Fix permission to modify project MR rules on compliance-labeled projects
What does this MR do?
This change fixes the issue where modification of project-level MR approval rules is locked due to the instance-level MR approval settings. The permission to edit project-level MR approval rules will no longer be controlled by instance-level setting until MR rules are introduced at instance-level in an upcoming release.
The label of the instance-level setting is also updated to be on-par with the one of project-level. This meant the UI at instance-level needs to have the read/write logic flipped.
In the below screenshots you can see this in action.
Before
When the option Prevent users from modifying merge request approvers list
is set on the instance-level, the project-level approval rules are uneditable and the option Can override approvers and approvals required per merge request
is unchecked. The opposite is true when the instance-level option is not set.
Admin | Project |
---|---|
After
When the option Can override approvers and approvals required per merge request
is set on the instance-level, the option Can override approvers and approvals required per merge request
is checked. The opposite is true when the instance-level option is not set. The project-level approval rules are no longer affected by the instance-level option.
Admin | Project |
---|---|
Relates to #239349 (closed)
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team