Skip to content
Snippets Groups Projects

Enable `:download_code` on project for custom roles

Merged Jessie Young requested to merge jy-reporter-download-code into master

What does this MR do and why?

  • Adds policy check on a project so that a user with a custom role based on the GUEST role can download code if that custom role allows it.
  • This is gated on the customizable_roles feature flag being turned on for now because we want to evaluate performance before making it generally available
  • The custom role check applies to a custom role anywhere within the project hierarchy. If any custom roles for that user enable download_code, then they can download code unless another policy check explicitly prevents that.
  • This is an additive-only approach. Meaning that download_code: false does not take away the ability for a guest user to download code on a public repository. But download_code: true enables this ability for guest users on a private repository, who by default cannot download code.
  • These custom roles can be defined via the API endpoints created here: !96996 (merged)
  • Issue: #370088 (closed)

Screenshots or screen recordings

Screen recording of this working: https://www.youtube.com/watch?v=i4wLmgTBjZs (internal only)

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Jessie Young

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Jessie Young changed milestone to %15.5

    changed milestone to %15.5

  • Jessie Young marked the checklist item I have evaluated the MR acceptance checklist for this MR. as completed

    marked the checklist item I have evaluated the MR acceptance checklist for this MR. as completed

  • Jessie Young added 1 commit

    added 1 commit

    Compare with previous version

  • :wave: @jessieay, please can you answer the question: Should this have a feature flag? to help with code review for the Authentication and Authorization group.

    This nudge was added by this triage-ops policy.

  • Jessie Young added 1 commit

    added 1 commit

    • b676351c - Finder class for member role

    Compare with previous version

  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Please register or sign in to reply
    Loading