Allow users to see a group application settings page in Admin mode
What does this MR do and why?
More details of the issue in #382553 (closed)
On an instance with Admin mode enabled, an admin user who is Maintainer
-level member of a group (direct or invited via another group), can not view the group's /settings/applications
page (404
error), even when they switch to admin mode.
prepend_before_action :authorize_admin_group!
verifies if a current user mode data is present in the session and if admin mode is enabled. However, current user mode data are not available in the session at that time as are being set later in around_action :set_current_admin
.
Changing from prepend_before_action
to before_action
allows us to set session data first and then try to authorize the admin group. And so the admin will be able to manage applications on settings/applications
page while being in admin mode.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
![]() |
![]() |
![]() |
![]() |
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
1 Issue:
- Enable Admin Mode on Admin Area -> Settings -> General -> Sign-in restrictions -> Enable admin mode
- Have a user with an admin role
- Create a group where that user is a maintainer
- Impersonate that user
- Click Search or go to -> Enter Admin mode
- Go to visit that group and then Setting -> Applications page
- See a 404 error
- Apply changes from this merge request
- Go to visit Setting -> Applications page for that group
- See the page is loaded
2 Issue:
- Enable Admin Mode on Admin Area -> Settings -> General -> Sign-in restrictions -> Enable admin mode
- Have a group where the admin root user is an owner
- Click Search or go to -> Enter Admin mode
- Go to visit that group and then Settings -> CI/CD page
- Click on Search and go and see Admin Area and Leave admin mode options are visible
- Go to visit Settings -> Applications page
- Click on Search and go and see Admin Area and Leave admin mode options are NOT visible
- Apply changes from this merge request
- Go to visit Settings -> Applications page
- Click on Search and go and see Admin Area and Leave admin mode options are visible
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #382553 (closed)