Display unauthorized groups in admin area groups list page
What does this MR do and why?
Users with custom admin roles having the read_admin_groups permission should be able to view all groups in the admin area.
This MR updates the admin area groups list Vue component to use adminGroups GraphQL field instead of groups. adminGroups returns all groups (GroupType by default), including those the current user isn't a member of (as GroupMinimalAccess type).
References
Allow read-only access to `Admin Area > Project... (#557844 - closed)
Screenshots or screen recordings
| Before | After |
|---|---|
 |
 |
How to set up and validate locally
- Enable
custom_admin_roles, andread_admin_groupsfeature flags - Login with an admin, enable admin mode (doc), enter admin mode, and go to http://localhost:9393/admin/application_settings/roles_and_permissions/
- Create a custom admin role with
View Groupspermissions - Assign the custom admin role to a non-admin user (doc)
- Login with the user
- Go to Admin area groups page and verify that groups the user is not a member of are displayed in the list.
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Eugie Limpin