Extend Packages Project policy to consider access level
What does this MR do and why?
This MR is the next step of the implementation plan in #329253 (closed).
In !82808 (merged), we added a new Package Registry visiblity setting to the project settings (behind a feature flag). This MR extends the Packages::Policies::ProjectPolicy
policy to consider the new package_registry_access_level
setting.
/cc @bufferoverflow
How to set up and validate locally
-
Enable the feature flag:
Feature.enable(:package_registry_access_level)
-
Change the
package_registry_access_level
of a private project to allow access for everyone:project = Project.find(2) project.project_feature.update!(package_registry_access_level: ProjectFeature::PUBLIC)
-
Check if policy allows
:read_package
permission for anonymous user (nil):Packages::Policies::ProjectPolicy.new(nil, project.packages_policy_subject).allowed?(:read_package)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Jonas Wälter