Creating project via API with "pages_access_level:private" doesn't work
Summary
When creating a project via the API and specifying a pages_access_level
of private
, the setting is not applied correctly to the project.
Under Settings > General > Visibility, project features, permissions > Pages , the setting correctly displays Only Project Members. However, the pages are visible publicly and don't require a login if the pages is visited in an incognito window.
Steps to reproduce
-
Create a new project via the API. I used the following payload:
name:pages-custom-access-control-bug-via-api template_name:plainhtml pages_access_level:private
-
Initiate a pipeline so the pages is deployed.
-
Observe under Settings > General > Visibility, project features, permissions > Pages that the setting is Only Project Members. In the Rails console,
Project.find(<ID>).pages_access_level
is30
, which is incorrect (it should be10
). -
Visit the pages URL in an incognito window and observe that the pages URL is accessible without login.
Workaround
- Toggling the control (Settings > General > Visibility, project features, permissions > Pages) by disabling the switch, saving it, and then enabling it again fixes
pages_access_level
and sets it to10
.
What is the current bug behavior?
If a project was created with a pages_access_level
of private
, then the pages URL should only be visible to members of the project. Currently, the pages URL is public and does not require login.
What is the expected correct behavior?
If a project was created with a pages_access_level
of private
, then the pages URL should only be visible to members of the project.
Relevant logs and/or screenshots
(Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's tough to read otherwise.)
Output of checks
Using GitLab 12.10.3-ee
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)
Possible fixes
(If you can, link to the line of code that might be responsible for the problem)