Skip to content

Allow enabling approval permissions for users with the Planner role

Currently, we can enable approval permissions for the reporter role, but we want to extend this option for the Planner role too. See https://gitlab.com/groups/gitlab-org/-/epics/13770#note_2358893986 for justification.

Poposal

  • Update the merge_request_group_approver condition to include Planner. For example:

    diff 
    diff --git a/app/models/member.rb b/app/models/member.rb
--- a/app/models/member.rb	(revision da66261bc7bb26e346fe55ee14474223b54e64a4)
+++ b/app/models/member.rb	(date 1753182771329)
@@ -189,6 +189,7 @@
   scope :guests, -> { active.where(access_level: GUEST) }
   scope :planners, -> { active.where(access_level: PLANNER) }
   scope :reporters, -> { active.where(access_level: REPORTER) }
+  scope :planners_and_reporters, -> { active.where(access_level: [PLANNER, REPORTER]) }
   scope :developers, -> { active.where(access_level: DEVELOPER) }
   scope :maintainers, -> { active.where(access_level: MAINTAINER) }
   scope :non_guests, -> { where('members.access_level > ?', GUEST) }
diff --git a/ee/app/policies/ee/merge_request_policy.rb b/ee/app/policies/ee/merge_request_policy.rb
--- a/ee/app/policies/ee/merge_request_policy.rb	(revision da66261bc7bb26e346fe55ee14474223b54e64a4)
+++ b/ee/app/policies/ee/merge_request_policy.rb	(date 1753182771313)
@@ -82,7 +82,9 @@
       end

       def group_access?(protected_branch)
-        protected_branch.approval_project_rules.for_groups(@user.group_members.reporters.select(:source_id)).exists?
+        protected_branch.approval_project_rules.for_groups(
+          @user.group_members.planners_and_reporters.select(:source_id)
+        ).exists?
       end

       rule { ~can_override_approvers }.prevent :update_approvers

  • Update documentation:

Edited by Eugenia Grieff