Allow Organization Users access to view dependency list
What does this MR do and why?
This change allows members of the default organization the ability to view the Explore > Dependency list
page.
Before:
SELECT "sbom_occurrences".*
FROM "sbom_occurrences"
INNER JOIN "projects" ON "sbom_occurrences"."project_id" = "projects"."id"
WHERE "projects"."organization_id" = 1
AND "projects"."archived" = FALSE
ORDER BY "sbom_occurrences"."id" ASC
LIMIT 21
Time: 7.611 ms
- planning: 7.282 ms
- execution: 0.329 ms
- I/O read: 0.000 ms
- I/O write: 0.000 ms
Shared buffers:
- hits: 117 (~936.00 KiB) from the buffer pool
- reads: 0 from the OS file cache, including disk I/O
- dirtied: 0
- writes: 0
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/26760/commands/83517
After:
SELECT "sbom_occurrences".*
FROM "sbom_occurrences"
INNER JOIN "projects" ON "sbom_occurrences"."project_id" = "projects"."id"
WHERE "projects"."organization_id" = 1
AND "projects"."archived" = FALSE
AND "sbom_occurrences"."project_id" IN (
SELECT "project_authorizations"."project_id" FROM "project_authorizations"
WHERE "project_authorizations"."user_id" = 3482158
)
ORDER BY "sbom_occurrences"."id" ASC
LIMIT 21
Time: 57.311 ms
- planning: 18.106 ms
- execution: 39.205 ms
- I/O read: 0.000 ms
- I/O write: 0.000 ms
Shared buffers:
- hits: 45299 (~353.90 MiB) from the buffer pool
- reads: 0 from the OS file cache, including disk I/O
- dirtied: 0
- writes: 0
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/26897/commands/83774
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Owner | Developer |
---|---|
How to set up and validate locally
- In rails console enable the experiment fully
Feature.enable(:explore_dependencies)
- Visit
http://127.0.0.1:3000/explore/dependencies
as a user with the Developer or Maintainer role - Verify the list of dependencies are from projects that the user should have access to
Edited by mo khan