Approval rules with users that have their access revoked could become impossible to satisfy
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Summary
When creating an ApprovalRule (ApprovalProjectRule or ApprovalMergeRequestRule) and removing access from the users/groups who are supposed to approve for that rule, it becomes impossible to satisfy the rule.
Steps to reproduce
- Add a user as developer to a project
- Create an approval rule with that requires 1 approval and link that developer to the rule
- Remove the developer from the project
Example Project
https://gitlab.com/reprazents-test-space-renamed/working/merge_requests/2
This merge request cannot be approved by @toon, so it can never be merged
What is the expected correct behavior?
The rule does not display Toon as a developer, allowing the other users, if any to approve the merge request
Possible fixes
It think we should filter out ineligible approvers from ApprovalWrappedRule#approvers, that would allow any other user linked to the rule to still approve.
If the rule becomes impossible to satisfy, we should display a warning asking to update the rule.