in a project members' list. Add tests for possible scenarios

Re-factor and remove N + 1 queries

Remove author from changelog

Don't use memoisation when not needed

Include users part of parents of project's group

Re-factor tests

Create and add users according to roles

Re-use group created earlier

Add incomplete test for ancestoral groups

Rename method to clarify category of groups

Skip pending test, remove comments not needed

Remove extra line

Include ancestors from invited groups as well

Add specs for participants service

Add more specs

Add more specs

use  instead of

Use public group owner instead of project maintainer to test owner acess

Remove tests that have now been moved into participants_service_spec

Use :context instead of :all

Create nested group instead of creating an ancestor separately

Add comment explaining doubt on the failing spec

Imrpove test setup

Optimize sql queries

Refactor specs file

Add rubocop disablement

Add special case for project owners

Add small refactor

Add explanation to the docs

Fix wording

Refactor group check

Add small changes in specs

Add cr remarks

Add cr remarks

Add specs

Add small refactor

Add code review remarks

Refactor for better database usage

Fix failing spec

Remove rubocop offences

Add cr remarks

[ci skip]

[ci skip]

Quarantine some ECDSA related tests due to bumping openssl

See merge request gitlab-org/gitlab!18016

[ci skip]

[ci skip]

Fix private feature Elasticsearch leak

See merge request gitlab/gitlabhq!3450

Add spec to test different combinations.
Accept string for required_minimum_access_level
Allow more flexible project membership query

Fix broken specs : Generate new GPG key in place of expired one

Closes #32956

See merge request gitlab-org/gitlab!17853

[ci skip]

Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.65.1]

See merge request gitlab/gitlabhq!3433

Prevent Bypassing Email Verification using Salesforce

See merge request gitlab/gitlabhq!3395

Check that SAML identity linking validates the origin of the request

See merge request gitlab/gitlabhq!3396

Only render fixed number of mermaid blocks

See merge request gitlab/gitlabhq!3411

Merge branch 'security-12717-fix-confidential-issue-assignee-visible-to-guests-12-3' into '12-3-stable'

Display only participants that user has permission to see

See merge request gitlab/gitlabhq!3421

Redirect user to root path after unsubscribing from private resource

See merge request gitlab/gitlabhq!3423

Hide disabled project milestones in project settings on group level

See merge request gitlab/gitlabhq!3424

Add policy check if cross reference system notes are accessible

See merge request gitlab/gitlabhq!3426

Cancel all running CI jobs when user is blocked

See merge request gitlab/gitlabhq!3436

Filter not accessible label events

See merge request gitlab/gitlabhq!3440

Label events may use cross-project or cross-group references,
if the projects are not accessible by user, we don't show these
label events.

[ci skip]

This prevents a MITM attack where attacker could
still access Git repository if any jobs were
running long enough.

If user unsubsrcribes from a resource that they no longer have
access to they should not be revealed the resource path, but be
redirected to app root instead.

https://gitlab.com/gitlab-org/gitlab-ce/issues/64938

Fix rubocop offences and add changelog

Add email_verified key for feature specs

Add code review remarks

Add code review remarks

Fix specs