Merge branch '41416-making-instance-wide-data-tools-more-accessible' into 'master'

Resolve "Making instance-wide data tools more accessible" Closes #41416 and #48507 See merge request gitlab-org/gitlab-ce!20874

Merge branch '41416-making-instance-wide-data-tools-more-accessible' into 'master'
Resolve "Making instance-wide data tools more accessible" Closes #41416 and #48507 See merge request gitlab-org/gitlab-ce!20874
ea6fc714 · Filipa Lacerda · 47244ad5 · 29dd1c14 · ea6fc714 · ea6fc714
Commit ea6fc714 authored Aug 01, 2018 by Filipa Lacerda
38 changed files
--- a/app/controllers/instance_statistics/application_controller.rb
+++ b/app/controllers/instance_statistics/application_controller.rb
+# frozen_string_literal: true
+
+class InstanceStatistics::ApplicationController < ApplicationController
+  before_action :authorize_read_instance_statistics!
+  layout 'instance_statistics'
+
+  def authorize_read_instance_statistics!
+    render_404 unless can?(current_user, :read_instance_statistics)
+  end
+end
--- a/app/controllers/admin/cohorts_controller.rb
+++ b/app/controllers/admin/cohorts_controller.rb
-class Admin::CohortsController < Admin::ApplicationController
+# frozen_string_literal: true
+
+class InstanceStatistics::CohortsController < InstanceStatistics::ApplicationController
  def index
    if Gitlab::CurrentSettings.usage_ping_enabled
      cohorts_results = Rails.cache.fetch('cohorts', expires_in: 1.day) do

--- a/app/controllers/admin/conversational_development_index_controller.rb
+++ b/app/controllers/admin/conversational_development_index_controller.rb
-class Admin::ConversationalDevelopmentIndexController < Admin::ApplicationController
-  def show
+# frozen_string_literal: true
+
+class InstanceStatistics::ConversationalDevelopmentIndexController < InstanceStatistics::ApplicationController
+  def index
    @metric = ConversationalDevelopmentIndex::Metric.order(:created_at).last&.present
  end
 end
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -252,6 +252,7 @@ module ApplicationSettingsHelper
      :unique_ips_limit_per_user,
      :unique_ips_limit_time_window,
      :usage_ping_enabled,
+      :instance_statistics_visibility_private,
      :user_default_external,
      :user_oauth_applications,
      :version_check_enabled

--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -295,6 +295,7 @@ class ApplicationSetting < ActiveRecord::Base
      unique_ips_limit_per_user: 10,
      unique_ips_limit_time_window: 3600,
      usage_ping_enabled: Settings.gitlab['usage_ping_enabled'],
+      instance_statistics_visibility_private: false,
      user_default_external: false
    }
  end

--- a/app/policies/global_policy.rb
+++ b/app/policies/global_policy.rb
@@ -19,6 +19,11 @@ class GlobalPolicy < BasePolicy
    @user&.required_terms_not_accepted?
  end

+  condition(:private_instance_statistics, score: 0) { Gitlab::CurrentSettings.instance_statistics_visibility_private? }
+
+  rule { admin | (~private_instance_statistics & ~anonymous) }
+    .enable :read_instance_statistics
+
  rule { anonymous }.policy do
    prevent :log_in
    prevent :receive_notifications

--- a/app/views/admin/application_settings/_usage.html.haml
+++ b/app/views/admin/application_settings/_usage.html.haml
@@ -23,13 +23,16 @@
            periodically collect usage information.
            = link_to 'Learn more', help_page_path("user/admin_area/settings/usage_statistics", anchor: "usage-ping")
            about what information is shared with GitLab Inc. Visit
-            = link_to 'Cohorts', admin_cohorts_path(anchor: 'usage-ping')
+            = link_to _('Cohorts'), instance_statistics_cohorts_path(anchor: 'usage-ping')
            to see the JSON payload sent.
          - else
            The usage ping is disabled, and cannot be configured through this
            form. For more information, see the documentation on
            = succeed '.' do
              = link_to 'deactivating the usage ping', help_page_path('user/admin_area/settings/usage_statistics', anchor: 'deactivate-the-usage-ping')
+    .form-group
+      = f.label :instance_statistics_visibility_private, _('Instance Statistics visibility')
+      = f.select :instance_statistics_visibility_private, options_for_select({_('All users') => false, _('Only admins') => true}, Gitlab::CurrentSettings.instance_statistics_visibility_private?), {}, class: 'form-control'

  = f.submit 'Save changes', class: "btn btn-success"

--- a/app/views/admin/cohorts/_cohorts_table.html.haml
+++ b/app/views/admin/cohorts/_cohorts_table.html.haml
--- a/app/views/admin/cohorts/_usage_ping.html.haml
+++ b/app/views/admin/cohorts/_usage_ping.html.haml
--- a/app/views/admin/cohorts/index.html.haml
+++ b/app/views/admin/cohorts/index.html.haml
--- a/app/views/admin/conversational_development_index/_callout.html.haml
+++ b/app/views/admin/conversational_development_index/_callout.html.haml
--- a/app/views/admin/conversational_development_index/_card.html.haml
+++ b/app/views/admin/conversational_development_index/_card.html.haml
--- a/app/views/admin/conversational_development_index/_disabled.html.haml
+++ b/app/views/admin/conversational_development_index/_disabled.html.haml
--- a/app/views/admin/conversational_development_index/_no_data.html.haml
+++ b/app/views/admin/conversational_development_index/_no_data.html.haml
--- a/app/views/admin/conversational_development_index/show.html.haml
+++ b/app/views/admin/conversational_development_index/show.html.haml
--- a/app/views/layouts/instance_statistics.html.haml
+++ b/app/views/layouts/instance_statistics.html.haml
+- page_title _('Instance Statistics')
+- header_title _('Instance Statistics'), instance_statistics_root_path
+- nav 'instance_statistics'
+- @left_sidebar = true
+
+= render template: 'layouts/application'
--- a/app/views/layouts/nav/_dashboard.html.haml
+++ b/app/views/layouts/nav/_dashboard.html.haml
@@ -64,11 +64,15 @@
        = link_to '#', class: 'dashboard-shortcuts-web-ide', title: _('Web IDE') do
          = _('Web IDE')

-  - if current_user.admin? || Gitlab::Sherlock.enabled?
+  - if Gitlab::Sherlock.enabled? || can?(current_user, :read_instance_statistics)
    %li.line-separator.d-none.d-sm-block
+  - if can?(current_user, :read_instance_statistics)
+    = nav_link(controller: [:conversational_development_index, :cohorts]) do
+      = link_to instance_statistics_root_path, title: _('Instance Statistics'), aria: { label: _('Instance Statistics') }, data: {toggle: 'tooltip', placement: 'bottom', container: 'body'} do
+        = sprite_icon('chart', size: 18)
  - if current_user.admin?
    = nav_link(controller: 'admin/dashboard') do
-      = link_to admin_root_path, class: 'admin-icon qa-admin-area-link', title: _('Admin area'), aria: { label: _("Admin area") }, data: {toggle: 'tooltip', placement: 'bottom', container: 'body'} do
+      = link_to admin_root_path, class: 'admin-icon qa-admin-area-link', title: _('Admin area'), aria: { label: _('Admin area') }, data: {toggle: 'tooltip', placement: 'bottom', container: 'body'} do
        = sprite_icon('admin', size: 18)
  - if Gitlab::Sherlock.enabled?
    %li

--- a/app/views/layouts/nav/sidebar/_admin.html.haml
+++ b/app/views/layouts/nav/sidebar/_admin.html.haml
@@ -7,14 +7,14 @@
        .sidebar-context-title
          = _('Admin Area')
    %ul.sidebar-top-level-items
-      = nav_link(controller: %w(dashboard admin projects users groups jobs runners gitaly_servers cohorts conversational_development_index), html_options: {class: 'home'}) do
+      = nav_link(controller: %w(dashboard admin projects users groups jobs runners gitaly_servers), html_options: {class: 'home'}) do
        = link_to admin_root_path, class: 'shortcuts-tree' do
          .nav-icon-container
            = sprite_icon('overview')
          %span.nav-item-name
            = _('Overview')
        %ul.sidebar-sub-level-items
-          = nav_link(controller: %w(dashboard admin projects users groups jobs runners gitaly_servers cohorts conversational_development_index), html_options: { class: "fly-out-top-item" } ) do
+          = nav_link(controller: %w(dashboard admin projects users groups jobs runners gitaly_servers), html_options: { class: "fly-out-top-item" } ) do
            = link_to admin_root_path do
              %strong.fly-out-top-item-name
                = _('Overview')
@@ -47,14 +47,6 @@
            = link_to admin_gitaly_servers_path, title: 'Gitaly Servers' do
              %span
                = _('Gitaly Servers')
-          = nav_link path: 'cohorts#index' do
-            = link_to admin_cohorts_path, title: _('Cohorts') do
-              %span
-                = _('Cohorts')
-          = nav_link(controller: :conversational_development_index) do
-            = link_to admin_conversational_development_index_path, title: _('ConvDev Index') do
-              %span
-                = _('ConvDev Index')

      = nav_link(controller: %w(system_info background_jobs logs health_check requests_profiles)) do
        = link_to admin_system_info_path do

--- a/app/views/layouts/nav/sidebar/_instance_statistics.html.haml
+++ b/app/views/layouts/nav/sidebar/_instance_statistics.html.haml
+.nav-sidebar{ class: ("sidebar-collapsed-desktop" if collapsed_sidebar?) }
+  .nav-sidebar-inner-scroll
+    .context-header
+      = link_to instance_statistics_root_path, title: _('Instance Statistics') do
+        .avatar-container.s40.settings-avatar
+          = sprite_icon('chart', size: 24)
+        .sidebar-context-title= _('Instance Statistics')
+    %ul.sidebar-top-level-items
+      = nav_link(controller: :conversational_development_index) do
+        = link_to instance_statistics_conversational_development_index_index_path do
+          .nav-icon-container
+            = sprite_icon('comment')
+          %span.nav-item-name
+            = _('ConvDev Index')
+        %ul.sidebar-sub-level-items.is-fly-out-only
+          = nav_link(controller: :conversational_development_index, html_options: { class: "fly-out-top-item" } ) do
+            = link_to instance_statistics_conversational_development_index_index_path do
+              %strong.fly-out-top-item-name
+                = _('ConvDev Index')
+
+      = nav_link(controller: :cohorts) do
+        = link_to instance_statistics_cohorts_path do
+          .nav-icon-container
+            = sprite_icon('users')
+          %span.nav-item-name
+            = _('Cohorts')
+        %ul.sidebar-sub-level-items.is-fly-out-only
+          = nav_link(controller: :cohorts, html_options: { class: "fly-out-top-item" } ) do
+            = link_to instance_statistics_cohorts_path do
+              %strong.fly-out-top-item-name
+                = _('Cohorts')
+
+    = render 'shared/sidebar_toggle_button'
--- a/changelogs/unreleased/41416-making-instance-wide-data-tools-more-accessible.yml
+++ b/changelogs/unreleased/41416-making-instance-wide-data-tools-more-accessible.yml
+---
+title: Allow non-admins to view instance statistics (if permitted by the instance admins)
+merge_request: 20874
+author:
+type: changed
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -71,6 +71,8 @@ Rails.application.routes.draw do

    get 'ide' => 'ide#index'
    get 'ide/*vueroute' => 'ide#index', format: false
+
+    draw :instance_statistics
  end

  # Koding route

--- a/config/routes/admin.rb
+++ b/config/routes/admin.rb
@@ -76,8 +76,6 @@ namespace :admin do
  resource :system_info, controller: 'system_info', only: [:show]
  resources :requests_profiles, only: [:index, :show], param: :name, constraints: { name: /.+\.html/ }

-  get 'conversational_development_index' => 'conversational_development_index#show'
-
  resources :projects, only: [:index]

  scope(path: 'projects/*namespace_id',
@@ -123,8 +121,6 @@ namespace :admin do
    end
  end

-  resources :cohorts, only: :index
-
  resources :jobs, only: :index do
    collection do
      post :cancel_all

--- a/config/routes/instance_statistics.rb
+++ b/config/routes/instance_statistics.rb
+# frozen_string_literal: true
+
+namespace :instance_statistics do
+  root to: redirect('/-/instance_statistics/conversational_development_index')
+
+  resources :cohorts, only: :index
+  resources :conversational_development_index, only: :index
+end
--- a/db/migrate/20180718005113_add_instance_statistics_visibility_to_application_setting.rb
+++ b/db/migrate/20180718005113_add_instance_statistics_visibility_to_application_setting.rb
+# frozen_string_literal: true
+
+class AddInstanceStatisticsVisibilityToApplicationSetting < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_column_with_default(:application_settings, :instance_statistics_visibility_private,
+                            :boolean,
+                            default: false,
+                            allow_null: false)
+  end
+
+  def down
+    remove_column(:application_settings, :instance_statistics_visibility_private)
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -168,6 +168,7 @@ ActiveRecord::Schema.define(version: 20180726172057) do
    t.boolean "enforce_terms", default: false
    t.boolean "mirror_available", default: true, null: false
    t.boolean "hide_third_party_offers", default: false, null: false
+    t.boolean "instance_statistics_visibility_private", default: false, null: false
  end

  create_table "audit_events", force: :cascade do |t|

--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -55,7 +55,8 @@ Example response:
   "ed25519_key_restriction": 0,
   "enforce_terms": true,
   "terms": "Hello world!",
-   "performance_bar_allowed_group_id": 42
+   "performance_bar_allowed_group_id": 42,
+   "instance_statistics_visibility_private": false
 }
 ```

@@ -159,6 +160,7 @@ PUT /application/settings
 | `version_check_enabled`                  | boolean          | no                                            | Let GitLab inform you when an update is available.                                                                                                                                                                                                                                                                                                                                                                                                        |
 | `enforce_terms`                          | boolean          | no                                            | Enforce application ToS to all users                                                                                                                                                                                                                                                                                                                                                                                                         |
 | `terms`                                  | text             | yes (if `enforce_terms` is true)              | Markdown content for the ToS                                                                                                                                                                                                                                                                                                                                                                                                                 |
+| `instance_statistics_visibility_private` | boolean          | no                                            | When set to `true` Instance statistics will only be available to admins                                                                                                                                                                                                                                                                                                                                                                      |

 ```bash
 curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/application/settings?signup_enabled=false&default_project_visibility=internal
@@ -203,6 +205,7 @@ Example response:
  "ed25519_key_restriction": 0,
  "enforce_terms": true,
  "terms": "Hello world!",
-  "performance_bar_allowed_group_id": 42
+  "performance_bar_allowed_group_id": 42,
+  "instance_statistics_visibility_private": false
 }
 ```
--- a/lib/api/settings.rb
+++ b/lib/api/settings.rb
@@ -127,9 +127,7 @@ module API
      optional :signup_enabled, type: Boolean, desc: 'Flag indicating if sign up is enabled'
      optional :terminal_max_session_time, type: Integer, desc: 'Maximum time for web terminal websocket connection (in seconds). Set to 0 for unlimited time.'
      optional :usage_ping_enabled, type: Boolean, desc: 'Every week GitLab will report license usage back to GitLab, Inc.'
-      optional :user_default_external, type: Boolean, desc: 'Newly registered users will by default be external'
-      optional :user_oauth_applications, type: Boolean, desc: 'Allow users to register any application to use GitLab as an OAuth provider'
-      optional :version_check_enabled, type: Boolean, desc: 'Let GitLab inform you when an update is available.'
+      optional :instance_statistics_visibility_private, type: Boolean, desc: 'When set to `true` Instance statistics will only be available to admins'

      ApplicationSetting::SUPPORTED_KEY_TYPES.each do |type|
        optional :"#{type}_key_restriction",

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -396,6 +396,9 @@ msgstr ""
 msgid "All features are enabled for blank projects, from templates, or when importing, but you can disable them afterward in the project settings."
 msgstr ""

+msgid "All users"
+msgstr ""
+
 msgid "Allow commits from members who can merge to the target branch."
 msgstr ""

@@ -2991,6 +2994,12 @@ msgstr ""
 msgid "Install Runner on Kubernetes"
 msgstr ""

+msgid "Instance Statistics"
+msgstr ""
+
+msgid "Instance Statistics visibility"
+msgstr ""
+
 msgid "Instance does not support multiple Kubernetes clusters"
 msgstr ""

@@ -3712,6 +3721,9 @@ msgstr ""
 msgid "Online IDE integration settings."
 msgstr ""

+msgid "Only admins"
+msgstr ""
+
 msgid "Only comments from the following commit are shown below"
 msgstr ""


--- a/spec/controllers/instance_statistics/cohorts_controller_spec.rb
+++ b/spec/controllers/instance_statistics/cohorts_controller_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe InstanceStatistics::CohortsController do
+  it_behaves_like 'instance statistics availability'
+end
--- a/spec/controllers/instance_statistics/conversational_development_index_controller_spec.rb
+++ b/spec/controllers/instance_statistics/conversational_development_index_controller_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe InstanceStatistics::ConversationalDevelopmentIndexController do
+  it_behaves_like 'instance statistics availability'
+end
--- a/spec/features/dashboard/active_tab_spec.rb
+++ b/spec/features/dashboard/active_tab_spec.rb
@@ -7,32 +7,38 @@ RSpec.describe 'Dashboard Active Tab', :js do

  shared_examples 'page has active tab' do |title|
    it "#{title} tab" do
+      subject
+
      expect(page).to have_selector('.navbar-sub-nav li.active', count: 1)
      expect(find('.navbar-sub-nav li.active')).to have_content(title)
    end
  end

  context 'on dashboard projects' do
-    before do
-      visit dashboard_projects_path
+    it_behaves_like 'page has active tab', 'Projects' do
+      subject { visit dashboard_projects_path }
    end
-
-    it_behaves_like 'page has active tab', 'Projects'
  end

  context 'on dashboard groups' do
-    before do
-      visit dashboard_groups_path
+    it_behaves_like 'page has active tab', 'Groups' do
+      subject { visit dashboard_groups_path }
    end
-
-    it_behaves_like 'page has active tab', 'Groups'
  end

  context 'on activity projects' do
-    before do
-      visit activity_dashboard_path
+    it_behaves_like 'page has active tab', 'Activity' do
+      subject { visit activity_dashboard_path }
    end
+  end

-    it_behaves_like 'page has active tab', 'Activity'
+  context 'on instance statistics' do
+    subject { visit instance_statistics_root_path }
+
+    it 'shows Instance Statistics` as active' do
+      subject
+
+      expect(find('.navbar-sub-nav li.active')).to have_link('Instance Statistics')
+    end
  end
 end
--- a/spec/features/dashboard/instance_statistics_spec.rb
+++ b/spec/features/dashboard/instance_statistics_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'Showing instance statistics' do
+  before do
+    sign_in user if user
+  end
+
+  # Using a path that is publicly accessible
+  subject { visit explore_projects_path }
+
+  context 'for unauthenticated users' do
+    let(:user) { nil }
+
+    it 'does not show the instance statistics link' do
+      subject
+
+      expect(page).not_to have_link('Instance Statistics')
+    end
+  end
+
+  context 'for regular users' do
+    let(:user) { create(:user) }
+
+    context 'when instance statistics are publicly available' do
+      before do
+        stub_application_setting(instance_statistics_visibility_private: false)
+      end
+
+      it 'shows the instance statistics link' do
+        subject
+
+        expect(page).to have_link('Instance Statistics')
+      end
+    end
+
+    context 'when instance statistics are not publicly available' do
+      before do
+        stub_application_setting(instance_statistics_visibility_private: true)
+      end
+
+      it 'shows the instance statistics link' do
+        subject
+
+        expect(page).not_to have_link('Instance Statistics')
+      end
+    end
+  end
+
+  context 'for admins' do
+    let(:user) { create(:admin) }
+
+    it 'shows the instance statistics link' do
+      subject
+
+      expect(page).to have_link('Instance Statistics')
+    end
+  end
+end
--- a/spec/features/admin/admin_cohorts_spec.rb
+++ b/spec/features/admin/admin_cohorts_spec.rb
 require 'rails_helper'

-describe 'Admin cohorts page' do
+describe 'Cohorts page' do
  before do
    sign_in(create(:admin))
  end
@@ -8,7 +8,7 @@ describe 'Admin cohorts page' do
  it 'See users count per month' do
    2.times { create(:user) }

-    visit admin_cohorts_path
+    visit instance_statistics_cohorts_path

    expect(page).to have_content("#{Time.now.strftime('%b %Y')} 3 0")
  end

--- a/spec/features/admin/admin_conversational_development_index_spec.rb
+++ b/spec/features/admin/admin_conversational_development_index_spec.rb
 require 'spec_helper'

-describe 'Admin Conversational Development Index' do
+describe 'Conversational Development Index' do
  before do
    sign_in(create(:admin))
  end
@@ -9,7 +9,7 @@ describe 'Admin Conversational Development Index' do
    it 'shows empty state' do
      stub_application_setting(usage_ping_enabled: false)

-      visit admin_conversational_development_index_path
+      visit instance_statistics_conversational_development_index_index_path

      expect(page).to have_content('Usage ping is not enabled')
    end
@@ -19,7 +19,7 @@ describe 'Admin Conversational Development Index' do
    it 'shows empty state' do
      stub_application_setting(usage_ping_enabled: true)

-      visit admin_conversational_development_index_path
+      visit instance_statistics_conversational_development_index_index_path

      expect(page).to have_content('Data is still calculating')
    end
@@ -30,7 +30,7 @@ describe 'Admin Conversational Development Index' do
      stub_application_setting(usage_ping_enabled: true)
      create(:conversational_development_index_metric)

-      visit admin_conversational_development_index_path
+      visit instance_statistics_conversational_development_index_index_path

      expect(page).to have_content(
        'Issues created per active user 1.2 You 9.3 Lead 13.3%'

--- a/spec/policies/global_policy_spec.rb
+++ b/spec/policies/global_policy_spec.rb
@@ -180,4 +180,38 @@ describe GlobalPolicy do
      end
    end
  end
+
+  describe 'read instance statistics' do
+    context 'regular user' do
+      it { is_expected.to be_allowed(:read_instance_statistics) }
+
+      context 'when instance statistics are set to private' do
+        before do
+          stub_application_setting(instance_statistics_visibility_private: true)
+        end
+
+        it { is_expected.not_to be_allowed(:read_instance_statistics) }
+      end
+    end
+
+    context 'admin' do
+      let(:current_user) { create(:admin) }
+
+      it { is_expected.to be_allowed(:read_instance_statistics) }
+
+      context 'when instance statistics are set to private' do
+        before do
+          stub_application_setting(instance_statistics_visibility_private: true)
+        end
+
+        it { is_expected.to be_allowed(:read_instance_statistics) }
+      end
+    end
+
+    context 'anonymous' do
+      let(:current_user) { nil }
+
+      it { is_expected.not_to be_allowed(:read_instance_statistics) }
+    end
+  end
 end
--- a/spec/requests/api/settings_spec.rb
+++ b/spec/requests/api/settings_spec.rb
@@ -25,6 +25,7 @@ describe API::Settings, 'Settings' do
      expect(json_response['ed25519_key_restriction']).to eq(0)
      expect(json_response['circuitbreaker_failure_count_threshold']).not_to be_nil
      expect(json_response['performance_bar_allowed_group_id']).to be_nil
+      expect(json_response['instance_statistics_visibility_private']).to be(false)
      expect(json_response).not_to have_key('performance_bar_allowed_group_path')
      expect(json_response).not_to have_key('performance_bar_enabled')
    end
@@ -64,7 +65,8 @@ describe API::Settings, 'Settings' do
          circuitbreaker_check_interval: 2,
          enforce_terms: true,
          terms: 'Hello world!',
-          performance_bar_allowed_group_path: group.full_path
+          performance_bar_allowed_group_path: group.full_path,
+          instance_statistics_visibility_private: true

        expect(response).to have_gitlab_http_status(200)
        expect(json_response['default_projects_limit']).to eq(3)
@@ -89,6 +91,7 @@ describe API::Settings, 'Settings' do
        expect(json_response['enforce_terms']).to be(true)
        expect(json_response['terms']).to eq('Hello world!')
        expect(json_response['performance_bar_allowed_group_id']).to eq(group.id)
+        expect(json_response['instance_statistics_visibility_private']).to be(true)
      end
    end


--- a/spec/routing/instance_statistics_routing_spec.rb
+++ b/spec/routing/instance_statistics_routing_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'Instance Statistics', 'routing' do
+  include RSpec::Rails::RequestExampleGroup
+
+  it "routes '/-/instance_statistics' to conversational development index" do
+    expect(get('/-/instance_statistics')).to redirect_to('/-/instance_statistics/conversational_development_index')
+  end
+end
--- a/spec/support/shared_examples/instance_statistics_controllers_shared_examples.rb
+++ b/spec/support/shared_examples/instance_statistics_controllers_shared_examples.rb
+# frozen_string_literal: true
+
+shared_examples 'instance statistics availability' do
+  let(:user) { create(:user) }
+
+  before do
+    sign_in(user)
+  end
+
+  describe 'GET #index' do
+    it 'is available when the feature is available publicly' do
+      get :index
+
+      expect(response).to have_gitlab_http_status(:success)
+    end
+
+    it 'renders a 404 when the feature is not available publicly' do
+      stub_application_setting(instance_statistics_visibility_private: true)
+
+      get :index
+
+      expect(response).to have_gitlab_http_status(:not_found)
+    end
+
+    context 'for admins' do
+      let(:user) { create(:admin) }
+
+      it 'allows access when the feature is not available publicly' do
+        stub_application_setting(instance_statistics_visibility_private: true)
+
+        get :index
+
+        expect(response).to have_gitlab_http_status(:success)
+      end
+    end
+  end
+end