Guard On-call Schedule and Escalation Policies URLs if disabled
What does this MR do and why?
In project settings Settings > General > Visibility, project features, permissions users can disable Operation feature (soon Monitor feature - still behind feature flag).
When disabled the Monitor menu in the sidebar was hidden, however, users still could access features directly via the URL.
This MR prevents direct access via the URL for On-call Schedule and Escalation Policies features if the Operation feature (soon Monitor feature) is disabled.
This MR contains changes for both:
- Settings > General > Visibility, project features, permissions > Operations
-
Settings > General > Visibility, project features, permissions > Monitor (still behind feature flag
split_operations_visibility_permissionssee rollout issue).
Refs #364240 (comment 1164761836)
Screenshots or screen recordings
| Settings / Page | On-call Schedules | Escalation Policies |
|---|---|---|
|
Operations |
 |
 |
|
Operations |
 |
|
|
Monitor |
|
|
|
Monitor |
|
|
How to set up and validate locally
Monitor toggle - feature flag split_operations_visibility_permissions enabled
- In Rails console:
Feature.enable(:split_operations_visibility_permissions) - Setup On-call Scheudules
- Setup Escalation Policies
- Go to projects Settings > General > Visibility, project features, permissions > Monitor and toggle
- Login as Reporter (or higher)
- Visit http://localhost:3000/gitlab-org/gitlab-test/-/oncall_schedules
- Visit http://localhost:3000/gitlab-org/gitlab-test/-/escalation_policies
Operations toggle - feature flag split_operations_visibility_permissions disabled
- In Rails console:
Feature.remove(:split_operations_visibility_permissions) - Setup On-call Scheudules
- Setup Escalation Policies
- Go to projects Settings > General > Visibility, project features, permissions > Operations and toggle
- Login as Reporter (or higher)
- Visit http://localhost:3000/gitlab-org/gitlab-test/-/oncall_schedules
- Visit http://localhost:3000/gitlab-org/gitlab-test/-/escalation_policies
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Peter Leitzen