Stop unauthorized users dragging on milestone page (!7113) · Merge requests · GitLab.org / GitLab FOSS · GitLab

Do not update/delete: Banner broadcast message test data

Do not update/delete: Notification broadcast message test data

username-removed-86853 requested to merge blackst0ne/gitlab-ce:bugfix/dragging_milestones into master Oct 26, 2016

What does this MR do?

Removes an ability to drag and drop issues and merge request on milestone page if current user does not have permissions.

Are there points in the code the reviewer needs to double check?

Since current user may have ability to update some issues, but not others at the same time, I check permissions on each item in lists.

Why was this MR needed?

Just to prevent user dragging items if he doesn't have permissions.

Does this MR meet the acceptance criteria?

CHANGELOG entry added
Documentation created/updated
API support added
Tests
- Added for this feature/bug
- All builds are passing
Conform by the merge request performance guides
Conform by the style guides
Branch has no merge conflicts with master (if it does - rebase it please)
Squashed related commits together

What are the relevant issue numbers?

Closes #13670 (closed)