Update logic for invited groups with custom roles
What does this MR do and why?
- In a previous MR, !157256 (merged), we added the ability for invited groups to be assigned a custom role.
- The issue with that MR was that it wasn't taking into account the
access level
of the user in the invited group. So, this MR updates the logic in accordance to the acceptance criteria, listed below. - Let's say we have a user
Bob
inGroup A
.Group B
invites the entireGroup A
with roleReporter
. In that case,access_level = Guest, group_access = Reporter
.
if access_level < group_access:
-> access_level
if access_level == group_access:
if member.member_role_id is null:
-> access_level
if member.member_role_id is not null:
-> group_access + group_link.member_role_id
If access_level > group_access:
-> group_access + group_link.member_role_id
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screen_Recording_2024-07-30_at_6.28.54_PM
How to set up and validate locally
-
Make you are on an Ultimate license and you have SaaS mode off.
-
In the rails console:
# enable feature
Feature.enable(:assign_custom_roles_to_group_links)
# create two member roles
MemberRole.create(base_access_level: 30, name: "Developer Lead", manage_merge_request_settings: true)
MemberRole.create(base_access_level: 30, name: "Platform Engineer", admin_cicd_variables: true, manage_deploy_tokens: true)
-
Create users in various groups, according to the acceptance criteria listed in the issue - #443369
-
Navigate to
Group A
, ensure that all group members have the expected output next to them. -
You can also log-in as each group member and ensure that they have the right access level + member role permissions in
Group A
.
Related to #443369
Edited by Hinam Mehra