When selecting approvers show only possible users and groups
Identified as an actionable insight in the Code Review Category Maturity Scorecard.
Summary
The list of "Members" shown in the "Update approvers" dialog for an MR will show many unexpected users and groups when I start typing into the Members box.
Steps to reproduce
- Create an MR
- Click "Edit" for the Approvers of the MR
- Click in the "Members" entry area
- The initial list appears to be relevant users and groups
- Type a letter, 'c' for example.
- The list of users and groups appear to be all over gitlab.
The project is private.
Example Project
(The problem occurs with a private project.)
What is the current bug behavior?
The list of users and groups for approvers shows users and groups from all over gitlab.
What is the expected correct behavior?
The list of users and groups for approvers should only be those that are authorized to approve the MR.
Relevant logs and/or screenshots
Output of checks
This bug happens on GitLab.com
@vyaklushin)
Implementation proposal (byWe can let the user choose if they want to see the full list or only the list of groups that have access to the group (So basically give users control to switch between the current implementation and the implementation that was reverted.) (link)
- Add a toggle to the approval select form that allows to choose between "All groups" (current behavior, includes public groups) and "Organization groups" (new behavior, display groups that belong to the customer's namespace)
- Depending on the selected option, frontend will send a request to different endpoints (or the same endpoint with a different set of flags).