the original owner user exists.
What is the expected correct behavior?
An imported group should not add the importing user as an owner IF the original owner user exists.
Relevant logs and/or screenshots
(Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's tough to read otherwise.)
Output of checks
(If you are reporting a bug on GitLab.com, write: This bug happens on GitLab.com)
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)
Workarounds
- Manually remove the owner that should not have access on the imported group.
Possible fixes
(If you can, link to the line of code that might be responsible for the problem)