Non-admin users can set "Project Visibility" to "Public" when "Public" is disabled in admin "Restricted visibility" settings

Summary

When setting "Public" as a restricted visibility level in GitLab, non-admin users are still able to set "Project Visibility" to "Public" on project settings pages. When setting as "Public", it looks like this returns with success, but the dropdown is reverted back to "Private". Before 9.0.2, it wouldn't show the setting at all.

Steps to reproduce

1. Mark "Public" in "Restricted visibility" admin settings for projects
2. Impersonate a non-admin user
3. Head to project settings to change visibility

What is the current bug behavior?

Non-admin users can set project to "Public"

What is the expected correct behavior?

Option shouldn't be visible

Relevant logs and/or screenshots

https://gitlab.zendesk.com/agent/tickets/71960

mentioned in issue #30580 (closed)

added ~480950 label

@cpallares I was able to reproduce this in 9.0.4. Thanks for raising

added ~12980 label

changed milestone to %9.1

mentioned in issue #29527 (closed)

mentioned in issue #30680 (closed)

added Next Patch Release and removed ~480950 ~480950 ~65372 ~12980 ~12980 ~14106 labels

added ~480950 ~12980 labels

changed milestone to %9.0

assigned to @jameslopez

mentioned in merge request !10622 (merged)

closed via merge request !10622 (merged)

mentioned in commit d69deb1d

mentioned in commit 74d6c203

mentioned in commit a5ffb991