Skip to content

Add before action to check if admin when admin is required

Cleveland Bledsoe Jr requested to merge cleveland-group-delete-check into master

What does this MR do and why?

This MR attempts to add a pre check to the destroy action so that we can check if the user is an admin and actually able to delete the group. Otherwise, deleting a group when the Allowed to delete projects is set to admins only would result in a silent fail.

Relates to:

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After
image image

How to set up and validate locally

  1. As an Administrator, go to the Admin panel and navigate to Settings > General > Visibility and access controls
  2. Set the Allowed to delete projects setting to Administrators and click Save Changes
  3. Navigate to any group and impersonate a user who is an Owner of the group.
  4. As the Owner, attempt to delete the group under Settings > General > Advanced > **Remove group**
  5. You should get redirected to the group page and get the banner.
  6. Stop impersonating the Owner user in the upper left.
  7. As Admin, go back to Settings > General > Visibility and access controls
  8. Set the Allowed to delete projects setting to Owners and Administrators and click Save Changes
  9. Impersonate the same Owner user again and attempt to delete the group under Settings > General > Advanced > **Remove group**
  10. The Owner should now be able to delete the group and it should be scheduled for deletion.
Edited by Cleveland Bledsoe Jr

Merge request reports