Allow all members and non-members of a project to tag all of the members
What does this MR do and why?
Consider following actors:
- A public project named public_project.
- A private group named private_group.
- A public group name public_group.
- User project_owner who is an owner of the public_project.
- Users private_member1 and private_member2 who are members of private_group.
- Users direct_member1 and direct_member2 are direct members of public_project.
- Users public_member1 and public_member2 who are members of public_group.
- User non_member who is not a member of public_project.
- private_group and public_group are invited to the public_project, hence their members are also members of public_project.
The following tables depicts if the members on the left most column will be able to tag the member listed on the top row of the column or not. Also note, this is for the situation if the member being tagged is not already a participant in the issue or merge request etc.
Present scenario:
- Members of private groups can only be tagged by either the project owner(s) or the members of the private group only or if the member is a participant in the issue/merge request etc. already.
- Non members can only be tagged if they are a participant in the issue/merge request etc.
- Non members can tag project owner(s), direct members and members of public groups invited to the project.
Tagger/Tagged | project_owner | private_member1 | private_member2 | direct_member1 | direct_member2 | public_member1 | public_member2 | non_member |
---|---|---|---|---|---|---|---|---|
project_owner | ||||||||
private_member1 | ||||||||
private_member2 | ||||||||
direct_member1 | ||||||||
direct_member2 | ||||||||
public_member1 | ||||||||
public_member2 | ||||||||
non_member |
For detailed explanation, refer #36069 (closed) and specifically #36069 (comment 1157289540).
What this MR does?
- All project members will be able to tag each other.
- Any non-project member will be able to tag each member of the project even if the member being tagged is a member of a private group and invited via that group.
Tagger/Tagged | project_owner | private_member1 | private_member2 | direct_member1 | direct_member2 | public_member1 | public_member2 | non_member |
---|---|---|---|---|---|---|---|---|
project_owner | ||||||||
private_member1 | ||||||||
private_member2 | ||||||||
direct_member1 | ||||||||
direct_member2 | ||||||||
public_member1 | ||||||||
public_member2 | ||||||||
non_member |
Why?
The idea as per #36069 (comment 1157289540) is all members of project should be able to tag each other for collaboration.
Explanation for the code change:
- The method
visible_groups
has been removed now, this method was responsible for filtering out the list of groups visible to the member from the invited groups. - Since now we want to allow all members as well as non members to tag all members of the project, the filtering of the invited projects is removed and
project.invited_groups
is being used directly.
Screenshots or screen recordings
NA
How to set up and validate locally
- Create 2 private groups and 1 public project in some public group.
- Invite both private groups to the public project.
- Try to tag a member of second private group from the account of one of the member of first private group, the member should be able to tag.
- Users who are not members of the project should not be able to tag members of private groups invited to the project.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #36069 (closed)
Edited by Hitesh Raghuvanshi