Draft: New custom permissions generators (!137291) · Merge requests · GitLab.org / GitLab

Jarka Košanová requested to merge custom-roles-generator into master Nov 17, 2023

What does this MR do and why?

It simplifies the implementation of a new permission, running 2 scripts will

generate a permission definition yaml file
generate a migration for adding a new column to the database
generate a request spec
TODO: re-generate a documentation for all implemented custom permissions

This was inspired by audit events generator and therefore the code is similar in many cases and could be refactored. As this is just a working prototype I didn't spend time on this.

How to set up and validate locally

Generation of the permission yaml file

interactively: ./bin/custom-permission permission_name, eg. ./bin/custom-permission admin_merge_request

or with arguments:

./bin/custom-permission -d "description." -c feature_category -g -p -i "https://TODO" -m "https:/TODO" permission_name

eg. ./bin/custom-permission -d "Allows read-only access to the vulnerability reports.." -c vulnerability_management -g -p -i "https://TODO" -m "https:/TODO" read_vulnerability

Generation of migration, request spec file

rails g gitlab:custom_roles:code --permission permission_name, eg. rails g gitlab:custom_roles:code --permission admin_group_member

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Nov 17, 2023 by Jarka Košanová

Draft: New custom permissions generators

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports