Feature Flag Clients Return 403 When Repository is Set to Only Project Members
Summary
When project repository permissions are set to Only Project Members (ProjectFeature::PRIVATE
/ 10
), then Unleash clients receive a 403
from the feature flags API.
Steps to reproduce
Set a project to have the following visibility settings and save the project:
Use an Unleash client to request feature flags from the project. The client will receive a 403
.
Example Project
What is the current bug behavior?
The Unleash client will receive a 403
from the unleash API.
What is the expected correct behavior?
The Unleash client should receive a 2XX
response with the list of feature flags.
Relevant logs and/or screenshots
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)