Skip to content

Create read_admin_subscription custom admin ability

Ian Andersonrequested to merge
507961-ia-read_admin_subscription into master

What does this MR do and why?

Related to #507961 (closed)

This MR adds the custom ability for a non-admin user to read the instance subscription details in the admin dashboard.

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

image

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Enable the feature flag. 
    Feature.enable(:custom_ability_read_admin_subscription)
  2. Create the admin role. 
    admin_member_role = MemberRole.create(name: 'View subscription', description: 'View subscription', read_admin_subscription: true)
  3. Assign the member role to a user 
    Users::UserMemberRole.create(member_role: admin_member_role, user: user)
  4. Log in with the user account and navigate to /admin/subscription. You should see the subscription details but not have any access to other admin functionality.
Edited by Ian Anderson

Merge request reports