Merge branch 'bvl-add-all-settings-to-api-ee' into 'master'

EE-Port: Add all ApplicationSettings attributes to the API Closes gitlab-ce#34163 See merge request !2431

Merge branch 'bvl-add-all-settings-to-api-ee' into 'master'
EE-Port: Add all ApplicationSettings attributes to the API Closes gitlab-ce#34163 See merge request !2431
5d37ff51 · Robert Speicher · 22e52db9 · 170f9948 · 5d37ff51 · 5d37ff51
Commit 5d37ff51 authored Jul 27, 2017 by Robert Speicher
9 changed files
--- a/app/controllers/admin/application_settings_controller.rb
+++ b/app/controllers/admin/application_settings_controller.rb
@@ -78,88 +78,12 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
    params.delete(:domain_blacklist_raw) if params[:domain_blacklist_file]

    params.require(:application_setting).permit(
-      application_setting_params_attributes
+      permitted_application_setting_attributes
    )
  end

-  def application_setting_params_attributes
-    [
-      :admin_notification_email,
-      :after_sign_out_path,
-      :after_sign_up_text,
-      :akismet_api_key,
-      :akismet_enabled,
-      :container_registry_token_expire_delay,
-      :default_artifacts_expire_in,
-      :default_branch_protection,
-      :default_group_visibility,
-      :default_project_visibility,
-      :default_projects_limit,
-      :default_snippet_visibility,
-      :domain_blacklist_enabled,
-      :domain_blacklist_file,
-      :domain_blacklist_raw,
-      :domain_whitelist_raw,
-      :email_author_in_body,
-      :enabled_git_access_protocol,
-      :gravatar_enabled,
-      :help_page_text,
-      :help_page_hide_commercial_content,
-      :help_page_support_url,
-      :home_page_url,
-      :housekeeping_bitmaps_enabled,
-      :housekeeping_enabled,
-      :housekeeping_full_repack_period,
-      :housekeeping_gc_period,
-      :housekeeping_incremental_repack_period,
-      :html_emails_enabled,
-      :koding_enabled,
-      :koding_url,
-      :password_authentication_enabled,
-      :plantuml_enabled,
-      :plantuml_url,
-      :max_artifacts_size,
-      :max_attachment_size,
-      :max_pages_size,
-      :metrics_enabled,
-      :metrics_host,
-      :metrics_method_call_threshold,
-      :metrics_packet_size,
-      :metrics_pool_size,
-      :metrics_port,
-      :metrics_sample_interval,
-      :metrics_timeout,
-      :performance_bar_allowed_group_id,
-      :performance_bar_enabled,
-      :recaptcha_enabled,
-      :recaptcha_private_key,
-      :recaptcha_site_key,
-      :repository_checks_enabled,
-      :require_two_factor_authentication,
-      :session_expire_delay,
-      :sign_in_text,
-      :signup_enabled,
-      :sentry_dsn,
-      :sentry_enabled,
-      :clientside_sentry_dsn,
-      :clientside_sentry_enabled,
-      :send_user_confirmation_email,
-      :shared_runners_enabled,
-      :shared_runners_text,
-      :sidekiq_throttling_enabled,
-      :sidekiq_throttling_factor,
-      :two_factor_grace_period,
-      :user_default_external,
-      :user_oauth_applications,
-      :unique_ips_limit_per_user,
-      :unique_ips_limit_time_window,
-      :unique_ips_limit_enabled,
-      :version_check_enabled,
-      :terminal_max_session_time,
-      :polling_interval_multiplier,
-      :prometheus_metrics_enabled,
-      :usage_ping_enabled,
-
+  def permitted_application_setting_attributes
+    ApplicationSettingsHelper.visible_attributes + [
      disabled_oauth_sign_in_sources: [],
      import_sources: [],
      repository_storages: [],

--- a/app/controllers/ee/admin/application_settings_controller.rb
+++ b/app/controllers/ee/admin/application_settings_controller.rb
 module EE
  module Admin
    module ApplicationSettingsController
-      def application_setting_params_attributes
-        attrs = super + application_setting_params_attributes_ee
-        attrs += repository_mirrors_params_attributes if License.feature_available?(:repository_mirrors)
+      def permitted_application_setting_attributes
+        attrs = super

-        attrs
-      end
-
-      private
+        if License.feature_available?(:repository_mirrors)
+          attrs += EE::ApplicationSettingsHelper.repository_mirror_attributes
+        end

-      def application_setting_params_attributes_ee
-        [
-          :help_text,
-          :elasticsearch_url,
-          :elasticsearch_indexing,
-          :elasticsearch_aws,
-          :elasticsearch_aws_access_key,
-          :elasticsearch_aws_secret_access_key,
-          :elasticsearch_aws_region,
-          :elasticsearch_search,
-          :repository_size_limit,
-          :shared_runners_minutes,
-          :geo_status_timeout,
-          :elasticsearch_experimental_indexer,
-          :check_namespace_plan,
-          :authorized_keys_enabled,
-          :slack_app_enabled,
-          :slack_app_id,
-          :slack_app_secret,
-          :slack_app_verification_token
-        ]
-      end
-
-      def repository_mirrors_params_attributes
-        [
-          :mirror_max_delay,
-          :mirror_max_capacity,
-          :mirror_capacity_threshold
-        ]
+        attrs
      end
    end
  end

--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
 module ApplicationSettingsHelper
+  prepend EE::ApplicationSettingsHelper
+  extend self
+
  delegate  :gravatar_enabled?,
            :signup_enabled?,
            :password_authentication_enabled?,
@@ -91,4 +94,88 @@ module ApplicationSettingsHelper
  def sidekiq_queue_options_for_select
    options_for_select(Sidekiq::Queue.all.map(&:name), @application_setting.sidekiq_throttling_queues)
  end
+
+  def visible_attributes
+    [
+      :admin_notification_email,
+      :after_sign_out_path,
+      :after_sign_up_text,
+      :akismet_api_key,
+      :akismet_enabled,
+      :clientside_sentry_dsn,
+      :clientside_sentry_enabled,
+      :container_registry_token_expire_delay,
+      :default_artifacts_expire_in,
+      :default_branch_protection,
+      :default_group_visibility,
+      :default_project_visibility,
+      :default_projects_limit,
+      :default_snippet_visibility,
+      :disabled_oauth_sign_in_sources,
+      :domain_blacklist_enabled,
+      :domain_blacklist_raw,
+      :domain_whitelist_raw,
+      :email_author_in_body,
+      :enabled_git_access_protocol,
+      :gravatar_enabled,
+      :help_page_hide_commercial_content,
+      :help_page_support_url,
+      :help_page_text,
+      :home_page_url,
+      :housekeeping_bitmaps_enabled,
+      :housekeeping_enabled,
+      :housekeeping_full_repack_period,
+      :housekeeping_gc_period,
+      :housekeeping_incremental_repack_period,
+      :html_emails_enabled,
+      :import_sources,
+      :koding_enabled,
+      :koding_url,
+      :max_artifacts_size,
+      :max_attachment_size,
+      :max_pages_size,
+      :metrics_enabled,
+      :metrics_host,
+      :metrics_method_call_threshold,
+      :metrics_packet_size,
+      :metrics_pool_size,
+      :metrics_port,
+      :metrics_sample_interval,
+      :metrics_timeout,
+      :password_authentication_enabled,
+      :performance_bar_allowed_group_id,
+      :performance_bar_enabled,
+      :plantuml_enabled,
+      :plantuml_url,
+      :polling_interval_multiplier,
+      :prometheus_metrics_enabled,
+      :recaptcha_enabled,
+      :recaptcha_private_key,
+      :recaptcha_site_key,
+      :repository_checks_enabled,
+      :repository_storages,
+      :require_two_factor_authentication,
+      :restricted_visibility_levels,
+      :send_user_confirmation_email,
+      :sentry_dsn,
+      :sentry_enabled,
+      :session_expire_delay,
+      :shared_runners_enabled,
+      :shared_runners_text,
+      :sidekiq_throttling_enabled,
+      :sidekiq_throttling_factor,
+      :sidekiq_throttling_queues,
+      :sign_in_text,
+      :signup_enabled,
+      :terminal_max_session_time,
+      :two_factor_grace_period,
+      :unique_ips_limit_enabled,
+      :unique_ips_limit_per_user,
+      :unique_ips_limit_time_window,
+      :usage_ping_enabled,
+      :user_default_external,
+      :user_oauth_applications,
+      :version_check_enabled
+    ]
+  end
 end
--- a/app/helpers/ee/application_settings_helper.rb
+++ b/app/helpers/ee/application_settings_helper.rb
+module EE
+  module ApplicationSettingsHelper
+    def visible_attributes
+      raise NotImplementedError unless defined?(super)
+
+      super + [
+        :authorized_keys_enabled,
+        :check_namespace_plan,
+        :elasticsearch_aws,
+        :elasticsearch_aws_access_key,
+        :elasticsearch_aws_region,
+        :elasticsearch_aws_secret_access_key,
+        :elasticsearch_experimental_indexer,
+        :elasticsearch_indexing,
+        :elasticsearch_search,
+        :elasticsearch_url,
+        :geo_status_timeout,
+        :help_text,
+        :repository_size_limit,
+        :shared_runners_minutes,
+        :slack_app_enabled,
+        :slack_app_id,
+        :slack_app_secret,
+        :slack_app_verification_token
+      ]
+    end
+
+    def self.repository_mirror_attributes
+      [
+        :mirror_max_capacity,
+        :mirror_max_delay,
+        :mirror_capacity_threshold
+      ]
+    end
+  end
+end
--- a/changelogs/unreleased/bvl-add-all-settings-to-api.yml
+++ b/changelogs/unreleased/bvl-add-all-settings-to-api.yml
+---
+title: Make all application-settings accessible through the API
+merge_request: 12851
+author:
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -745,42 +745,17 @@ module API

    class ApplicationSetting < Grape::Entity
      expose :id
-      expose :default_projects_limit
-      expose :signup_enabled
-      expose :password_authentication_enabled
-      expose :password_authentication_enabled, as: :signin_enabled
-      expose :gravatar_enabled
-      expose :sign_in_text
-      expose :after_sign_up_text
-      expose :created_at
-      expose :updated_at
-      expose :home_page_url
-      expose :default_branch_protection
+      expose(*ApplicationSettingsHelper.visible_attributes)
+      expose(*EE::ApplicationSettingsHelper.repository_mirror_attributes, if: lambda do |_instance, _options|
+        ::License.feature_available?(:repository_mirrors)
+      end)
      expose(:restricted_visibility_levels) do |setting, _options|
        setting.restricted_visibility_levels.map { |level| Gitlab::VisibilityLevel.string_level(level) }
      end
-      expose :max_attachment_size
-      expose :session_expire_delay
      expose(:default_project_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_project_visibility) }
      expose(:default_snippet_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_snippet_visibility) }
      expose(:default_group_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_group_visibility) }
-      expose :default_artifacts_expire_in
-      expose :domain_whitelist
-      expose :domain_blacklist_enabled
-      expose :domain_blacklist
-      expose :user_oauth_applications
-      expose :after_sign_out_path
-      expose :container_registry_token_expire_delay
-      expose :repository_storages
-      expose :koding_enabled
-      expose :koding_url
-      expose :plantuml_enabled
-      expose :plantuml_url
-      expose :terminal_max_session_time
-      expose :polling_interval_multiplier
-      expose :help_page_hide_commercial_content
-      expose :help_page_text
-      expose :help_page_support_url
+      expose :password_authentication_enabled, as: :signin_enabled
    end

    class Release < Grape::Entity

--- a/lib/api/settings.rb
+++ b/lib/api/settings.rb
@@ -20,59 +20,6 @@ module API
      success Entities::ApplicationSetting
    end
    params do
-      # CE
-      at_least_one_of_ce = [
-        :admin_notification_email,
-        :after_sign_out_path,
-        :after_sign_up_text,
-        :akismet_enabled,
-        :container_registry_token_expire_delay,
-        :default_artifacts_expire_in,
-        :default_branch_protection,
-        :default_group_visibility,
-        :default_project_visibility,
-        :default_projects_limit,
-        :default_snippet_visibility,
-        :disabled_oauth_sign_in_sources,
-        :domain_blacklist_enabled,
-        :domain_whitelist,
-        :email_author_in_body,
-        :enabled_git_access_protocol,
-        :gravatar_enabled,
-        :help_page_hide_commercial_content,
-        :help_page_text,
-        :help_page_support_url,
-        :home_page_url,
-        :housekeeping_enabled,
-        :html_emails_enabled,
-        :import_sources,
-        :koding_enabled,
-        :max_artifacts_size,
-        :max_attachment_size,
-        :max_pages_size,
-        :metrics_enabled,
-        :plantuml_enabled,
-        :polling_interval_multiplier,
-        :recaptcha_enabled,
-        :repository_checks_enabled,
-        :repository_storage,
-        :require_two_factor_authentication,
-        :restricted_visibility_levels,
-        :send_user_confirmation_email,
-        :sentry_enabled,
-        :clientside_sentry_enabled,
-        :session_expire_delay,
-        :shared_runners_enabled,
-        :sidekiq_throttling_enabled,
-        :sign_in_text,
-        :password_authentication_enabled,
-        :signin_enabled,
-        :signup_enabled,
-        :terminal_max_session_time,
-        :user_default_external,
-        :user_oauth_applications,
-        :version_check_enabled
-      ]
      optional :default_branch_protection, type: Integer, values: [0, 1, 2], desc: 'Determine if developers can push to master'
      optional :default_project_visibility, type: String, values: Gitlab::VisibilityLevel.string_values, desc: 'The default project visibility'
      optional :default_snippet_visibility, type: String, values: Gitlab::VisibilityLevel.string_values, desc: 'The default snippet visibility'
@@ -151,7 +98,7 @@ module API
      given clientside_sentry_enabled: ->(val) { val } do
        requires :clientside_sentry_dsn, type: String, desc: 'Clientside Sentry Data Source Name'
      end
-      optional :repository_storage, type: String, desc: 'Storage paths for new projects'
+      optional :repository_storages, type: Array[String], desc: 'Storage paths for new projects'
      optional :repository_checks_enabled, type: Boolean, desc: "GitLab will periodically run 'git fsck' in all project and wiki repositories to look for silent disk corruption issues."
      optional :koding_enabled, type: Boolean, desc: 'Enable Koding'
      given koding_enabled: ->(val) { val } do
@@ -173,31 +120,7 @@ module API
      end
      optional :terminal_max_session_time, type: Integer, desc: 'Maximum time for web terminal websocket connection (in seconds). Set to 0 for unlimited time.'
      optional :polling_interval_multiplier, type: BigDecimal, desc: 'Interval multiplier used by endpoints that perform polling. Set to 0 to disable polling.'
-      at_least_one_of :default_branch_protection, :default_project_visibility, :default_snippet_visibility,
-                      :default_group_visibility, :restricted_visibility_levels, :import_sources,
-                      :enabled_git_access_protocol, :gravatar_enabled, :default_projects_limit,
-                      :max_attachment_size, :session_expire_delay, :disabled_oauth_sign_in_sources,
-                      :user_oauth_applications, :user_default_external, :signup_enabled,
-                      :send_user_confirmation_email, :domain_whitelist, :domain_blacklist_enabled,
-                      :after_sign_up_text, :signin_enabled, :require_two_factor_authentication,
-                      :home_page_url, :after_sign_out_path, :sign_in_text, :help_page_text,
-                      :shared_runners_enabled, :max_artifacts_size,
-                      :default_artifacts_expire_in, :max_pages_size,
-                      :container_registry_token_expire_delay,
-                      :metrics_enabled, :sidekiq_throttling_enabled, :recaptcha_enabled,
-                      :akismet_enabled, :admin_notification_email, :sentry_enabled,
-                      :repository_checks_enabled, :koding_enabled, :plantuml_enabled,
-                      :version_check_enabled, :email_author_in_body, :html_emails_enabled,
-                      :housekeeping_enabled, :terminal_max_session_time, :polling_interval_multiplier

-      # EE
-      at_least_one_of_ee = [
-        :elasticsearch_indexing,
-        :help_text,
-        :repository_size_limit,
-        :repository_storages,
-        :usage_ping_enabled
-      ]
      optional :help_text, type: String, desc: 'GitLab server administrator information'
      optional :elasticsearch_indexing, type: Boolean, desc: 'Enable Elasticsearch indexing'
      given elasticsearch_indexing: ->(val) { val } do
@@ -214,11 +137,17 @@ module API
      optional :repository_storages, type: Array[String], desc: 'A list of names of enabled storage paths, taken from `gitlab.yml`. New projects will be created in one of these stores, chosen at random.'
      optional :repository_size_limit, type: Integer, desc: 'Size limit per repository (MB)'

-      at_least_one_of(*(at_least_one_of_ce + at_least_one_of_ee))
+      all_attributes = ::EE::ApplicationSettingsHelper.repository_mirror_attributes + ApplicationSettingsHelper.visible_attributes
+      optional(*all_attributes)
+      at_least_one_of(*all_attributes)
    end
    put "application/settings" do
      attrs = declared_params(include_missing: false)

+      unless ::License.feature_available?(:repository_mirrors)
+        attrs = attrs.except(*::EE::ApplicationSettingsHelper.repository_mirror_attributes)
+      end
+
      if attrs.has_key?(:signin_enabled)
        attrs[:password_authentication_enabled] = attrs.delete(:signin_enabled)
      end

--- a/spec/requests/api/ee/settings_spec.rb
+++ b/spec/requests/api/ee/settings_spec.rb
+require 'spec_helper'
+
+describe API::Settings, 'EE Settings' do # rubocop:disable RSpec/FilePath
+  include StubENV
+
+  let(:user) { create(:user) }
+  let(:admin) { create(:admin) }
+
+  before do
+    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
+  end
+
+  describe "PUT /application/settings" do
+    it 'sets EE specific settings' do
+      put api("/application/settings", admin), help_text: 'Help text'
+
+      expect(response).to have_http_status(200)
+      expect(json_response['help_text']).to eq('Help text')
+    end
+  end
+
+  context 'when the repository mirrors feature is not available' do
+    before do
+      stub_licensed_features(repository_mirrors: false)
+      get api("/application/settings", admin)
+    end
+
+    it 'hides repository mirror attributes when the feature is available' do
+      get api("/application/settings", admin)
+
+      expect(response).to have_http_status(200)
+      expect(json_response.keys).not_to include('mirror_max_capacity')
+    end
+
+    it 'does not update repository mirror attributes' do
+      expect { put api("/application/settings", admin), mirror_max_capacity: 15 }
+        .not_to change(ApplicationSetting.current.reload, :mirror_max_capacity)
+    end
+  end
+
+  context 'when the repository mirrors feature is available' do
+    before do
+      stub_licensed_features(repository_mirrors: true)
+    end
+
+    it 'has repository mirror attributes when the feature is available' do
+      get api("/application/settings", admin)
+
+      expect(response).to have_http_status(200)
+      expect(json_response.keys).to include('mirror_max_capacity')
+    end
+
+    it 'updates repository mirror attributes' do
+      put api("/application/settings", admin), mirror_max_capacity: 15
+
+      expect(ApplicationSetting.current.reload.mirror_max_capacity).to eq(15)
+    end
+  end
+end
--- a/spec/requests/api/settings_spec.rb
+++ b/spec/requests/api/settings_spec.rb
@@ -46,6 +46,7 @@ describe API::Settings, 'Settings' do
          help_page_text: 'custom help text',
          help_page_hide_commercial_content: true,
          help_page_support_url: 'http://example.com/help'
+
        expect(response).to have_http_status(200)
        expect(json_response['default_projects_limit']).to eq(3)
        expect(json_response['signin_enabled']).to be_falsey