Limit external participants on a single issue
Feature context
Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/299940+
issue_email_participants.
We want to limit the number of external participants on an issue and learn how it's used in the first place to prevent abuse
What does this MR do and why?
Limit external participants on a single issue
When using the CreateService you cannot add more than the maximum allowed number of issue email participants to a single issue.
Screenshots or screen recordings
How to set up and validate locally
- Select a project and enable the feature flag for
issue_email_participants.project = Project.find(7) Feature.enable(:issue_email_participants, project) - Select an issue that you'd like to use
issue = project.issues.last - Add an external participant using the service class and see it added the participant
emails = ['user@example.com'] ::IssueEmailParticipants::CreateService.new( target: issue, current_user: project.creator, emails: emails ).execute issue.issue_email_participants - Add another 5 participants to add the maximum number of participants
emails = Array.new(5) { |i| "user#{i}@example.com" } ::IssueEmailParticipants::CreateService.new( target: issue, current_user: project.creator, emails: emails ).execute issue.issue_email_participants - Try to add another participant. This shouldn't work and the service should return an error
ServiceResponse.emails = ['not-me@example.com'] ::IssueEmailParticipants::CreateService.new( target: issue, current_user: project.creator, emails: emails ).execute
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Marc Saleiko