Add granular token enforcement to top-level group settings (FE)

Hinam Mehrarequested to merge
593961-enforce-gpat-group-setting-ui into master

What does this MR do and why?

  • Add granular token enforcement to top-level group settings (frontend-only). The backend was already added in !229817 (merged)
  • Render the enforcement checkbox and date picker on the top-level group's Settings > General page when feature-flag granular_personal_access_tokens_enforcement_saas is enabled.

Screenshots or screen recordings

How to set up and validate locally

  1. Enable the feature flag:
Feature.enable(:granular_personal_access_tokens_enforcement)
Feature.enable(:granular_personal_access_tokens_enforcement_saas)
  1. Log-in as a user and navigate to any top-level group that you are an owner of.
  2. Go to Settings > General > Permissions and group features
  3. Check the box and select a date under Fine-grained personal access tokens

To validate feature end-to-end:

  1. Navigate to /-/user_settings/personal_access_tokens and create two tokens -> a fine-grained token with Member: Read permission on All groups and projects that I'm a member of and a Legacy token.
  2. If the enforcement is disabled, you will be able to access the endpoint /api/v4/groups/<GROUP_ID>/members with both tokens. If enforcement is enabled, only fine-grained token will be able to access the endpoint.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #593961 (closed)

Edited by Hinam Mehra

Merge request reports