Skip to content

Hide analytics dashboards from guest

What does this MR do and why?

This MR has 2 commits, each one explained below. I recommend we merge without squashing.

1. Simplify Analytics Dashboard tests Analytics Dashboard feature tests had different context blocks based on several feature flag values and then calling shared product analytics dashboards tests. However, those shared examples already testing the same scenarios. So I cleaned them up before making changes to the access requirement.

2. Hide analytics dashboards unless has permission Analytics dashboards in public projects are currently accessible to any user (including guest). However, they should only be visible to users who have at least developer role in the project. This is fixed with this MR.

Changes

  1. Return 404 if people without at least developer role visits analytics dashboards page
  2. Hide analytics dashboard menu item in the side from users without at least a developer role

Note: A changelog trailer is not added as the feature is behind a flag.

Screenshots or screen recordings

The following screenshots are taken as a not logged in user in a public project.

Before After
Screenshot_2023-07-13_at_23.13.30 Screenshot_2023-07-13_at_23.09.50
Screenshot_2023-07-13_at_23.13.40 Screenshot_2023-07-13_at_23.08.18

How to set up and validate locally

  1. Create a public project
  2. Log out and visit http://gdk.test:3000/[namespace]/[project]/-/analytics/dashboards
  3. You should get 404.
  4. Visit project page, in the sidebar you should not see 'Application Analytics' or 'Dashboards' under 'Analyze'

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #413980 (closed)

Edited by Halil Coban

Merge request reports