Fix new group visibility form for non-admins52771-ldap-users-can-t-choose-private-or-internal-when-creating-a-new-group

Removes an owner permission check before rendering the visibility
select radio inputs as non-admins will not have permission.

Ensures all users creating a group can select its visibility.

3 files changed, 27 insertions, 2 deletions

diff --git a/app/views/groups/new.html.haml b/app/views/groups/new.html.haml
index 0904e44a658..51dcc9d0cda 100644
--- a/app/views/groups/new.html.haml
+++ b/app/views/groups/new.html.haml
@@ -35,7 +35,7 @@
           %p
             = _('Who will be able to see this group?')
             = link_to _('View the documentation'), help_page_path("public_access/public_access"), target: '_blank'
-          = render 'shared/visibility_level', f: f, visibility_level: @group.visibility_level, can_change_visibility_level: can_change_group_visibility_level?(@group), form_model: @group, with_label: false
+          = render 'shared/visibility_level', f: f, visibility_level: default_group_visibility, can_change_visibility_level: true, form_model: @group, with_label: false
 
           = render 'create_chat_team', f: f if Gitlab.config.mattermost.enabled
 
diff --git a/changelogs/unreleased/52771-ldap-users-can-t-choose-private-or-internal-when-creating-a-new-group.yml b/changelogs/unreleased/52771-ldap-users-can-t-choose-private-or-internal-when-creating-a-new-group.yml
new file mode 100644
index 00000000000..a05ef75b6a6
--- /dev/null
+++ b/changelogs/unreleased/52771-ldap-users-can-t-choose-private-or-internal-when-creating-a-new-group.yml
@@ -0,0 +1,5 @@
+---
+title: Fix bug stopping non-admin users from changing visibility level on group creation
+merge_request: 22468
+author:
+type: fixed
diff --git a/spec/features/groups_spec.rb b/spec/features/groups_spec.rb
index 4d04b8043ec..d01fc04311a 100644
--- a/spec/features/groups_spec.rb
+++ b/spec/features/groups_spec.rb
@@ -1,8 +1,10 @@
 require 'spec_helper'
 
 describe 'Group' do
+  let(:user) { create(:admin) }
+
   before do
-    sign_in(create(:admin))
+    sign_in(user)
   end
 
   matcher :have_namespace_error_message do
@@ -16,6 +18,24 @@ describe 'Group' do
       visit new_group_path
     end
 
+    describe 'as a non-admin' do
+      let(:user) { create(:user) }
+
+      it 'creates a group and persists visibility radio selection', :js do
+        stub_application_setting(default_group_visibility: :private)
+
+        fill_in 'Group name', with: 'test-group'
+        find("input[name='group[visibility_level]'][value='#{Gitlab::VisibilityLevel::PUBLIC}']").click
+        click_button 'Create group'
+
+        group = Group.find_by(name: 'test-group')
+
+        expect(group.visibility_level).to eq(Gitlab::VisibilityLevel::PUBLIC)
+        expect(current_path).to eq(group_path(group))
+        expect(page).to have_selector '.visibility-icon .fa-globe'
+      end
+    end
+
     describe 'with space in group path' do
       it 'renders new group form with validation errors' do
         fill_in 'Group URL', with: 'space group'