Handle framework project settings deletion

Jean van der Waltrequested to merge
556784-handle-framework-deletion into master

What does this MR do and why?

Deletes project settings when a CSP Group's framework gets deleted.

How to set up and validate locally

Please use 556784-handle-framework-deletion-testing for local validation, as this incorporates a commit that allows you to assign a framework from the CSP Group to a project.

Ensure you have a local setup with an ultimate license, and at least two top level groups.

Setup Group with CSP flag.

  1. Enable the feature flags:

    Feature.enable(:security_policies_csp)
Feature.enable(:include_csp_frameworks)

  2. Create a top-level group and assign it as a CSP using rails console:

    Security::PolicySetting.instance.update! csp_namespace: Group.find(<group_id>)

Now navigate to your CSP Group(example for gitlab-org/gitlab-test) to the Compliance Frameworks page and create a new framework. Making sure to at least supply a name name, description and color.

When finished click on "Create Framework".

Now navigate to the Compliance Center for a different top-level group that is not the CSP Group, the framework will be visible there as well.

Go to the projects tab, and underneath action click the pen icon and assign your newly created CSP Group framework to the project.

Go back to the framework landing page for the CSP Group, and delete the framework, the project settings that was created when the framework was assigned will now be deleted along with the framework. Note, this runs in a background job, so http://gitlab.localdev:3000/admin/sidekiq/queues will show when this happens.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #556784 (closed)

Edited by Jean van der Walt

Merge request reports