Move checks if import source is enabled to service layer
What does this MR do and why?
This MR introduces check if relevant import source is enabled inside project creation service
In terms of security this means that we are safe against creating projects with certain import_type
when relevant parts are disabled
This is done to ensure, that we will not forget proper checks (which are already done in controllers) for import sources being enabled/disabled and will not introduce new security risks
Related to #340800 (closed) Describe in detail what your merge request does and why.
How to set up and validate locally
- Enable or disable certain import sources in admin
- Try to start import for disabled source either via ui (should not be seen) or via API
- Observe forbidden error message
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Illya Klymov