Allow DAST profiles to be modified/removed when not referenced
requested to merge 387499-fix-updating-removing-dast-profiles-when-not-referenced-in-policy into master
What does this MR do and why?
This MR fixes the problem where users were not able to modify/remove DAST profiles when security policies were configured on both group and project level.
How to set up and validate locally
- Create group
- Create project
- For a group create at least one Security Policy (no need to be a DAST policy) (Security & Compliance -> Policies -> New Policy -> Scan Execution Policy)
- For a project create at least one Security Policy (no need to be a DAST policy) (Security & Compliance -> Policies -> New Policy -> Scan Execution Policy)
- Go to Security & Compliance -> On-Demand Scan -> Create DAST scan with scan profile and scan site.
- Try to modify/delete scan profile and scan site. It should be possible when they are not referenced in the policy.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #387499 (closed)