Restrict access to MR widget external-status-check retry button
What does this MR do and why?
Restrict access to the MR widget failed status check retry button. The button will now only show for logged in users who are project developer/maintainer or above.
| account type | result |
|---|---|
| no role / not a project member at all |
|
| guest | same as above |
| reporter | same as above |
| developer | widget loads, retry button is visible |
| maintainer | same as developer ^^ |
| owner | same as developer ^^ |
| signed out | widget completely hidden |
Unfortunately due to the other issue in #374000 (closed) it is a little difficult to see this new permission check I have added in action, since the widget is either broken, or the button is showing up. I've left a note on the other issue to confirm those changes keep this expected behaviour.
Screenshots or screen recordings
| with permissions | with no permissions (data fudged in dev env to get past the other bug) |
|---|---|
 |
 |
How to set up and validate locally
- Create external status check on a project https://docs.gitlab.com/ee/user/project/merge_requests/status_checks.html#view-the-status-checks-on-a-project (you can use example.com for url to ensure the status check will always failed)
- Create MR for the project
- Set the status check to "failed". This is currently only possible via the API, a copy-pasta-able example of doing that can be found here: https://gitlab.com/gitlab-org/govern/compliance/graphql-example-requests/-/blob/main/rest/post_status_check_response.js
- Expand the collapsed Status Checks MR widget
Retry button is still visible if you are a project developer or matainer or above Retry button is gone if you are not.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #388727 (closed)