Fix user role is not shown in epic comments
What does this MR do?
This MR fixes a bug where the user role is never shown in the epic comments. The user role badge will be identical to the one in issue and merge request comments.
The bug is fixed by exposing the human_access
property (human-readable access level) in the epic notes. The property is used in the noteable_note.vue
component responsible for rendering a comment.
Related to #29648 (closed)
This MR is blocked. Currently the performance for large groups is not acceptable; we would need something like #195423 (closed) to be implemented first.
Screenshots (strongly suggested)
Before | After |
---|---|
![]() |
![]() |
Query changes
One query is added, to fetch access for a set of users to a group:
SELECT
MAX("members"."access_level") AS maximum_access_level,
"members"."user_id" AS members_user_id
FROM ((
SELECT
"members".\ *
FROM
"members"
LEFT OUTER JOIN "users" ON "members"."user_id" = "users"."id"
WHERE
"members"."type" = 'GroupMember'
AND "members"."source_type" = 'Namespace'
AND "users"."state" = 'active'
AND "members"."requested_at" IS NULL
AND "members"."invite_token" IS NULL
AND (members.access_level > 5)
AND (members.access_level > 5)
AND "members"."source_id" IN ( WITH RECURSIVE "base_and_ancestors" AS (
(
SELECT
"namespaces".\ *
FROM
"namespaces"
WHERE
"namespaces"."type" = 'Group'
AND "namespaces"."id" = 90)
UNION (
SELECT
"namespaces".\ *
FROM
"namespaces",
"base_and_ancestors"
WHERE
"namespaces"."type" = 'Group'
AND "namespaces"."id" = "base_and_ancestors"."parent_id"))
SELECT
"id"
FROM
"base_and_ancestors" AS "namespaces"))
UNION ( WITH "group_group_links_cte" AS (
SELECT
"group_group_links".\ *
FROM
"group_group_links"
WHERE
"group_group_links"."shared_group_id" IN ( WITH RECURSIVE "base_and_ancestors" AS (
(
SELECT
"namespaces".\ *
FROM
"namespaces"
WHERE
"namespaces"."type" = 'Group'
AND "namespaces"."id" = 90)
UNION (
SELECT
"namespaces".\ *
FROM
"namespaces",
"base_and_ancestors"
WHERE
"namespaces"."type" = 'Group'
AND "namespaces"."id" = "base_and_ancestors"."parent_id"))
SELECT
"id"
FROM
"base_and_ancestors" AS "namespaces"))
SELECT
"members"."id",
LEAST ("group_group_links"."group_access", "members"."access_level") AS access_level,
"members"."source_id",
"members"."source_type",
"members"."user_id",
"members"."notification_level",
"members"."type",
"members"."created_at",
"members"."updated_at",
"members"."created_by_id",
"members"."invite_email",
"members"."invite_token",
"members"."invite_accepted_at",
"members"."requested_at",
"members"."expires_at",
"members"."ldap",
"members"."override"
FROM
"members",
"group_group_links_cte" AS "group_group_links"
WHERE
"members"."type" = 'GroupMember'
AND "members"."source_type" = 'Namespace'
AND "members"."requested_at" IS NULL
AND "members"."source_id" = "group_group_links"."shared_with_group_id"
AND "members"."source_type" = 'Namespace'
AND (members.access_level > 5))) members
WHERE
"members"."type" = 'GroupMember'
AND "members"."source_type" = 'Namespace'
AND "members"."user_id" IN (51, 3, 80, 1)
GROUP BY
"members"."user_id"
See !49532 (comment 487924858) for the source of the variables here.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team