Resolve "Add `/confidential` quick action for issues"

app/services/quick_actions/interpret_service.rb

@@ -561,6 +561,17 @@ module QuickActions
       end
     end
 
+    desc 'Make issue confidential.'
+    explanation do
+      'Makes this issue confidential'
+    end
+    condition do
+      issuable.is_a?(Issue) && current_user.can?(:"admin_#{issuable.to_ability_name}", issuable)
+    end
+    command :confidential do
+      @updates[:confidential] = true
+    end
+
     def extract_users(params)
       return [] if params.nil?
 

changelogs/unreleased/47145-quick-actions-confidential.yml

+---
+title: Add /confidential quick action
+merge_request:
+author: Jan Beckmann
+type: added

doc/user/project/quick_actions.md

@@ -42,3 +42,4 @@ do.
 | `/tableflip`               | Append the comment with `(╯°□°)╯︵ ┻━┻` |
 | `/shrug`                   | Append the comment with `¯\＿(ツ)＿/¯` |
 | <code>/copy_metadata #issue &#124; !merge_request</code> | Copy labels and milestone from other issue or merge request |
+| `/confidential`            | Makes the issue confidential |
\ No newline at end of file

spec/features/issues/user_uses_slash_commands_spec.rb

@@ -153,6 +153,42 @@ feature 'Issues > User uses quick actions', :js do
       end
     end
 
+    describe 'make issue confidential' do
+      let(:issue) { create(:issue, project: project) }
+      let(:original_issue) { create(:issue, project: project) }
+
+      context 'when the current user can update issues' do
+        it 'does not create a note, and marks the issue as confidential' do
+          add_note("/confidential")
+
+          expect(page).not_to have_content "/confidential"
+          expect(page).to have_content 'Commands applied'
+          expect(page).to have_content "made the issue confidential"
+
+          expect(issue.reload).to be_confidential
+        end
+      end
+
+      context 'when the current user cannot update the issue' do
+        let(:guest) { create(:user) }
+        before do
+          project.add_guest(guest)
+          gitlab_sign_out
+          sign_in(guest)
+          visit project_issue_path(project, issue)
+        end
+
+        it 'does not create a note, and does not mark the issue as confidential' do
+          add_note("/confidential")
+
+          expect(page).not_to have_content 'Commands applied'
+          expect(page).not_to have_content "made the issue confidential"
+
+          expect(issue.reload).not_to be_confidential
+        end
+      end
+    end
+
     describe 'move the issue to another project' do
       let(:issue) { create(:issue, project: project) }
 

spec/services/quick_actions/interpret_service_spec.rb

@@ -323,6 +323,14 @@ describe QuickActions::InterpretService do
       end
     end
 
+    shared_examples 'confidential command' do
+      it 'marks issue as confidential if content contains /confidential' do
+        _, updates = service.execute(content, issuable)
+
+        expect(updates).to eq(confidential: true)
+      end
+    end
+
     shared_examples 'shrug command' do
       it 'appends ¯\_(ツ)_/¯ to the comment' do
         new_content, _ = service.execute(content, issuable)
@@ -774,6 +782,11 @@ describe QuickActions::InterpretService do
       let(:issuable) { issue }
     end
 
+    it_behaves_like 'confidential command' do
+      let(:content) { '/confidential' }
+      let(:issuable) { issue }
+    end
+
     context '/copy_metadata command' do
       let(:todo_label) { create(:label, project: project, title: 'To Do') }
       let(:inreview_label) { create(:label, project: project, title: 'In Review') }
@@ -918,6 +931,11 @@ describe QuickActions::InterpretService do
         let(:issuable) { issue }
       end
 
+      it_behaves_like 'empty command' do
+        let(:content) { '/confidential' }
+        let(:issuable) { issue }
+      end
+
       it_behaves_like 'empty command' do
         let(:content) { '/duplicate #{issue.to_reference}' }
         let(:issuable) { issue }