Enable access_security_and_compliance when read_vulnerability is enabled
requested to merge mokhax/422305/read_vulnerability-enables-access_security_and_compliance into master
What does this MR do and why?
This change enabled the :access_security_and_compliance ability when the :read_vulnerability permission is enabled via a custom role.
Some of the tests were updated to reflect the desired state of policies.
-
:read_project_security_dashboardis enabled when the:read_vulnerabilitypermission is enabled via a custom role. #415253 (comment 1499769289) -
:read_dependenciesis enabled when the project is public. !14561 (merged), #10078 (closed) -
:read_licensesis enabled when the project is public. aa6837cf
Related to:
- Project security dashboard not visible to custo... (#421528 - closed) • Jessie Young • 16.4
- read_vulnerability custom role currently doesn'... (#422305 - closed) • mo khan • 16.4 • On track
- Add Security and Compliance menu (!60368 - merged) • Francisco Javier López (ex-Gitlab) • 13.12
- Fix Security navigation for users with custom role (!121736 - merged) • Jarka Košanová • 16.1
- Enable `access_and_security_compliance` ability... (!128921 - merged) • mo khan • 16.3
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by mo khan