Fix updating projects for CSP frameworks
What does this MR do and why?
Fixes up the scope that is checked when a framework is assigned to a project.
How to set up and validate locally
Ensure you have a local setup with an ultimate license, and at least two top level groups.
Setup Group with CSP flag.
-
Enable the feature flags:
Feature.enable(:security_policies_csp) Feature.enable(:include_csp_frameworks) -
Create a top-level group and assign it as a CSP using rails console:
Security::PolicySetting.instance.update! csp_namespace: Group.find(<group_id>)
Now navigate to your CSP Group(example for gitlab-org/gitlab-test) to the Compliance Frameworks page and create a new framework. Making sure to at least supply a name, description and color.
Now navigate to a non-CSP Group that would have that framework inherited, making sure that you have at least one project created. Click on edit framework, from the edit screen go down to projects, assign a project to the CSP framework.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Related to #560233 (closed)