Research if the `Preloaders::UserMaxAccessLevelInGroupsPreloader` can also preload memberships via shared groups
Code of interest is: https://gitlab.com/gitlab-org/gitlab/-/blob/d5d92acfcf5e1378bbef6f7a9499e5b205f2f53f/app/models/preloaders/user_max_access_level_in_groups_preloader.rb#L23
Here, currently we are only preloading groups that arise from the direct memberships of the @user
. However, a user can also have access to groups via group sharing, and such groups aren't being preloaded here, which causes problems down the callstack because, for such groups, the preloader would have already set NO_ACCESS
as the access level, and in the graphql layer, this is problematic because GQL would then remove groups arising from group shares from the final result, because the preloader says that you have NO_ACCESS
to shared groups, when the reality is different.
This causes problems in multiple GraphQL endpoints, and it would be great if we can correct this at the preloader level by also preloading access for groups arising from group shares. However, this could be complicated to do, hence the "Research if" in title. If this is not possible to execute in a performant manner, we should at least come up with alternatives.
Also see the full discussion at: #296817 (comment 1058277275)