Merge branch...

Merge branch '336315-inconsistent-group-list-while-importing-projects-using-gitlab-export-and-bitbucket-cloud' into 'master' Resolve "Inconsistent group list while importing projects using GitLab export and BitBucket cloud" See merge request gitlab-org/gitlab!68302

Merge branch...
Merge branch '336315-inconsistent-group-list-while-importing-projects-using-gitlab-export-and-bitbucket-cloud' into 'master' Resolve "Inconsistent group list while importing projects using GitLab export and BitBucket cloud" See merge request gitlab-org/gitlab!68302
b40f172e · Alex Kalderimis · baf84a03 · 6530b9a6 · b40f172e · b40f172e
Commit b40f172e authored Aug 17, 2021 by Alex Kalderimis
6 changed files
--- a/app/controllers/import/available_namespaces_controller.rb
+++ b/app/controllers/import/available_namespaces_controller.rb
@@ -4,6 +4,6 @@ class Import::AvailableNamespacesController < ApplicationController
  feature_category :importers

  def index
-    render json: NamespaceSerializer.new.represent(current_user.manageable_groups_with_routes)
+    render json: NamespaceSerializer.new.represent(current_user.manageable_groups_with_routes(include_groups_with_developer_maintainer_access: true))
  end
 end
--- a/app/controllers/import/base_controller.rb
+++ b/app/controllers/import/base_controller.rb
@@ -11,8 +11,7 @@ class Import::BaseController < ApplicationController
      format.json do
        render json: { imported_projects: serialized_imported_projects,
                       provider_repos: serialized_provider_repos,
-                       incompatible_repos: serialized_incompatible_repos,
-                       namespaces: serialized_namespaces }
+                       incompatible_repos: serialized_incompatible_repos }
      end
      format.html
    end
@@ -74,14 +73,6 @@ class Import::BaseController < ApplicationController
    @already_added_projects ||= filtered(find_already_added_projects(provider_name))
  end

-  def serialized_namespaces
-    NamespaceSerializer.new.represent(namespaces)
-  end
-
-  def namespaces
-    current_user.manageable_groups_with_routes
-  end
-
  # rubocop: disable CodeReuse/ActiveRecord
  def find_already_added_projects(import_type)
    current_user.created_projects.where(import_type: import_type).with_import_state

--- a/spec/controllers/import/available_namespaces_controller_spec.rb
+++ b/spec/controllers/import/available_namespaces_controller_spec.rb
@@ -4,26 +4,94 @@ require 'spec_helper'

 RSpec.describe Import::AvailableNamespacesController do
  let_it_be(:user) { create(:user) }
-  let_it_be(:manageable_groups) { [create(:group), create(:group)] }

  before do
    sign_in(user)
-    manageable_groups.each { |group| group.add_maintainer(user) }
  end

  describe "GET index" do
-    it "returns list of available namespaces" do
-      unrelated_group = create(:group)
+    context "when having group with role never allowed to create projects" do
+      using RSpec::Parameterized::TableSyntax

-      get :index
+      where(
+        role: [:guest, :reporter],
+        default_project_creation_access: [::Gitlab::Access::MAINTAINER_PROJECT_ACCESS, ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS],
+        group_project_creation_level: [nil, ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS, ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS])

-      expect(response).to have_gitlab_http_status(:ok)
-      expect(json_response).to be_kind_of(Array)
+      with_them do
+        before do
+          stub_application_setting(default_project_creation: default_project_creation_access)
+        end

-      response_ids = json_response.map { |n| n["id"] }
+        it "does not include group with access level #{params[:role]} in list" do
+          group = create(:group, project_creation_level: group_project_creation_level)
+          group.add_user(user, role)
+          get :index

-      expect(response_ids).not_to include(unrelated_group.id)
-      expect(response_ids).to contain_exactly(*manageable_groups.map(&:id))
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response).not_to include({
+            'id' => group.id,
+            'full_path' => group.full_path
+          })
+        end
+      end
+    end
+
+    context "when having group with role always allowed to create projects" do
+      using RSpec::Parameterized::TableSyntax
+
+      where(
+        role: [:maintainer, :owner],
+        default_project_creation_access: [::Gitlab::Access::MAINTAINER_PROJECT_ACCESS, ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS],
+        group_project_creation_level: [nil, ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS, ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS])
+
+      with_them do
+        before do
+          stub_application_setting(default_project_creation: default_project_creation_access)
+        end
+
+        it "does not include group with access level #{params[:role]} in list" do
+          group = create(:group, project_creation_level: group_project_creation_level)
+          group.add_user(user, role)
+          get :index
+
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response).to include({
+            'id' => group.id,
+            'full_path' => group.full_path
+          })
+        end
+      end
+    end
+
+    context "when having developer role" do
+      using RSpec::Parameterized::TableSyntax
+
+      where(:default_project_creation_access, :project_creation_level, :is_visible) do
+        ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS           | nil                                                   | false
+        ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS           | ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS | true
+        ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS | nil                                                   | true
+        ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS | ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS           | false
+      end
+
+      with_them do
+        before do
+          stub_application_setting(default_project_creation: default_project_creation_access)
+        end
+
+        it "#{params[:is_visible] ? 'includes' : 'does not include'} group with access level #{params[:role]} in list" do
+          group = create(:group, project_creation_level: project_creation_level)
+          group.add_user(user, :developer)
+
+          get :index
+
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response).send(is_visible ? 'to' : 'not_to', include({
+            'id' => group.id,
+            'full_path' => group.full_path
+          }))
+        end
+      end
    end

    context "with an anonymous user" do

--- a/spec/controllers/import/manifest_controller_spec.rb
+++ b/spec/controllers/import/manifest_controller_spec.rb
@@ -74,7 +74,6 @@ RSpec.describe Import::ManifestController, :clean_gitlab_redis_shared_state do
        expect(json_response.dig("imported_projects", 0, "id")).to eq(project.id)
        expect(json_response.dig("provider_repos", 0, "id")).to eq(repo1[:id])
        expect(json_response.dig("provider_repos", 1, "id")).to eq(repo2[:id])
-        expect(json_response.dig("namespaces", 0, "id")).to eq(group.id)
      end

      it "does not show already added project" do

--- a/spec/support/shared_examples/controllers/githubish_import_controller_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/githubish_import_controller_shared_examples.rb
@@ -80,7 +80,6 @@ RSpec.shared_examples 'a GitHub-ish import controller: GET status' do
    expect(json_response.dig("imported_projects", 0, "id")).to eq(project.id)
    expect(json_response.dig("provider_repos", 0, "id")).to eq(repo.id)
    expect(json_response.dig("provider_repos", 1, "id")).to eq(org_repo.id)
-    expect(json_response.dig("namespaces", 0, "id")).to eq(group.id)
  end

  it "does not show already added project" do
@@ -156,7 +155,6 @@ RSpec.shared_examples 'a GitHub-ish import controller: GET status' do
      expect(json_response.dig("imported_projects").count).to eq(0)
      expect(json_response.dig("provider_repos").count).to eq(1)
      expect(json_response.dig("provider_repos", 0, "id")).to eq(repo_2.id)
-      expect(json_response.dig("namespaces", 0, "id")).to eq(group.id)
    end

    it 'filters the list, ignoring the case of the name' do
@@ -166,7 +164,6 @@ RSpec.shared_examples 'a GitHub-ish import controller: GET status' do
      expect(json_response.dig("imported_projects").count).to eq(0)
      expect(json_response.dig("provider_repos").count).to eq(1)
      expect(json_response.dig("provider_repos", 0, "id")).to eq(repo_2.id)
-      expect(json_response.dig("namespaces", 0, "id")).to eq(group.id)
    end

    context 'when user input contains html' do

--- a/spec/support/shared_examples/controllers/import_controller_status_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/import_controller_status_shared_examples.rb
@@ -18,7 +18,6 @@ RSpec.shared_examples 'import controller status' do
    expect(response).to have_gitlab_http_status(:ok)
    expect(json_response.dig("imported_projects", 0, "id")).to eq(project.id)
    expect(json_response.dig("provider_repos", 0, "id")).to eq(repo_id)
-    expect(json_response.dig("namespaces", 0, "id")).to eq(group.id)
  end

  it "does not show already added project" do