Skip to content

Allow Organization Users access to view dependency list

mo khan requested to merge mokhax/438747/maintainer-explore-dependencies into master

What does this MR do and why?

This change allows members of the default organization the ability to view the Explore > Dependency list page.

#438747 (closed)

Before:

SELECT "sbom_occurrences".*
FROM "sbom_occurrences"
INNER JOIN "projects" ON "sbom_occurrences"."project_id" = "projects"."id"
WHERE "projects"."organization_id" = 1
AND "projects"."archived" = FALSE
ORDER BY "sbom_occurrences"."id" ASC
LIMIT 21
Time: 7.611 ms
  - planning: 7.282 ms
  - execution: 0.329 ms
    - I/O read: 0.000 ms
    - I/O write: 0.000 ms

Shared buffers:
  - hits: 117 (~936.00 KiB) from the buffer pool
  - reads: 0 from the OS file cache, including disk I/O
  - dirtied: 0
  - writes: 0

https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/26760/commands/83517

After:

SELECT "sbom_occurrences".*
FROM "sbom_occurrences"
INNER JOIN "projects" ON "sbom_occurrences"."project_id" = "projects"."id"
WHERE "projects"."organization_id" = 1
AND "projects"."archived" = FALSE
AND "sbom_occurrences"."project_id" IN (
  SELECT "project_authorizations"."project_id" FROM "project_authorizations"
  WHERE "project_authorizations"."user_id" = 3482158
)
ORDER BY "sbom_occurrences"."id" ASC
LIMIT 21
Time: 57.311 ms
  - planning: 18.106 ms
  - execution: 39.205 ms
    - I/O read: 0.000 ms
    - I/O write: 0.000 ms

Shared buffers:
  - hits: 45299 (~353.90 MiB) from the buffer pool
  - reads: 0 from the OS file cache, including disk I/O
  - dirtied: 0
  - writes: 0

https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/26897/commands/83774

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Owner Developer
owner developer

How to set up and validate locally

  1. In rails console enable the experiment fully 
    Feature.enable(:explore_dependencies)
  2. Visit http://127.0.0.1:3000/explore/dependencies as a user with the Developer or Maintainer role
  3. Verify the list of dependencies are from projects that the user should have access to
Edited by mo khan

Merge request reports