Fix group bot token name in REST API and GraphQL

What does this MR do and why?

Describe in detail what your merge request does and why.

With https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/1993, group access token names became hidden from the REST API and GraphQL queries for all users.

This MR introduces an additional check so that users who can read_group can now read group bot names. This includes guests+ in a private group, and all users including non-members in a public group.

Before:

After:

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

assigned to @serenafang

changed the description

changed title from Fix bot token name in issues to Fix group bot token name in issues

added 1 commit

• 9b70289c - Add specs for group token name

Compare with previous version

changed title from Fix group bot token name in issues to Fix group bot token name in REST API and GraphQL

mentioned in issue #347362 (closed)

added devopsmanage sectiondev workflowin dev + 1 deleted label

changed the description

added backend label

added 1 commit

• 7da5588e - Remove unneeded changes

Compare with previous version

added 1 commit

• 4cb901af - Remove unneeded changes

Compare with previous version

changed the description

@manojmj Would you also please review this MR? :)

Note: It'll need a rebase after !81472 (merged) merges

requested review from @manojmj

added 1 commit

• 951a8d1e - Apply reviewer suggestions

Compare with previous version

mentioned in merge request !81951 (closed)

Allure report

allure-report-publisher generated test report for 17b99900!

review-qa-reliable: test report
review-qa-smoke: test report

added 1 commit

• 9c2a684e - Move secure name method to HasUserType

Compare with previous version

added typebug label

approved this merge request

removed review request for @manojmj

@manojmj, thanks for approving this merge request.

This is the first time the merge request is approved. To ensure full test coverage, a new pipeline has been started.

For more info, please refer to the following links:

• rspec minimal jobs
• jest minimal jobs
• merging a merge request.

Reviewer roulette

Changes that require review have been detected!

Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:

Category	Reviewer	Maintainer
backend	Allison Browne (@allison.browne) (UTC-5, 1 hour ahead of @serenafang)	Max Woolf (@mwoolf) (UTC+0, 6 hours ahead of @serenafang)

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.

Generated by Danger

added 1 commit

• b5818abd - Apply reviewer suggestions

Compare with previous version

requested review from @manojmj

changed milestone to %14.9

requested review from @dbalexandre and removed review request for @manojmj

Thanks, @serenafang! I left only two notes. Checking your comment in !81843 (comment 857956512), is this ready to be merged, or is it dependent on !81472 (merged)?

removed review request for @dbalexandre

resolved all threads

added 1 commit

• a0858e25 - Apply maintainer suggestions

Compare with previous version

requested review from @dbalexandre

added 1588 commits

• a0858e25...35f1dd93 - 1580 commits from branch master
• 86a01c36 - Fix bot token name in issues
• 7fa72910 - Users who can read group should read group token
• 14b4120f - Add specs for group token name
• de35bb22 - Remove unneeded changes
• 79611ed1 - Apply reviewer suggestions
• 1edd7c71 - Move secure name method to HasUserType
• 803ca4b8 - Apply reviewer suggestions
• 17b99900 - Apply maintainer suggestions

Compare with previous version

approved this merge request

resolved all threads

enabled an automatic merge when the pipeline for 738ce710 succeeds

Thanks, @serenafang! This LGTM I rebased on top of master and set MWPS

merged

mentioned in commit 55cad6a2

added workflowstaging-canary label and removed workflowin dev label

added workflowstaging label and removed workflowstaging-canary label

added workflowcanary label and removed workflowstaging label

added workflowproduction label and removed workflowcanary label

mentioned in merge request !81472 (merged)