Remove redundant owner checks from Projects::GroupLinks services (!212726) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

This MR cleans up the Projects::GroupLinks::CreateService and Projects::GroupLinks::UpdateService by removing redundant owner validation logic. Both services had special-case checks for owners. The CreateService had adding_a_group_as_owner? and cannot_assign_owner_responsibilities_to_member_in_project? methods and the UpdateService had allowed_to_update_to_or_from_owner?, upgrading_to_owner?, and touching_an_owner? methods for authorizing owner access level.

These checks are redundant because the authorization is already enforced through the policies and this MR address the permissions to make sure that only owners can create and update group links.

So this will also fix this issue: https://gitlab.com/gitlab-org/gitlab/-/issues/580567

References

Part of the effort to remove the special handling for the manage_owners permission and consolidate all role assignment logic through the new Authz::Role utility class. https://gitlab.com/gitlab-org/gitlab/-/issues/560172

Screenshots or screen recordings

Before	After

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Remove redundant owner checks from Projects::GroupLinks services

What does this MR do and why?

References

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports