Improve VSD warning messages for failed API requests
What does this MR do and why?
For the Value stream dashboard:
- fix the missing alerts on metric request failure
- Converts the error alerts to warning alerts, so that the user is still able to view the other metrics in the panel
- Add permissions checking for DORA/Flow/Vulnerability metrics. This will filter out restricted metrics, show the user a warning and prevent the API request if permissions are lacking.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
| Before | After (no permissions) | After (failed request) |
|---|---|---|
 |
 |
 |
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Stop clickhouse if you have it running:
gdk stop clickhouse - Navigate to the Value stream dashboard for any group (ex. http://gdk.test:3000/groups/flightjs/-/analytics/dashboards/value_streams_dashboard)
- The
Contributor countmetric should fail to load with a warning - In order to trigger the permissions restrictions, apply some or all of this diff
diff --git a/ee/app/policies/ee/group_policy.rb b/ee/app/policies/ee/group_policy.rb
index 4e7158d3ece9..ef633db0e79d 100644
--- a/ee/app/policies/ee/group_policy.rb
+++ b/ee/app/policies/ee/group_policy.rb
@@ -29,7 +29,8 @@ module GroupPolicy
end
condition(:cycle_analytics_available, scope: :subject) do
- @subject.feature_available?(:cycle_analytics_for_groups)
+ false
+ # @subject.feature_available?(:cycle_analytics_for_groups)
end
condition(:group_ci_cd_analytics_available, scope: :subject) do
@@ -57,7 +58,8 @@ module GroupPolicy
end
condition(:dora4_analytics_available, scope: :subject) do
- @subject.feature_available?(:dora4_analytics)
+ false
+ # @subject.feature_available?(:dora4_analytics)
end
condition(:group_membership_export_available, scope: :subject) do
@@ -77,7 +79,8 @@ module GroupPolicy
end
condition(:security_dashboard_enabled, scope: :subject) do
- @subject.feature_available?(:security_dashboard)
+ false
+ # @subject.feature_available?(:security_dashboard)
end
condition(:prevent_group_forking_available, scope: :subject) do- Now if you reload the page, the restricted metrics should be hidden from the table. The panel warning should list the hidden metrics.
Related to #460830 (closed)
Edited by Alex Pennells