Skip to content

Internal user authz

Warren Gifford requested to merge internal-user-authz into main

Created by: camdencheek

This updates code monitors and saved searches to run with the owning user ID. Additionally, it removes the possibility for code monitors and saved searches to be owned by an organization rather than a user.

This updates the database layer to not reference the deprecated org_id columns on both tables, but does not go as far as changing the graphql API to not accept org IDs. However, it will now error if an org ID rather than a user is given.

We are removing support for org-owned saved searches and code monitors because there is no clear way to handle permissions for running a query "as" an org. Currently, we run code monitors as site admin, which can leak information about the existence of search results for repos that a user does not have access to. This PR changes it so we run as the user who created the code monitor, so a user can't get information about any repos they don't already have access to.

Merge request reports

Loading