The source project of this merge request has been removed.
Limit non-administrators to adding 100 members at a time to groups and projects
What does this MR do?
Introduces a 100-member limit when adding users as members to groups or projects
Are there points in the code the reviewer needs to double check?
The number was chosen entirely arbitrarily in #27148 (closed)
Why was this MR needed?
Allowing unprivileged users to specify arbitrarily large amounts of work for GitLab to do is a security risk
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Branch has no merge conflicts with master
(if it does - rebase it please) -
Squashed related commits together
What are the relevant issue numbers?
Closes #27148 (closed)