Expose epic confidential attribute in REST API

Allows setting and listing this attribute if `confidential_epics` feature flag is enabled.

Expose epic confidential attribute in REST API
Allows setting and listing this attribute if `confidential_epics` feature flag is enabled.
53b7eaf8 · Jan Provaznik · 4010b8aa · 53b7eaf8 · 53b7eaf8 · 53b7eaf8
Commit 53b7eaf8 authored Apr 08, 2020 by Jan Provaznik
6 changed files
--- a/doc/api/epics.md
+++ b/doc/api/epics.md
@@ -81,6 +81,7 @@ Example response:
  "title": "Accusamus iste et ullam ratione voluptatem omnis debitis dolor est.",
  "description": "Molestias dolorem eos vitae expedita impedit necessitatibus quo voluptatum.",
  "state": "opened",
+  "confidential": "false",
  "web_url": "http://localhost:3001/groups/test/-/epics/4",
  "reference": "&4",
  "references": {
@@ -240,6 +241,7 @@ POST /groups/:id/epics
 | `title`             | string           | yes        | The title of the epic |
 | `labels`            | string           | no         | The comma separated list of labels |
 | `description`       | string           | no         | The description of the epic. Limited to 1,048,576 characters.  |
+| `confidential`      | boolean          | no         | Whether the epic should be confidential. Will be ignored if `confidential_epics` feature flag is disabled. |
 | `start_date_is_fixed` | boolean        | no         | Whether start date should be sourced from `start_date_fixed` or from milestones (since 11.3) |
 | `start_date_fixed`  | string           | no         | The fixed start date of an epic (since 11.3) |
 | `due_date_is_fixed` | boolean          | no         | Whether due date should be sourced from `due_date_fixed` or from milestones (since 11.3) |
@@ -260,6 +262,7 @@ Example response:
  "title": "Epic",
  "description": "Epic description",
  "state": "opened",
+  "confidential": "false",
  "web_url": "http://localhost:3001/groups/test/-/epics/6",
  "reference": "&6",
  "references": {
@@ -314,6 +317,7 @@ PUT /groups/:id/epics/:epic_iid
 | `epic_iid`          | integer/string   | yes        | The internal ID of the epic  |
 | `title`             | string           | no         | The title of an epic |
 | `description`       | string           | no         | The description of an epic. Limited to 1,048,576 characters.  |
+| `confidential`      | boolean          | no         | Whether the epic should be confidential. Will be ignored if `confidential_epics` feature flag is disabled. |
 | `labels`            | string           | no         | The comma separated list of labels |
 | `start_date_is_fixed` | boolean        | no         | Whether start date should be sourced from `start_date_fixed` or from milestones (since 11.3) |
 | `start_date_fixed`  | string           | no         | The fixed start date of an epic (since 11.3) |
@@ -335,6 +339,7 @@ Example response:
  "title": "New Title",
  "description": "Epic description",
  "state": "opened",
+  "confidential": "false",
  "web_url": "http://localhost:3001/groups/test/-/epics/6",
  "reference": "&6",
  "references": {

--- a/ee/lib/api/epics.rb
+++ b/ee/lib/api/epics.rb
@@ -65,6 +65,7 @@ module API
      params do
        requires :title, type: String, desc: 'The title of an epic'
        optional :description, type: String, desc: 'The description of an epic'
+        optional :confidential, type: Boolean, desc: 'Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled'
        optional :start_date, as: :start_date_fixed, type: String, desc: 'The start date of an epic'
        optional :start_date_is_fixed, type: Boolean, desc: 'Indicates start date should be sourced from start_date_fixed field not the issue milestones'
        optional :end_date, as: :due_date_fixed, type: String, desc: 'The due date of an epic'
@@ -90,13 +91,14 @@ module API
        requires :epic_iid, type: Integer, desc: 'The internal ID of an epic'
        optional :title, type: String, desc: 'The title of an epic'
        optional :description, type: String, desc: 'The description of an epic'
+        optional :confidential, type: Boolean, desc: 'Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled'
        optional :start_date, as: :start_date_fixed, type: String, desc: 'The start date of an epic'
        optional :start_date_is_fixed, type: Boolean, desc: 'Indicates start date should be sourced from start_date_fixed field not the issue milestones'
        optional :end_date, as: :due_date_fixed, type: String, desc: 'The due date of an epic'
        optional :due_date_is_fixed, type: Boolean, desc: 'Indicates due date should be sourced from due_date_fixed field not the issue milestones'
        optional :labels, type: Array[String], coerce_with: Validations::Types::LabelsList.coerce, desc: 'Comma-separated list of label names'
        optional :state_event, type: String, values: %w[reopen close], desc: 'State event for an epic'
-        at_least_one_of :title, :description, :start_date_fixed, :start_date_is_fixed, :due_date_fixed, :due_date_is_fixed, :labels, :state_event
+        at_least_one_of :title, :description, :start_date_fixed, :start_date_is_fixed, :due_date_fixed, :due_date_is_fixed, :labels, :state_event, :confidential
      end
      put ':id/(-/)epics/:epic_iid' do
        Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab/issues/194104')

--- a/ee/lib/ee/api/entities/epic.rb
+++ b/ee/lib/ee/api/entities/epic.rb
@@ -12,6 +12,7 @@ module EE
        expose :parent_id
        expose :title
        expose :description
+        expose :confidential
        expose :author, using: ::API::Entities::UserBasic
        expose :start_date
        expose :start_date_is_fixed?, as: :start_date_is_fixed, if: can_admin_epic

--- a/ee/spec/controllers/groups/epics_controller_spec.rb
+++ b/ee/spec/controllers/groups/epics_controller_spec.rb
@@ -287,9 +287,6 @@ describe Groups::EpicsController do

          expect(response).to have_gitlab_http_status(:ok)
          expect(response).to match_response_schema('entities/epic', dir: 'ee')
-          # TODO: when removing confidential_epics feature flag, we can just move
-          # `confidential` attribute to required params in the epics schema
-          expect(json_response).to include("confidential")
        end

        context 'when confidential_epics flag is disabled' do
@@ -302,7 +299,6 @@ describe Groups::EpicsController do
            show_epic(:json)

            expect(response).to have_gitlab_http_status(:ok)
-            expect(response).to match_response_schema('entities/epic', dir: 'ee')
            expect(json_response).not_to include("confidential")
          end
        end

--- a/ee/spec/fixtures/api/schemas/public_api/v4/epic.json
+++ b/ee/spec/fixtures/api/schemas/public_api/v4/epic.json
@@ -7,6 +7,7 @@
    "parent_id": { "type": ["integer", "null"] },
    "title": { "type": "string" },
    "description": { "type": ["string", "null"] },
+    "confidential": { "type": "boolean" },
    "author": {
      "type": ["object", "null"],
      "properties": {
@@ -53,7 +54,7 @@
    "subscribed": { "type": ["boolean", "null"] }
  },
  "required": [
-    "id", "iid", "group_id", "title"
+    "id", "iid", "group_id", "title", "confidential"
  ],
  "additionalProperties": false
 }
--- a/ee/spec/requests/api/epics_spec.rb
+++ b/ee/spec/requests/api/epics_spec.rb
@@ -527,7 +527,8 @@ describe API::Epics do
        labels: 'label1',
        due_date_fixed: '2018-07-17',
        due_date_is_fixed: true,
-        parent_id: parent_epic.id
+        parent_id: parent_epic.id,
+        confidential: true
      }
    end

@@ -573,6 +574,7 @@ describe API::Epics do
          expect(epic.labels.first.title).to eq('label1')
          expect(epic.parent).to eq(parent_epic)
          expect(epic.relative_position).not_to be_nil
+          expect(epic.confidential).to be_truthy
        end

        context 'when deprecated start_date and end_date params are present' do
@@ -589,6 +591,20 @@ describe API::Epics do
        end
      end

+      context 'when confidential_epics flag is disabled' do
+        before do
+          stub_feature_flags(confidential_epics: false)
+
+          post api(url, user), params: params
+        end
+
+        it 'ignores confidential attribute' do
+          epic = Epic.last
+
+          expect(epic.confidential).to be_falsey
+        end
+      end
+
      it 'creates a new epic with labels param as array' do
        params[:labels] = ['label1', 'label2', 'foo, bar', '&,?']

@@ -615,7 +631,8 @@ describe API::Epics do
        description: 'new description',
        labels: 'label2',
        start_date_fixed: "2018-07-17",
-        start_date_is_fixed: true
+        start_date_is_fixed: true,
+        confidential: true
      }
    end

@@ -673,6 +690,20 @@ describe API::Epics do
            expect(result.start_date_is_fixed).to eq(true)
            expect(result.due_date_fixed).to eq(nil)
            expect(result.due_date_is_fixed).to be_falsey
+            expect(result.confidential).to be_truthy
+          end
+        end
+
+        context 'when confidential_epics flag is disabled' do
+          before do
+            stub_feature_flags(confidential_epics: false)
+            stub_licensed_features(epics: true)
+
+            put api(url, user), params: params
+          end
+
+          it 'does not include confidential attribute' do
+            expect(epic.reload.confidential).to be_falsey
          end
        end