Expose confidential attribute in private API

Allows setting of Epic's `confidential` attribute in private API (still behind feature flag).

Expose confidential attribute in private API
Allows setting of Epic's `confidential` attribute in private API (still behind feature flag).
b14584f6 · Jan Provaznik · 7fc6a442 · b14584f6 · b14584f6 · b14584f6
Commit b14584f6 authored Apr 02, 2020 by Jan Provaznik
8 changed files
--- a/ee/app/controllers/groups/epics_controller.rb
+++ b/ee/app/controllers/groups/epics_controller.rb
@@ -79,6 +79,7 @@ class Groups::EpicsController < Groups::ApplicationController
      :due_date_fixed,
      :due_date_is_fixed,
      :state_event,
+      :confidential,
      label_ids: [],
      update_task: [:index, :checked, :line_number, :line_source]
    ]

--- a/ee/app/serializers/epic_entity.rb
+++ b/ee/app/serializers/epic_entity.rb
@@ -19,6 +19,7 @@ class EpicEntity < IssuableEntity
  expose :due_date_fixed, :due_date_from_milestones
  expose :state
  expose :lock_version
+  expose :confidential, if: -> (epic) { Feature.enabled?(:confidential_epics, epic.group) }

  expose :web_url do |epic|
    group_epic_path(epic.group, epic)

--- a/ee/app/services/epics/create_service.rb
+++ b/ee/app/services/epics/create_service.rb
@@ -4,6 +4,7 @@ module Epics
  class CreateService < Epics::BaseService
    def execute
      set_date_params
+      params.extract!(:confidential) unless ::Feature.enabled?(:confidential_epics, group)

      epic = group.epics.new
      create(epic)

--- a/ee/app/services/epics/update_service.rb
+++ b/ee/app/services/epics/update_service.rb
@@ -13,6 +13,7 @@ module Epics
      # start_date and end_date columns are no longer writable by users because those
      # are composite fields managed by the system.
      params.extract!(:start_date, :end_date)
+      params.extract!(:confidential) unless ::Feature.enabled?(:confidential_epics, group)

      update_task_event(epic) || update(epic)


--- a/ee/spec/controllers/groups/epics_controller_spec.rb
+++ b/ee/spec/controllers/groups/epics_controller_spec.rb
@@ -287,6 +287,24 @@ describe Groups::EpicsController do

          expect(response).to have_gitlab_http_status(:ok)
          expect(response).to match_response_schema('entities/epic', dir: 'ee')
+          # TODO: when removing confidential_epics feature flag, we can just move
+          # `confidential` attribute to required params in the epics schema
+          expect(json_response).to include("confidential")
+        end
+
+        context 'when confidential_epics flag is disabled' do
+          before do
+            stub_feature_flags(confidential_epics: false)
+          end
+
+          it 'does not include confidential attribute' do
+            group.add_developer(user)
+            show_epic(:json)
+
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(response).to match_response_schema('entities/epic', dir: 'ee')
+            expect(json_response).not_to include("confidential")
+          end
        end

        context 'with unauthorized user' do
@@ -307,7 +325,8 @@ describe Groups::EpicsController do
          title: 'New title',
          label_ids: [label.id],
          start_date_fixed: '2002-01-01',
-          start_date_is_fixed: true
+          start_date_is_fixed: true,
+          confidential: true
        }
      end

@@ -331,7 +350,8 @@ describe Groups::EpicsController do
            start_date_fixed: date,
            start_date: date,
            start_date_is_fixed: true,
-            state: 'opened'
+            state: 'opened',
+            confidential: true
          )
        end
      end
@@ -397,7 +417,11 @@ describe Groups::EpicsController do

    describe '#create' do
      subject do
-        post :create, params: { group_id: group, epic: { title: 'new epic', description: 'some descripition', label_ids: [label.id] } }
+        post :create, params: { group_id: group,
+                                epic: { title: 'new epic',
+                                        description: 'some descripition',
+                                        label_ids: [label.id],
+                                        confidential: true } }
      end

      context 'when user has permissions to create an epic' do

--- a/ee/spec/fixtures/api/schemas/entities/epic.json
+++ b/ee/spec/fixtures/api/schemas/entities/epic.json
@@ -3,13 +3,11 @@
  "properties" : {
    "id": { "type": "integer" },
    "iid": { "type": "integer" },
-    "author_id": { "type": "integer" },
    "group_id": { "type": ["integer", "null"] },
    "title": { "type": "string" },
    "lock_version": { "type": ["integer", "null"] },
    "description": { "type": ["string" , "null"] },
    "confidential": { "type": "boolean" },
-    "milestone_id": { "type": ["string", "null"] },
    "state": { "type": "string" },
    "start_date": { "type": ["date", "null"] },
    "start_date_fixed": { "type": ["date", "null"] },
@@ -20,48 +18,40 @@
    "due_date_fixed": { "type": ["date", "null"] },
    "due_date_from_milestones": { "type": ["date", "null"] },
    "due_date_is_fixed": { "type": "boolean" },
-    "updated_by_id": { "type": ["string", "null"] },
-    "created_at": { "type": "string" },
-    "updated_at": { "type": "string" },
-    "deleted_at": { "type": ["string", "null"] },
    "web_url": { "type": "string" },
-    "milestone": { "type": ["object", "null"] },
    "labels": { "type": ["array", "null"] },
    "group_name": { "type": "string" },
    "group_full_name": { "type": "string" },
-    "group": {
-      "id": { "type": "integer" },
-      "path": { "type": "string" }
-    },
-    "assignee": {
-      "id": { "type": "integer" },
-      "name": { "type": "string" },
-      "username": { "type": "string" },
-      "avatar_url": { "type": "uri" }
-    },
-    "assignees": {
-      "type": "array",
-      "items": {
-        "type": ["object", "null"],
-        "required": [
-          "id",
-          "name",
-          "username",
-          "avatar_url"
-        ],
-        "properties": {
-          "id": { "type": "integer" },
-          "name": { "type": "string" },
-          "username": { "type": "string" },
-          "avatar_url": { "type": "uri" }
-        }
-      }
-    },
    "current_user": {
      "can_create_note": { "type": "boolean" }
    },
    "create_note_path": { "type": "string" },
    "preview_note_path": { "type": "string" }
  },
+  "required": [
+    "id",
+    "iid",
+    "group_id",
+    "title",
+    "lock_version",
+    "description",
+    "state",
+    "start_date",
+    "start_date_fixed",
+    "start_date_is_fixed",
+    "start_date_from_milestones",
+    "end_date",
+    "due_date",
+    "due_date_fixed",
+    "due_date_from_milestones",
+    "due_date_is_fixed",
+    "web_url",
+    "labels",
+    "group_name",
+    "group_full_name",
+    "current_user",
+    "create_note_path",
+    "preview_note_path"
+  ],
  "additionalProperties": false
 }
--- a/ee/spec/services/epics/create_service_spec.rb
+++ b/ee/spec/services/epics/create_service_spec.rb
@@ -6,7 +6,7 @@ describe Epics::CreateService do
  let_it_be(:group) { create(:group, :internal)}
  let_it_be(:user) { create(:user) }
  let_it_be(:parent_epic) { create(:epic, group: group) }
-  let(:params) { { title: 'new epic', description: 'epic description', parent_id: parent_epic.id } }
+  let(:params) { { title: 'new epic', description: 'epic description', parent_id: parent_epic.id, confidential: true } }

  subject { described_class.new(group, user, params).execute }

@@ -22,8 +22,23 @@ describe Epics::CreateService do
      expect(epic.description).to eq('epic description')
      expect(epic.parent).to eq(parent_epic)
      expect(epic.relative_position).not_to be_nil
+      expect(epic.confidential).to be_truthy
      expect(NewEpicWorker).to have_received(:perform_async).with(epic.id, user.id)
    end
+
+    context 'when confidential_epics is disabled' do
+      before do
+        stub_feature_flags(confidential_epics: false)
+      end
+
+      it 'ignores confidential attribute' do
+        expect { subject }.to change { Epic.count }.by(1)
+
+        epic = Epic.last
+        expect(epic).to be_persisted
+        expect(epic.confidential).to be_falsey
+      end
+    end
  end

  context 'handling fixed dates' do

--- a/ee/spec/services/epics/update_service_spec.rb
+++ b/ee/spec/services/epics/update_service_spec.rb
@@ -39,7 +39,8 @@ describe Epics::UpdateService do
          start_date_is_fixed: true,
          due_date_fixed: '2017-10-21',
          due_date_is_fixed: true,
-          state_event: 'close'
+          state_event: 'close',
+          confidential: true
        }
      end

@@ -50,7 +51,8 @@ describe Epics::UpdateService do
        expect(epic).to have_attributes(opts.except(:due_date_fixed, :start_date_fixed))
        expect(epic).to have_attributes(
          start_date_fixed: Date.strptime(opts[:start_date_fixed]),
-          due_date_fixed: Date.strptime(opts[:due_date_fixed])
+          due_date_fixed: Date.strptime(opts[:due_date_fixed]),
+          confidential: true
        )
        expect(epic).to be_closed
      end
@@ -58,6 +60,19 @@ describe Epics::UpdateService do
      it 'updates the last_edited_at value' do
        expect { update_epic(opts) }.to change { epic.last_edited_at }
      end
+
+      context 'when confidential_epics is disabled' do
+        before do
+          stub_feature_flags(confidential_epics: false)
+        end
+
+        it 'ignores confidential attribute on update' do
+          update_epic(opts)
+
+          expect(epic).to be_valid
+          expect(epic.confidential).to be_falsey
+        end
+      end
    end

    context 'when title has changed' do