Prevent guest users from repositioning other users' design notes
What does this MR do and why?
Guest users should only be able to reposition their own design notes.
References
- Permissions updates to the work items design ma... (#509146 - closed)
- ✂️ UX Paper Cuts 18.1 → Mixed milestone (#513102 - closed)
Screenshots or screen recordings
| Before | After |
|---|---|
| Screen_Recording_2025-05-21_at_15.53.11 | Screen_Recording_2025-05-21_at_15.46.37 |
How to set up and validate locally
- Check out this branch
- In the GDK, visit a design file and add a comment
- Find a user in the GDK that has guest access to the same project, or add one, and then impersonate that user
- Visit the design file and add a comment
- As the guest user, try to reposition the dot on the design for the comment written by the guest user. It will succeed.
- As the guest user, try to reposition the dot on the design for the comment written by your normal user. You will not be able to reposition it.
- Stop impersonating the guest user
- Return to the design file and repeat steps 5 and 6 above as your normal user. You will be able to reposition both comments.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Related to #509146 (closed)