Add set_new_work_item_metadata permission query (!193502) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

This change introduces new permission controls for setting metadata (like labels, assignees, etc.) when creating new issues and work items in GitLab projects and groups.

Previously, the system used a broader rule that allowed any project member with guest access to set metadata on new issues. The new implementation creates specific permissions called set_new_issue_metadata and set_new_work_item_metadata that are granted to:

Any user with guest-level access or higher who is a member of the project/group
Administrators when admin mode is enabled

This ensures better access control while maintaining the ability for team members to properly categorize and organize new issues and work items when they create them.

References

#537672 (comment 2537817389)

Screenshots or screen recordings

Before	After

How to set up and validate locally

Open Graphql Explorer http://gdk.test:3000/-/graphql-explorer and run the following query

Query:

{
  namespace(fullPath: "dodie.mante/gitlab-smoke-tests") {
    userPermissions {
      setNewWorkItemMetadata
    }
  }
}

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #537672 (closed)

Edited Jun 20, 2025 by Siddharth Dungarwal

Add set_new_work_item_metadata permission query

What does this MR do and why?

References

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports