Skip to content

Move group "Administration" nav behind feature flag

What does this MR do?

This is a follow up to !28057 (merged). There has been some negative feedback around this change (see thread here: #209020 (closed)) and it probably should have been behind a feature flag from the get go (learning experience 🙂). Because of this we have decided to move this behind a feature flag until we can best determine how to proceed.

Changes

  • Moves group "Administration" nav behind group_administration_nav_item feature flag
  • Reverts documentation updates made in !28057 (merged). To be further discussed in #213726 (closed)

Local Testing

  1. Install an EE license. See https://about.gitlab.com/handbook/developer-onboarding/#working-on-gitlab-ee.
  2. Enable these SAML SSO related feature flags: group_saml, enforced_sso, and enforced_sso_requires_session
  3. Enable group_saml in config/gitlab.yml. See https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/saml.md#gitlab-configuration. Note: Ensure this is added to the development: section of your config
  4. Enable group_administration_nav_item feature flag
    • bin/rails console
    • group = Group.find_by(name: 'group name')
    • Feature.enable(:group_administration_nav_item, group)

Screenshots

Page Before !28057 (merged) was merged After w/ feature disabled After w/ feature enabled
Parent Group Screen_Shot_2020-03-25_at_2.42.45_PM gdk.localhost_3443_groups_gma-group_-_saml Screen_Shot_2020-04-07_at_2.12.00_PM
Subgroup localhost_3000_groups_gma_gma-subgroup_-edit__1 gdk.localhost_3443_groups_gma-group_sub-group_-edit__1 gdk.localhost_3443_groups_gma-group_sub-group_-edit__2

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Peter Hegman

Merge request reports

Loading