Merge branch '335707-deprecate-legacy-statuses' into 'master'

Deprecate legacy policy approval status in API

See merge request gitlab-org/gitlab!75474

doc/api/managed_licenses.md

@@ -6,6 +6,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Managed Licenses API **(ULTIMATE)**
 
+WARNING:
+"approval" and "blacklisted" approval statuses are deprecated and scheduled to be changed to "allowed" and "denied" in GitLab 15.0.
+
 ## List managed licenses
 
 Get all managed licenses for a given project.
@@ -78,10 +81,10 @@ POST /projects/:id/managed_licenses
 | ------------- | ------- | -------- | ---------------------------- |
 | `id`      | integer/string    | yes      | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user |
 | `name`        | string  | yes      | The name of the managed license        |
-| `approval_status`       | string  | yes      | The approval status. "approved" or "blacklisted" |
+| `approval_status`       | string  | yes      | The approval status of the license. "allowed" or "denied". "blacklisted" and "approved" are deprecated. |
 
 ```shell
-curl --data "name=MIT&approval_status=blacklisted" --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/managed_licenses"
+curl --data "name=MIT&approval_status=denied" --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/managed_licenses"
 ```
 
 Example response:
@@ -125,10 +128,10 @@ PATCH /projects/:id/managed_licenses/:managed_license_id
 | --------------- | ------- | --------------------------------- | -------------------------------  |
 | `id`      | integer/string    | yes      | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user |
 | `managed_license_id`      | integer/string    | yes      | The ID or URL-encoded name of the license belonging to the project |
-| `approval_status`       | string  | yes      | The approval status. "approved" or "blacklisted" |
+| `approval_status`       | string  | yes      | The approval status of the license. "allowed" or "denied". "blacklisted" and "approved" are deprecated. |
 
 ```shell
-curl --request PATCH --data "approval_status=blacklisted" \
+curl --request PATCH --data "approval_status=denied" \
      --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/managed_licenses/6"
 ```
 

ee/lib/api/managed_licenses.rb

@@ -61,8 +61,8 @@ module API
         requires :name, type: String, desc: 'The name of the license'
         requires :approval_status,
           type: String,
-          values: %w(approved blacklisted),
-          desc: 'The approval status of the license. "blacklisted" or "approved".'
+          values: %w(allowed denied approved blacklisted),
+          desc: 'The approval status of the license. "allowed" or "denied". "blacklisted" and "approved" are deprecated.'
       end
       post ':id/managed_licenses' do
         authorize_can_admin!
@@ -88,8 +88,8 @@ module API
         optional :name, type: String, desc: 'The name of the license'
         optional :approval_status,
           type: String,
-          values: %w(approved blacklisted),
-          desc: 'The approval status of the license. "blacklisted" or "approved".'
+          values: %w(allowed denied approved blacklisted),
+          desc: 'The approval status of the license. "allowed" or "denied". "blacklisted" and "approved" are deprecated.'
       end
       patch ':id/managed_licenses/:managed_license_id', requirements: { managed_license_id: /.*/ } do
         authorize_can_admin!

ee/spec/requests/api/managed_licenses_spec.rb

@@ -141,7 +141,7 @@ RSpec.describe API::ManagedLicenses do
           post api("/projects/#{project.id}/managed_licenses", maintainer_user),
             params: {
               name: 'NEW_LICENSE_NAME',
-              approval_status: 'approved'
+              approval_status: 'allowed'
             }
         end.to change {project.software_license_policies.count}.by(1)
 
@@ -163,6 +163,22 @@ RSpec.describe API::ManagedLicenses do
 
         expect(response).to have_gitlab_http_status(:bad_request)
       end
+
+      it 'creates managed license from deprecated approval status value' do
+        expect do
+          post api("/projects/#{project.id}/managed_licenses", maintainer_user),
+               params: {
+                 name: 'NEW_LICENSE_NAME',
+                 approval_status: 'approved'
+               }
+        end.to change {project.software_license_policies.count}.by(1)
+
+        expect(response).to have_gitlab_http_status(:created)
+        expect(response).to match_response_schema('software_license_policy', dir: 'ee')
+        expect(json_response).to have_key('id')
+        expect(json_response['name']).to eq('NEW_LICENSE_NAME')
+        expect(json_response['approval_status']).to eq('approved')
+      end
     end
 
     context 'authorized user with read permissions' do
@@ -210,7 +226,7 @@ RSpec.describe API::ManagedLicenses do
         initial_name = initial_license.name
         initial_classification = initial_license.classification
         patch api("/projects/#{project.id}/managed_licenses/#{software_license_policy.id}", maintainer_user),
-          params: { approval_status: 'blacklisted' }
+          params: { approval_status: 'denied' }
 
         updated_software_license_policy = project.software_license_policies.reload.first
 
@@ -231,6 +247,26 @@ RSpec.describe API::ManagedLicenses do
         expect(initial_classification).not_to eq(updated_software_license_policy.classification)
       end
 
+      it 'updates managed license data with deprecated approval status' do
+        initial_license = project.software_license_policies.first
+        initial_id = initial_license.id
+        patch api("/projects/#{project.id}/managed_licenses/#{software_license_policy.id}", maintainer_user),
+              params: { approval_status: 'blacklisted' }
+
+        updated_software_license_policy = project.software_license_policies.reload.first
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response).to match_response_schema('software_license_policy', dir: 'ee')
+
+        # Check that response is equal to the updated object
+        expect(json_response['id']).to eq(initial_id)
+        expect(json_response['name']).to eq(updated_software_license_policy.name)
+        expect(json_response['approval_status']).to eq('blacklisted')
+
+        # Check that the approval status was updated
+        expect(updated_software_license_policy).to be_denied
+      end
+
       it 'responds with 404 Not Found if requesting non-existing managed license' do
         patch api("/projects/#{project.id}/managed_licenses/#{non_existing_record_id}", maintainer_user)