Add Remove Group custom ability
What does this MR do and why?
This adds "Remove group" as a custom role ability, so that it can be added onto any base role.
Issue: #425962 (closed)
Screenshots or screen recordings
Group member with custom role with base access level Guest
and the remove_group
ability:
As admin | As custom role user |
---|---|
![]() |
![]() |
How to set up and validate locally
- As admin:
- create a group and a subgroup and apply the Ultimate license to the top level group
- If SaaS mode is:
-
off: Visit http://localhost:3000/admin/application_settings/roles_and_permissions and create a custom role with the
Remove group
permission enabled, based onGuest
access -
on: Visit http://localhost:3000/groups/#{new_group}/-/settings/roles_and_permissions and create a custom role with the
Remove group
permission enabled, based onGuest
access
-
off: Visit http://localhost:3000/admin/application_settings/roles_and_permissions and create a custom role with the
- Invite a user to the group and assign the new custom role to the user
- As the new group member with custom access:
- Visit http://localhost:3000/groups/#{new_group}/#{new_subgroup}/-/edit and verify the page is accessible and you can delete and restore the group
- Verify you can delete and restore the group via REST API:
- Delete:
curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "http://localhost:3000/api/v4/groups/#{new_subgroup_id}"
- Restore:
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "http://localhost:3000/api/v4/groups/#{new_subgroup_id}/restore"
- Delete:
Edited by Alex Buijs