Direct Transfer should respect group membership lock

James Nuttrequested to merge
jnutt/559224-dt-respect-group-limit into master

What does this MR do and why?

This one is slightly different to the MRs for file-based and GitHub import because of the way Direct Transfer handles group import.

project#membership_locked? returns true if the restriction is in place on the direct parent of the project.

Group
┗ Project
  ┗ Member
DestinationGroup
┗ Group
  ┗ Project
  ┗ Member

So for group import, it's kind of irrelevant: membership only seems to be created on the group anyway, and that's unaffected by this setting.

This MR does however still apply when using the DT API to import a project entity directly.

curl --request POST \
  --url "http://gdk.test:3000/api/v4/bulk_imports" \
  --header "content-type: application/json" \
  --header "PRIVATE-TOKEN: $GITLAB_DEV_TOKEN" \
  --data "{
    \"configuration\": {
      \"url\": \"http://gdk.test:3000\",
      \"access_token\": \"$GITLAB_DEV_TOKEN\"
    },
    \"entities\": [
      {
        \"source_full_path\": \"nested-lock/next-level/nested-lock-project\",
        \"source_type\": \"project_entity\",
        \"destination_slug\": \"imported-project\",
        \"destination_namespace\": \"dest-namespace\",
        \"migrate_projects\": true
      }
    ]
  }"

In this case, we would still expect the destination group setting to be respected.

References

#559224

How to set up and validate locally

  1. Create a destination group and disable direct project memberships.
    • /groups/example-group/-/edit#js-permissions-settings
  2. Import a project directly into the group using the Direct Transfer API. 
    curl --request POST \
  --url "http://gdk.test:3000/api/v4/bulk_imports" \
  --header "content-type: application/json" \
  --header "PRIVATE-TOKEN: $GITLAB_DEV_TOKEN" \
  --data "{
    \"configuration\": {
      \"url\": \"http://gdk.test:3000\",
      \"access_token\": \"$GITLAB_DEV_TOKEN\"
    },
    \"entities\": [
      {
        \"source_full_path\": \"source-group/source-project\",
        \"source_type\": \"project_entity\",
        \"destination_slug\": \"imported-project-001\",
        \"destination_namespace\": \"example-group\",
        \"migrate_projects\": true
      }
    ]
  }"
  3. Verify the following:
    1. The tracker is marked as skipped.
    2. No direct membership should be created on the project.
    3. A log entry should be created in log/exporter.log

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by James Nutt

Merge request reports