Remove unscoped policies from projects

Alexander Turinskerequested to merge
579772-remove-unscoped-policies-from-projects into master

What does this MR do and why?

Remove unscoped policies from projects

  • do not retrieve unscoped policies for projects

Changelog: fixed

EE: true

References

Screenshots or screen recordings

Before After
image image

How to set up and validate locally

  1. Go to a top level group.
  2. Create a subgroup Alpha.
  3. Create another subgroup under Alpha named Bravo.
  4. Create two dummy projects under Bravo group. Ideally you should have something like this.
Top level group
|- Alpha
  |- Bravo
    |- project_01
    |- project_02
  1. Create a Scan Execution Policy under group Alpha and limit the scope to project_01.
  2. Go to project_02 => Secure => Policies
  3. Verify the new policy does not exist in the list
  4. Go to project_01 => Secure => Policies
  5. Verify the new policy does exist in the list
  6. Verify for each project type

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #579772

Merge request reports