Commit 731bb937 authored by Thong Kuah's avatar Thong Kuah

Merge branch '321380-compliance-framework-assignment-regression' into 'master'

Fix issue where project maintainers can not assign compliance frameworks

See merge request gitlab-org/gitlab!54071
parents 097abe54 e97a34dd
...@@ -60,6 +60,10 @@ module EE ...@@ -60,6 +60,10 @@ module EE
@subject.feature_available?(:project_merge_request_analytics) @subject.feature_available?(:project_merge_request_analytics)
end end
condition(:custom_compliance_framework_available) do
::Feature.enabled?(:ff_custom_compliance_frameworks)
end
with_scope :subject with_scope :subject
condition(:group_push_rules_enabled) do condition(:group_push_rules_enabled) do
@subject.group && @subject.group.feature_available?(:push_rules) @subject.group && @subject.group.feature_available?(:push_rules)
...@@ -402,6 +406,7 @@ module EE ...@@ -402,6 +406,7 @@ module EE
rule { requirements_available & owner }.enable :destroy_requirement rule { requirements_available & owner }.enable :destroy_requirement
rule { compliance_framework_available & can?(:owner_access) }.enable :admin_compliance_framework rule { compliance_framework_available & can?(:owner_access) }.enable :admin_compliance_framework
rule { compliance_framework_available & can?(:maintainer_access) & ~custom_compliance_framework_available }.enable :admin_compliance_framework
rule { status_page_available & can?(:owner_access) }.enable :mark_issue_for_publication rule { status_page_available & can?(:owner_access) }.enable :mark_issue_for_publication
rule { status_page_available & can?(:developer_access) }.enable :publish_status_page rule { status_page_available & can?(:developer_access) }.enable :publish_status_page
......
---
title: Fix issue where maintainers could not set compliance framework for projects
merge_request: 54071
author:
type: fixed
...@@ -1537,27 +1537,29 @@ RSpec.describe ProjectPolicy do ...@@ -1537,27 +1537,29 @@ RSpec.describe ProjectPolicy do
let(:policy) { :admin_compliance_framework } let(:policy) { :admin_compliance_framework }
where(:role, :feature_enabled, :admin_mode, :allowed) do where(:role, :feature_enabled, :admin_mode, :custom_framework_flag, :allowed) do
:guest | false | nil | false :guest | false | nil | false | false
:guest | true | nil | false :guest | true | nil | false | false
:reporter | false | nil | false :reporter | false | nil | false | false
:reporter | true | nil | false :reporter | true | nil | false | false
:developer | false | nil | false :developer | false | nil | false | false
:developer | true | nil | false :developer | true | nil | false | false
:maintainer | false | nil | false :maintainer | false | nil | false | false
:maintainer | true | nil | false :maintainer | true | nil | false | true
:owner | false | nil | false :maintainer | true | nil | true | false
:owner | true | nil | true :owner | false | nil | false | false
:admin | false | false | false :owner | true | nil | false | true
:admin | false | true | false :admin | false | false | false | false
:admin | true | false | false :admin | false | true | false | false
:admin | true | true | true :admin | true | false | false | false
:admin | true | true | false | true
end end
with_them do with_them do
let(:current_user) { public_send(role) } let(:current_user) { public_send(role) }
before do before do
stub_feature_flags(ff_custom_compliance_frameworks: custom_framework_flag)
stub_licensed_features(compliance_framework: feature_enabled) stub_licensed_features(compliance_framework: feature_enabled)
enable_admin_mode!(current_user) if admin_mode enable_admin_mode!(current_user) if admin_mode
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment