Allow users with read_code permission to search code (!137192) · Merge requests · GitLab.org / GitLab

mo khan requested to merge mokhax/421024/read-code-search into master Nov 16, 2023

What does this MR do and why?

Users associated with a custrom role with the read_code permission should be able to search for results in code. This change fixes a defect that prevented users with the read_code permission from searching (via elasticsearch) through code that they should have access to.

#421024 (closed)

Screenshots

Before	After

Project search via Zoekt:

Group search via Zoekt is disabled because of #389750 (closed).

How to set up and validate locally

Enable elastic search.
- gdk config set elasticsearch.enabled true && gdk reconfigure && gdk restart
- bundle exec rake gitlab:elastic:index
Enable the search_filter_by_ability feature flag. (e.g. Feature.enable(:search_filter_by_ability))
Create a custom role with :read_code enabled.
Invite a user to a group with the role created in the previous step.
Login as the new user.
Search for code at the group level.
Verify that search results are shown.

To test with Zoekt, enable Zoekt and then repeat the steps above.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jan 09, 2024 by mo khan

Allow users with read_code permission to search code

What does this MR do and why?

Screenshots

How to set up and validate locally

MR acceptance checklist

Merge request reports