Merge branch '270200-downtier-pat-apis' into 'master'

Move Personal Access Token API to Core [RUN AS-IF-FOSS] See merge request gitlab-org/gitlab!46145

Merge branch '270200-downtier-pat-apis' into 'master'
Move Personal Access Token API to Core [RUN AS-IF-FOSS] See merge request gitlab-org/gitlab!46145
535655dd · Gabriel Mazetto · f40bd9c2 · d8d101a6 · 535655dd · 535655dd
Commit 535655dd authored Oct 31, 2020 by Gabriel Mazetto
7 changed files
--- a/changelogs/unreleased/270200-downtier-pat-apis.yml
+++ b/changelogs/unreleased/270200-downtier-pat-apis.yml
+---
+title: Move Personal Access Token API to Core
+merge_request: 46145
+author:
+type: changed
--- a/doc/api/personal_access_tokens.md
+++ b/doc/api/personal_access_tokens.md
@@ -4,13 +4,14 @@ group: unassigned
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 ---

-# Personal access tokens API **(ULTIMATE)**
+# Personal access tokens API

 You can read more about [personal access tokens](../user/profile/personal_access_tokens.md#personal-access-tokens).

 ## List personal access tokens

-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/227264) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/227264) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3.
+> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/270200) to [GitLab Core](https://about.gitlab.com/pricing/) in 13.6.

 Get a list of personal access tokens.


--- a/ee/app/models/license.rb
+++ b/ee/app/models/license.rb
@@ -137,7 +137,6 @@ class License < ApplicationRecord
    insights
    issuable_health_status
    license_scanning
-    personal_access_token_api_management
    personal_access_token_expiration_policy
    enforce_pat_expiration
    group_saml_group_sync

--- a/ee/lib/ee/api/api.rb
+++ b/ee/lib/ee/api/api.rb
@@ -26,7 +26,6 @@ module EE
        mount ::API::Ldap
        mount ::API::LdapGroupLinks
        mount ::API::License
-        mount ::API::PersonalAccessTokens
        mount ::API::ProjectMirror
        mount ::API::ProjectPushRule
        mount ::API::GroupPushRule

--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -237,6 +237,7 @@ module API
      mount ::API::ProjectTemplates
      mount ::API::Terraform::State
      mount ::API::Terraform::StateVersion
+      mount ::API::PersonalAccessTokens
      mount ::API::ProtectedBranches
      mount ::API::ProtectedTags
      mount ::API::Releases

--- a/ee/lib/api/personal_access_tokens.rb
+++ b/ee/lib/api/personal_access_tokens.rb
@@ -37,11 +37,6 @@ module API
      def find_token(id)
        PersonalAccessToken.find(id) || not_found!
      end
-
-      def authenticate!
-        unauthorized! unless ::License.feature_available?(:personal_access_token_api_management)
-        super
-      end
    end

    resources :personal_access_tokens do

--- a/ee/spec/requests/api/personal_access_tokens_spec.rb
+++ b/ee/spec/requests/api/personal_access_tokens_spec.rb
@@ -9,23 +9,6 @@ RSpec.describe API::PersonalAccessTokens do
  let_it_be(:current_user) { create(:user) }

  describe 'GET /personal_access_tokens' do
-    context 'when unlicensed' do
-      before do
-        stub_licensed_features(personal_access_token_api_management: false)
-      end
-
-      it 'responds with unauthorized' do
-        get api(path, current_user)
-
-        expect(response).to have_gitlab_http_status(:unauthorized)
-      end
-    end
-
-    context 'when licensed' do
-      before do
-        stub_licensed_features(personal_access_token_api_management: true)
-      end
-
    context 'logged in as an Administrator' do
      let_it_be(:current_user) { create(:admin) }

@@ -45,7 +28,6 @@ RSpec.describe API::PersonalAccessTokens do
          expect(json_response.first['user_id']).to eq(token1.user.id)
        end
      end
-      end

      context 'logged in as a non-Administrator' do
        let_it_be(:current_user) { create(:user) }
@@ -91,23 +73,6 @@ RSpec.describe API::PersonalAccessTokens do
  describe 'DELETE /personal_access_tokens/:id' do
    let(:path) { "/personal_access_tokens/#{token1.id}" }

-    context 'when unlicensed' do
-      before do
-        stub_licensed_features(personal_access_token_api_management: false)
-      end
-
-      it 'responds with unauthorized' do
-        delete api(path, current_user)
-
-        expect(response).to have_gitlab_http_status(:unauthorized)
-      end
-    end
-
-    context 'when licensed' do
-      before do
-        stub_licensed_features(personal_access_token_api_management: true)
-      end
-
    context 'when current_user is an administrator', :enable_admin_mode do
      let_it_be(:admin_user) { create(:admin) }
      let_it_be(:admin_token) { create(:personal_access_token, user: admin_user) }
@@ -144,5 +109,4 @@ RSpec.describe API::PersonalAccessTokens do
      end
    end
  end
-  end
 end