Revert Protected Environment group access inheritence

This commit reverts the group access inhertience in protected environments. Changelog: fixed

Revert Protected Environment group access inheritence
This commit reverts the group access inhertience in protected environments. Changelog: fixed
493a1d63 · Shinya Maeda · 098b5523 · 493a1d63 · 493a1d63
Commit 493a1d63 authored Mar 24, 2022 by Shinya Maeda
2 changed files
--- a/ee/app/models/protected_environments/authorizable.rb
+++ b/ee/app/models/protected_environments/authorizable.rb
@@ -25,7 +25,7 @@ module ProtectedEnvironments
      return false unless user
      return true if user.admin? # rubocop: disable Cop/UserAdmin
      return user.id == user_id if user_type?
-      return group.member?(user) if group_type?
+      return group.users.exists?(user.id) if group_type?
      protected_environment.container_access_level(user) >= access_level
    end

--- a/ee/spec/support/shared_examples/models/protected_environments/authorizable_examples.rb
+++ b/ee/spec/support/shared_examples/models/protected_environments/authorizable_examples.rb
@@ -68,19 +68,6 @@ RSpec.shared_examples 'authorizable for protected environments' do |factory_name
        it { is_expected.to be_truthy }
      end
-      context 'when there is an inherited member of a group' do
-        let_it_be(:parent_group) { create(:group) }
-        let_it_be(:child_group) { create(:group, parent: parent_group, projects: [project])}
-        let(:authorizable) { create(factory_name, protected_environment: protected_environment, group: child_group) }
-        before do
-          parent_group.add_reporter(user)
-        end
-        it { is_expected.to be_truthy }
-      end
      context 'when no permissions have been given to a group' do
        let(:authorizable) { create(factory_name, :maintainer_access, protected_environment: protected_environment) }