Skip to content

Conditionally handle AuthorizationsChangedEvent when policies exists

Alan (Maciej) Paruszewski requested to merge 448725-handle-auth-events-only-for-projects-with-security-policies into master

What does this MR do and why?

This MR adds a dispatch? check to Security::ScanResultPolicies::AddApproversToRulesWorker to conditionally handle events only when they are performed for projects with Security Policies licensed and enabled.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce quality, performance, reliability, security, and maintainability.

How to set up and validate locally

  1. Create a new project
  2. Create a new MR in this project
  3. Add a new user to this project (Manage -> Members)
  4. At the same time, observe logs for sidekiq to see if ::Security::ScanResultPolicies::AddApproversToRulesWorker was executed; it should not.
  5. Create Merge Request Approval Policy for this project (Secure -> Policies -> Create new -> Merge Request Approval Policy),
  6. Add another user to this project (Manage -> Members)
  7. At the same time, observe logs for sidekiq to see if ::Security::ScanResultPolicies::AddApproversToRulesWorker was executed; it should execute.

Related to #448725 (closed)

Merge request reports