Commit f8aeff16 authored by Markus Koller's avatar Markus Koller

Merge branch 'issue_243790' into 'master'

Allow to apply group labels with service desk templates

See merge request gitlab-org/gitlab!46492
parents cc302aec 90b5b0df
...@@ -584,6 +584,10 @@ class Group < Namespace ...@@ -584,6 +584,10 @@ class Group < Namespace
ancestor_settings.allow_mfa_for_subgroups ancestor_settings.allow_mfa_for_subgroups
end end
def has_project_with_service_desk_enabled?
Gitlab::ServiceDesk.supported? && all_projects.service_desk_enabled.exists?
end
private private
def update_two_factor_requirement def update_two_factor_requirement
......
...@@ -59,6 +59,9 @@ class GroupPolicy < BasePolicy ...@@ -59,6 +59,9 @@ class GroupPolicy < BasePolicy
with_scope :subject with_scope :subject
condition(:resource_access_token_available) { resource_access_token_available? } condition(:resource_access_token_available) { resource_access_token_available? }
with_scope :subject
condition(:has_project_with_service_desk_enabled) { @subject.has_project_with_service_desk_enabled? }
rule { design_management_enabled }.policy do rule { design_management_enabled }.policy do
enable :read_design_activity enable :read_design_activity
end end
...@@ -194,6 +197,10 @@ class GroupPolicy < BasePolicy ...@@ -194,6 +197,10 @@ class GroupPolicy < BasePolicy
enable :admin_resource_access_tokens enable :admin_resource_access_tokens
end end
rule { support_bot & has_project_with_service_desk_enabled }.policy do
enable :read_label
end
def access_level def access_level
return GroupMember::NO_ACCESS if @user.nil? return GroupMember::NO_ACCESS if @user.nil?
return GroupMember::NO_ACCESS unless user_is_user? return GroupMember::NO_ACCESS unless user_is_user?
......
---
title: Allow to apply group labels with service desk templates
merge_request: 46492
author:
type: fixed
...@@ -11,13 +11,13 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do ...@@ -11,13 +11,13 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do
end end
let(:email_raw) { email_fixture('emails/service_desk.eml') } let(:email_raw) { email_fixture('emails/service_desk.eml') }
let_it_be(:namespace) { create(:namespace, name: "email") } let_it_be(:group) { create(:group, :private, name: "email") }
let(:expected_description) do let(:expected_description) do
"Service desk stuff!\n\n```\na = b\n```\n\n`/label ~label1`\n`/assign @user1`\n`/close`\n![image](uploads/image.png)" "Service desk stuff!\n\n```\na = b\n```\n\n`/label ~label1`\n`/assign @user1`\n`/close`\n![image](uploads/image.png)"
end end
context 'service desk is enabled for the project' do context 'service desk is enabled for the project' do
let_it_be(:project) { create(:project, :repository, :public, namespace: namespace, path: 'test', service_desk_enabled: true) } let_it_be(:project) { create(:project, :repository, :private, group: group, path: 'test', service_desk_enabled: true) }
before do before do
allow(Gitlab::ServiceDesk).to receive(:supported?).and_return(true) allow(Gitlab::ServiceDesk).to receive(:supported?).and_return(true)
...@@ -101,6 +101,18 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do ...@@ -101,6 +101,18 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do
expect(issue.milestone).to eq(milestone) expect(issue.milestone).to eq(milestone)
end end
it 'applies group labels using quick actions' do
group_label = create(:group_label, group: project.group, title: 'label2')
file_content = %(Text from template \n/label ~#{group_label.title}"")
set_template_file('with_group_labels', file_content)
receiver.execute
issue = Issue.last
expect(issue.description).to include('Text from template')
expect(issue.label_ids).to include(group_label.id)
end
it 'redacts quick actions present on user email body' do it 'redacts quick actions present on user email body' do
set_template_file('service_desk1', 'text from template') set_template_file('service_desk1', 'text from template')
...@@ -289,7 +301,8 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do ...@@ -289,7 +301,8 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do
end end
context 'service desk is disabled for the project' do context 'service desk is disabled for the project' do
let(:project) { create(:project, :public, namespace: namespace, path: 'test', service_desk_enabled: false) } let(:group) { create(:group)}
let(:project) { create(:project, :public, group: group, path: 'test', service_desk_enabled: false) }
it 'bounces the email' do it 'bounces the email' do
expect { receiver.execute }.to raise_error(Gitlab::Email::ProcessingError) expect { receiver.execute }.to raise_error(Gitlab::Email::ProcessingError)
......
...@@ -1663,4 +1663,47 @@ RSpec.describe Group do ...@@ -1663,4 +1663,47 @@ RSpec.describe Group do
end end
end end
end end
describe 'has_project_with_service_desk_enabled?' do
let_it_be(:group) { create(:group, :private) }
subject { group.has_project_with_service_desk_enabled? }
before do
allow(Gitlab::ServiceDesk).to receive(:supported?).and_return(true)
end
context 'when service desk is enabled' do
context 'for top level group' do
let_it_be(:project) { create(:project, group: group, service_desk_enabled: true) }
it { is_expected.to eq(true) }
context 'when service desk is not supported' do
before do
allow(Gitlab::ServiceDesk).to receive(:supported?).and_return(false)
end
it { is_expected.to eq(false) }
end
end
context 'for subgroup project' do
let_it_be(:subgroup) { create(:group, :private, parent: group)}
let_it_be(:project) { create(:project, group: subgroup, service_desk_enabled: true) }
it { is_expected.to eq(true) }
end
end
context 'when none of group child projects has service desk enabled' do
let_it_be(:project) { create(:project, group: group, service_desk_enabled: false) }
before do
project.update(service_desk_enabled: false)
end
it { is_expected.to eq(false) }
end
end
end end
...@@ -882,4 +882,23 @@ RSpec.describe GroupPolicy do ...@@ -882,4 +882,23 @@ RSpec.describe GroupPolicy do
end end
it_behaves_like 'Self-managed Core resource access tokens' it_behaves_like 'Self-managed Core resource access tokens'
context 'support bot' do
let_it_be(:group) { create(:group, :private) }
let_it_be(:current_user) { User.support_bot }
before do
allow(Gitlab::ServiceDesk).to receive(:supported?).and_return(true)
end
it { expect_disallowed(:read_label) }
context 'when group hierarchy has a project with service desk enabled' do
let_it_be(:subgroup) { create(:group, :private, parent: group)}
let_it_be(:project) { create(:project, group: subgroup, service_desk_enabled: true) }
it { expect_allowed(:read_label) }
it { expect(described_class.new(current_user, subgroup)).to be_allowed(:read_label) }
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment