Allow access to Dependency list to members of a custom role
What does this MR do and why?
This change ensures that members of a custom role with the :read_dependency
permission are allowed to view the Explore / Dependency list
page. It looks like no code changes are needed because when a custom permission is applied through a custom role this action updates the users' project authorizations. I would like to preserve this behavior by submitting the tests included in this MR.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Before | After |
---|---|
Same as before but with more tests. |
How to set up and validate locally
- In rails console enable the experiment fully
Feature.enable(:explore_dependencies)
- Create a custom role with the
:read_dependency
permission enabled. - Assign role to a new or existing user.
- Log in as the target user.
- Visit
http://127.0.0.1:3000/explore/dependencies
Edited by mo khan