Prevent guest users from resolving discussions
What does this MR do and why?
Updates note policies to prevent guest users from resolving notes, and make necessary updates to work item design discussion component to use this data to hide unusable front-end affordances.
References
Screenshots or screen recordings
| Scenario | Before | After |
|---|---|---|
| Normal user on work item thread (no change) |  |
|
| Guest user on work item thread (can no longer resolve) |  |
 |
| Normal user on design item thread (no change) |  |
|
| Guest user on design item thread (can no longer resolve |  |
 |
How to set up and validate locally
- Check out this branch in the GDK
- Impersonate a guest user on a project that your normal user has regular or admin member permissions for
- In a new tab, view a work item with at least one thread (or create a thread)
- You will see that the guest user cannot resolve the thread
- In another new tab, view a design file (or upload one) that has a comment thread (or comment to create a thread on it)
- You will see that your guest user cannot resolve the comment threads on a design, even if they are the author
- Stop impersonating the guest user
- Go back to the tabs visited in steps 3 and 5 and refresh the pages.
- You will see that your normal user will be able to resolve the discussion threads in both places.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Related to #509146 (closed)