Extend GraphQL with policies overriding project approval settings in MR
What does this MR do and why?
This MR extends GraphQL with policies overriding project approval settings in MR so that we can show a warning icon near the approvals when the settings are being overridden.
FE is added in !175674 (merged).
References
Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.
- FE changes: !175674 (merged)
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
| Generic / when policy details are not populated | With single policy | With multiple policies |
|---|---|---|
 |
 |
 |
How to set up and validate locally
- Create a project
- In the project, create a policy which overrides approval settings:
approval_policy: - name: Any commit approvals description: '' enabled: false rules: - type: any_merge_request branch_type: protected commits: any actions: - type: require_approval approvals_required: 1 role_approvers: - developer - type: send_bot_message enabled: true approval_settings: block_branch_modification: true prevent_pushing_and_force_pushing: true prevent_approval_by_author: true prevent_approval_by_commit_author: true remove_approvals_with_new_commit: false require_password_to_approve: false fallback_behavior: fail: closed - Create MR and verify the data using GraphQL explorer:
{ project(fullPath: "<path-to-project>") { id mergeRequest(iid: "<mr-iid>") { id policiesOverridingApprovalSettings { name editPath settings } } } } - Update the violations to remove the link to
Security::ApprovalPolicyRuleMergeRequest.last.scan_result_policy_violations.update_all(approval_policy_rule_id: nil) - Verify that settings are still returned, with
nameandeditPathbeingnull
Related to #478175 (closed)
Edited by Martin Cavoj