Deprecate legacy policy approval status in API

4057f938 · Tetiana Chupryna · Russell Dickenson · fbd35cb2 · 4057f938 · 4057f938
Commit 4057f938 authored Dec 06, 2021 by Tetiana Chupryna Committed by Russell Dickenson Dec 06, 2021
3 changed files
--- a/doc/api/managed_licenses.md
+++ b/doc/api/managed_licenses.md
@@ -6,6 +6,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 # Managed Licenses API **(ULTIMATE)**

+WARNING:
+"approval" and "blacklisted" approval statuses are deprecated and scheduled to be changed to "allowed" and "denied" in GitLab 15.0.
+
 ## List managed licenses

 Get all managed licenses for a given project.
@@ -78,10 +81,10 @@ POST /projects/:id/managed_licenses
 | ------------- | ------- | -------- | ---------------------------- |
 | `id`      | integer/string    | yes      | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user |
 | `name`        | string  | yes      | The name of the managed license        |
-| `approval_status`       | string  | yes      | The approval status. "approved" or "blacklisted" |
+| `approval_status`       | string  | yes      | The approval status of the license. "allowed" or "denied". "blacklisted" and "approved" are deprecated. |

 ```shell
-curl --data "name=MIT&approval_status=blacklisted" --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/managed_licenses"
+curl --data "name=MIT&approval_status=denied" --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/managed_licenses"
 ```

 Example response:
@@ -125,10 +128,10 @@ PATCH /projects/:id/managed_licenses/:managed_license_id
 | --------------- | ------- | --------------------------------- | -------------------------------  |
 | `id`      | integer/string    | yes      | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user |
 | `managed_license_id`      | integer/string    | yes      | The ID or URL-encoded name of the license belonging to the project |
-| `approval_status`       | string  | yes      | The approval status. "approved" or "blacklisted" |
+| `approval_status`       | string  | yes      | The approval status of the license. "allowed" or "denied". "blacklisted" and "approved" are deprecated. |

 ```shell
-curl --request PATCH --data "approval_status=blacklisted" \
+curl --request PATCH --data "approval_status=denied" \
     --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/managed_licenses/6"
 ```


--- a/ee/lib/api/managed_licenses.rb
+++ b/ee/lib/api/managed_licenses.rb
@@ -61,8 +61,8 @@ module API
        requires :name, type: String, desc: 'The name of the license'
        requires :approval_status,
          type: String,
-          values: %w(approved blacklisted),
-          desc: 'The approval status of the license. "blacklisted" or "approved".'
+          values: %w(allowed denied approved blacklisted),
+          desc: 'The approval status of the license. "allowed" or "denied". "blacklisted" and "approved" are deprecated.'
      end
      post ':id/managed_licenses' do
        authorize_can_admin!
@@ -88,8 +88,8 @@ module API
        optional :name, type: String, desc: 'The name of the license'
        optional :approval_status,
          type: String,
-          values: %w(approved blacklisted),
-          desc: 'The approval status of the license. "blacklisted" or "approved".'
+          values: %w(allowed denied approved blacklisted),
+          desc: 'The approval status of the license. "allowed" or "denied". "blacklisted" and "approved" are deprecated.'
      end
      patch ':id/managed_licenses/:managed_license_id', requirements: { managed_license_id: /.*/ } do
        authorize_can_admin!

--- a/ee/spec/requests/api/managed_licenses_spec.rb
+++ b/ee/spec/requests/api/managed_licenses_spec.rb
@@ -141,7 +141,7 @@ RSpec.describe API::ManagedLicenses do
          post api("/projects/#{project.id}/managed_licenses", maintainer_user),
            params: {
              name: 'NEW_LICENSE_NAME',
-              approval_status: 'approved'
+              approval_status: 'allowed'
            }
        end.to change {project.software_license_policies.count}.by(1)

@@ -163,6 +163,22 @@ RSpec.describe API::ManagedLicenses do

        expect(response).to have_gitlab_http_status(:bad_request)
      end
+
+      it 'creates managed license from deprecated approval status value' do
+        expect do
+          post api("/projects/#{project.id}/managed_licenses", maintainer_user),
+               params: {
+                 name: 'NEW_LICENSE_NAME',
+                 approval_status: 'approved'
+               }
+        end.to change {project.software_license_policies.count}.by(1)
+
+        expect(response).to have_gitlab_http_status(:created)
+        expect(response).to match_response_schema('software_license_policy', dir: 'ee')
+        expect(json_response).to have_key('id')
+        expect(json_response['name']).to eq('NEW_LICENSE_NAME')
+        expect(json_response['approval_status']).to eq('approved')
+      end
    end

    context 'authorized user with read permissions' do
@@ -210,7 +226,7 @@ RSpec.describe API::ManagedLicenses do
        initial_name = initial_license.name
        initial_classification = initial_license.classification
        patch api("/projects/#{project.id}/managed_licenses/#{software_license_policy.id}", maintainer_user),
-          params: { approval_status: 'blacklisted' }
+          params: { approval_status: 'denied' }

        updated_software_license_policy = project.software_license_policies.reload.first

@@ -231,6 +247,26 @@ RSpec.describe API::ManagedLicenses do
        expect(initial_classification).not_to eq(updated_software_license_policy.classification)
      end

+      it 'updates managed license data with deprecated approval status' do
+        initial_license = project.software_license_policies.first
+        initial_id = initial_license.id
+        patch api("/projects/#{project.id}/managed_licenses/#{software_license_policy.id}", maintainer_user),
+              params: { approval_status: 'blacklisted' }
+
+        updated_software_license_policy = project.software_license_policies.reload.first
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response).to match_response_schema('software_license_policy', dir: 'ee')
+
+        # Check that response is equal to the updated object
+        expect(json_response['id']).to eq(initial_id)
+        expect(json_response['name']).to eq(updated_software_license_policy.name)
+        expect(json_response['approval_status']).to eq('blacklisted')
+
+        # Check that the approval status was updated
+        expect(updated_software_license_policy).to be_denied
+      end
+
      it 'responds with 404 Not Found if requesting non-existing managed license' do
        patch api("/projects/#{project.id}/managed_licenses/#{non_existing_record_id}", maintainer_user)