Approvers group does not persist after adding it to the approval rules (!100192) · Merge requests · GitLab.org / GitLab

Vasilii Iakliushin requested to merge 376289_fix_approval_rules_group_filtering into master Oct 04, 2022

What does this MR do and why?

Contributes to #376289 (closed)
Feature flag: #376331 (closed)

Problem

public_or_visible_to_user does not correctly resolves inherited permissions for subgroups.

For the structure,

Group A -> Group B
User has direct permissions to Group A

public_or_visible_to_user will return false for Group B.

Solution

Use accessible_to_user method to correctly apply the permission check.

How to set up and validate locally

See reproduction steps: #376289 (closed)

Enable feature flag

Feature.enable(:approval_rules_eligible_filter)

Create an approval rule with approval group sc_approvals_test/members/engineers
You should see two approvers in the list

FF off	FF on

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Oct 05, 2022 by Vasilii Iakliushin

Approvers group does not persist after adding it to the approval rules

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports