Commit 684e434b authored by Heinrich Lee Yu's avatar Heinrich Lee Yu

Merge branch '210540-move-read_prometheus_alerts-policy-to-ce' into 'master'

Move read_prometheus_alerts policy to CE

Closes #210540

See merge request gitlab-org/gitlab!27884
parents 92fc5dfe 6b2e3070
......@@ -316,6 +316,7 @@ class ProjectPolicy < BasePolicy
enable :create_deploy_token
enable :read_pod_logs
enable :destroy_deploy_token
enable :read_prometheus_alerts
end
rule { (mirror_available & can?(:admin_project)) | admin }.enable :admin_remote_mirror
......
......@@ -90,10 +90,6 @@ module EE
@subject.feature_available?(:security_dashboard)
end
condition(:prometheus_alerts_enabled) do
@subject.feature_available?(:prometheus_alerts, @user)
end
with_scope :subject
condition(:license_scanning_enabled) do
@subject.feature_available?(:license_scanning) || @subject.feature_available?(:license_management)
......@@ -239,8 +235,6 @@ module EE
rule { license_scanning_enabled & can?(:maintainer_access) }.enable :admin_software_license_policy
rule { prometheus_alerts_enabled & can?(:maintainer_access) }.enable :read_prometheus_alerts
rule { auditor }.policy do
enable :public_user_access
prevent :request_access
......
......@@ -26,18 +26,6 @@ describe Projects::Prometheus::AlertsController do
end
end
shared_examples 'unlicensed' do
before do
stub_licensed_features(prometheus_alerts: false)
end
it 'returns not_found' do
make_request
expect(response).to have_gitlab_http_status(:not_found)
end
end
shared_examples 'project non-specific environment' do |status|
let(:other) { create(:environment) }
......@@ -118,7 +106,6 @@ describe Projects::Prometheus::AlertsController do
end
it_behaves_like 'unprivileged'
it_behaves_like 'unlicensed'
it_behaves_like 'project non-specific environment', :ok
end
......@@ -166,7 +153,6 @@ describe Projects::Prometheus::AlertsController do
end
it_behaves_like 'unprivileged'
it_behaves_like 'unlicensed'
it_behaves_like 'project non-specific environment', :not_found
it_behaves_like 'project non-specific metric', :not_found
end
......@@ -269,7 +255,6 @@ describe Projects::Prometheus::AlertsController do
end
it_behaves_like 'unprivileged'
it_behaves_like 'unlicensed'
it_behaves_like 'project non-specific environment', :no_content
end
......@@ -318,7 +303,6 @@ describe Projects::Prometheus::AlertsController do
end
it_behaves_like 'unprivileged'
it_behaves_like 'unlicensed'
it_behaves_like 'project non-specific environment', :not_found
it_behaves_like 'project non-specific metric', :not_found
end
......@@ -350,7 +334,6 @@ describe Projects::Prometheus::AlertsController do
end
it_behaves_like 'unprivileged'
it_behaves_like 'unlicensed'
it_behaves_like 'project non-specific environment', :not_found
it_behaves_like 'project non-specific metric', :not_found
end
......
......@@ -963,66 +963,6 @@ describe ProjectPolicy do
end
end
describe 'read_prometheus_alerts' do
context 'with prometheus_alerts available' do
before do
stub_licensed_features(prometheus_alerts: true)
end
context 'with admin' do
let(:current_user) { admin }
it { is_expected.to be_allowed(:read_prometheus_alerts) }
end
context 'with owner' do
let(:current_user) { owner }
it { is_expected.to be_allowed(:read_prometheus_alerts) }
end
context 'with maintainer' do
let(:current_user) { maintainer }
it { is_expected.to be_allowed(:read_prometheus_alerts) }
end
context 'with developer' do
let(:current_user) { developer }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
context 'with reporter' do
let(:current_user) { reporter }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
context 'with guest' do
let(:current_user) { guest }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
context 'with anonymous' do
let(:current_user) { nil }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
end
context 'without prometheus_alerts available' do
before do
stub_licensed_features(prometheus_alerts: false)
end
let(:current_user) { admin }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
end
describe 'publish_status_page' do
let(:anonymous) { nil }
let(:feature) { :status_page }
......
......@@ -68,13 +68,7 @@ describe Metrics::Dashboard::GitlabAlertEmbedService do
let(:service_call) { described_class.new(*service_params).get_dashboard }
it_behaves_like 'misconfigured dashboard service response', :unauthorized
context 'when alerting is available' do
before do
stub_licensed_features(prometheus_alerts: true)
end
it_behaves_like 'valid embedded dashboard service response'
it_behaves_like 'raises error for users with insufficient permissions'
......
......@@ -163,14 +163,6 @@ describe Projects::Operations::UpdateService do
context 'without an existing setting' do
it_behaves_like 'setting creation'
context 'without license' do
before do
stub_licensed_features(prometheus_alerts: false)
end
it_behaves_like 'no operation'
end
context 'with insufficient permissions' do
before do
project.add_reporter(user)
......
......@@ -573,4 +573,50 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:admin_issue) }
end
end
describe 'read_prometheus_alerts' do
subject { described_class.new(current_user, project) }
context 'with admin' do
let(:current_user) { admin }
it { is_expected.to be_allowed(:read_prometheus_alerts) }
end
context 'with owner' do
let(:current_user) { owner }
it { is_expected.to be_allowed(:read_prometheus_alerts) }
end
context 'with maintainer' do
let(:current_user) { maintainer }
it { is_expected.to be_allowed(:read_prometheus_alerts) }
end
context 'with developer' do
let(:current_user) { developer }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
context 'with reporter' do
let(:current_user) { reporter }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
context 'with guest' do
let(:current_user) { guest }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
context 'with anonymous' do
let(:current_user) { nil }
it { is_expected.to be_disallowed(:read_prometheus_alerts) }
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment