Commit 2b3b0bb1 authored by James Lopez's avatar James Lopez

Merge branch 'sh-allow-equal-level-in-subgroup-membership' into 'master'

Allow a member to have an access level equal to parent group

Closes gitlab-ee#11323

See merge request gitlab-org/gitlab-ce!27913
parents 6835a64d 32ddc3fe
...@@ -446,10 +446,10 @@ class Member < ApplicationRecord ...@@ -446,10 +446,10 @@ class Member < ApplicationRecord
end end
def higher_access_level_than_group def higher_access_level_than_group
if highest_group_member && highest_group_member.access_level >= access_level if highest_group_member && highest_group_member.access_level > access_level
error_parameters = { access: highest_group_member.human_access, group_name: highest_group_member.group.name } error_parameters = { access: highest_group_member.human_access, group_name: highest_group_member.group.name }
errors.add(:access_level, s_("should be higher than %{access} inherited membership from group %{group_name}") % error_parameters) errors.add(:access_level, s_("should be greater than or equal to %{access} inherited membership from group %{group_name}") % error_parameters)
end end
end end
end end
---
title: Allow a member to have an access level equal to parent group
merge_request: 27913
author:
type: fixed
...@@ -11475,7 +11475,7 @@ msgstr[1] "" ...@@ -11475,7 +11475,7 @@ msgstr[1] ""
msgid "score" msgid "score"
msgstr "" msgstr ""
msgid "should be higher than %{access} inherited membership from group %{group_name}" msgid "should be greater than or equal to %{access} inherited membership from group %{group_name}"
msgstr "" msgstr ""
msgid "show less" msgid "show less"
......
...@@ -70,6 +70,16 @@ describe Member do ...@@ -70,6 +70,16 @@ describe Member do
expect(child_member).not_to be_valid expect(child_member).not_to be_valid
end end
# Membership in a subgroup confers certain access rights, such as being
# able to merge or push code to protected branches.
it "is valid with an equal level" do
child_member.access_level = GroupMember::DEVELOPER
child_member.validate
expect(child_member).to be_valid
end
it "is valid with a higher level" do it "is valid with a higher level" do
child_member.access_level = GroupMember::MAINTAINER child_member.access_level = GroupMember::MAINTAINER
......
...@@ -236,7 +236,7 @@ describe API::Members do ...@@ -236,7 +236,7 @@ describe API::Members do
params: { user_id: stranger.id, access_level: Member::REPORTER } params: { user_id: stranger.id, access_level: Member::REPORTER }
expect(response).to have_gitlab_http_status(400) expect(response).to have_gitlab_http_status(400)
expect(json_response['message']['access_level']).to eq(["should be higher than Developer inherited membership from group #{parent.name}"]) expect(json_response['message']['access_level']).to eq(["should be greater than or equal to Developer inherited membership from group #{parent.name}"])
end end
it 'creates the member if group level is lower', :nested_groups do it 'creates the member if group level is lower', :nested_groups do
......
...@@ -41,7 +41,7 @@ shared_examples_for 'inherited access level as a member of entity' do ...@@ -41,7 +41,7 @@ shared_examples_for 'inherited access level as a member of entity' do
member.update(access_level: Gitlab::Access::REPORTER) member.update(access_level: Gitlab::Access::REPORTER)
expect(member.errors.full_messages).to eq(["Access level should be higher than Developer inherited membership from group #{parent_entity.name}"]) expect(member.errors.full_messages).to eq(["Access level should be greater than or equal to Developer inherited membership from group #{parent_entity.name}"])
end end
it 'allows changing the level from a non existing member' do it 'allows changing the level from a non existing member' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment