Skip to content

Scope security_policy_settings to organizations

Martin Čavojrequested to merge
541510-scope-csp-under-organizations into master

What does this MR do and why?

The current approach doesn't work with Cells and is not easily extendable to Organizations (#541510 (comment 2597696243)). According to the epic, the feature should be built with Organizations in mind:

Ensuring that what is built is appropriately scoped to avoid any issues with 'uplifting' or 'moving' said feature to the Organization scoping mechanism when that is ready.

This MR addresses it.

  • Add organization_id to security_policy_settings
  • Replace usage of SingletonRecord with .for_organization
  • Use organization of namespace / project to fetch the related policy setting
  • Use default organization for API / admin settings for now (a follow-up issue #553216 to use the current organization)
  • There shouldn't be any change to the functionality

References

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #541510 (closed)

Edited by Martin Čavoj

Merge request reports