Add latest changes from gitlab-org/gitlab@master

2022-03-15 00:07:30 +00:00 · 2022-03-15 00:07:30 +00:00 · 34e729c8b9
parent f91842906e
commit 34e729c8b9
11 changed files with 211 additions and 0 deletions
--- a/app/graphql/mutations/saved_replies/base.rb
+++ b/app/graphql/mutations/saved_replies/base.rb
@ -26,6 +26,14 @@ module Mutations
      def feature_enabled?
        Feature.enabled?(:saved_replies, current_user, default_enabled: :yaml)
      end
+
+      def find_object(id)
+        # TODO: remove this line when the compatibility layer is removed
+        # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
+        id = ::Types::GlobalIDType[::Users::SavedReply].coerce_isolated_input(id)
+
+        GitlabSchema.find_by_gid(id)
+      end
    end
  end
 end
--- a/app/graphql/mutations/saved_replies/update.rb
+++ b/app/graphql/mutations/saved_replies/update.rb
@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module Mutations
+  module SavedReplies
+    class Update < Base
+      graphql_name 'SavedReplyUpdate'
+
+      authorize :update_saved_replies
+
+      argument :id, Types::GlobalIDType[::Users::SavedReply],
+               required: true,
+               description: copy_field_description(Types::SavedReplyType, :id)
+
+      argument :name, GraphQL::Types::String,
+               required: true,
+               description: copy_field_description(Types::SavedReplyType, :name)
+
+      argument :content, GraphQL::Types::String,
+               required: true,
+               description: copy_field_description(Types::SavedReplyType, :content)
+
+      def resolve(id:, name:, content:)
+        raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless feature_enabled?
+
+        saved_reply = authorized_find!(id)
+        result = ::Users::SavedReplies::UpdateService.new(current_user: current_user, saved_reply: saved_reply, name: name, content: content).execute
+        present_result(result)
+      end
+    end
+  end
+end
--- a/app/graphql/types/mutation_type.rb
+++ b/app/graphql/types/mutation_type.rb
@ -130,6 +130,7 @@ module Types
    mount_mutation Mutations::WorkItems::Delete
    mount_mutation Mutations::WorkItems::Update
    mount_mutation Mutations::SavedReplies::Create
+    mount_mutation Mutations::SavedReplies::Update
  end
 end

--- a/app/policies/user_policy.rb
+++ b/app/policies/user_policy.rb
@ -24,6 +24,7 @@ class UserPolicy < BasePolicy
    enable :update_user
    enable :update_user_status
    enable :create_saved_replies
+    enable :update_saved_replies
    enable :read_user_personal_access_tokens
    enable :read_group_count
    enable :read_user_groups
--- a/app/services/users/saved_replies/update_service.rb
+++ b/app/services/users/saved_replies/update_service.rb
@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Users
+  module SavedReplies
+    class UpdateService
+      def initialize(current_user:, saved_reply:, name:, content:)
+        @current_user = current_user
+        @saved_reply = saved_reply
+        @name = name
+        @content = content
+      end
+
+      def execute
+        if saved_reply.update(name: name, content: content)
+          ServiceResponse.success(payload: { saved_reply: saved_reply.reset })
+        else
+          ServiceResponse.error(message: saved_reply.errors.full_messages)
+        end
+      end
+
+      private
+
+      attr_reader :current_user, :saved_reply, :name, :content
+    end
+  end
+end
--- a/data/deprecations/14-9-deprecate-permissions-change-package-settings.yml
+++ b/data/deprecations/14-9-deprecate-permissions-change-package-settings.yml
@ -0,0 +1,16 @@
+- name: "GraphQL permissions change for Package settings"
+  announcement_milestone: "14.9"
+  announcement_date: "2022-03-22"
+  removal_milestone: "15.0"
+  removal_date: "2022-05-22"
+  breaking_change: true
+  reporter: trizzi
+  body: |  # Do not modify this line, instead modify the lines below.
+    The GitLab Package stage offers a Package Registry, Container Registry, and Dependency Proxy to help you manage all of your dependencies using GitLab. Each of these product categories has a variety of settings that can be adjusted using the API.
+
+    The permissions model for GraphQL is being updated. After 15.0, users with the Guest, Reporter, and Developer role can no longer update these settings:
+
+    - [Package Registry settings](https://docs.gitlab.com/ee/api/graphql/reference/#packagesettings)
+    - [Container Registry cleanup policy](https://docs.gitlab.com/ee/api/graphql/reference/#containerexpirationpolicy)
+    - [Dependency Proxy time-to-live policy](https://docs.gitlab.com/ee/api/graphql/reference/#dependencyproxyimagettlgrouppolicy)
+    - [Enabling the Dependency Proxy for your group](https://docs.gitlab.com/ee/api/graphql/reference/#dependencyproxysetting)
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@ -4263,6 +4263,27 @@ Input type: `SavedReplyCreateInput`
 | <a id="mutationsavedreplycreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. |
 | <a id="mutationsavedreplycreatesavedreply"></a>`savedReply` | [`SavedReply`](#savedreply) | Updated saved reply. |

+### `Mutation.savedReplyUpdate`
+
+Input type: `SavedReplyUpdateInput`
+
+#### Arguments
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="mutationsavedreplyupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
+| <a id="mutationsavedreplyupdatecontent"></a>`content` | [`String!`](#string) | Content of the saved reply. |
+| <a id="mutationsavedreplyupdateid"></a>`id` | [`UsersSavedReplyID!`](#userssavedreplyid) | Global ID of the saved reply. |
+| <a id="mutationsavedreplyupdatename"></a>`name` | [`String!`](#string) | Name of the saved reply. |
+
+#### Fields
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="mutationsavedreplyupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
+| <a id="mutationsavedreplyupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. |
+| <a id="mutationsavedreplyupdatesavedreply"></a>`savedReply` | [`SavedReply`](#savedreply) | Updated saved reply. |
+
 ### `Mutation.scanExecutionPolicyCommit`

 Commits the `policy_yaml` content to the assigned security policy project for the given project(`project_path`).
--- a/doc/update/deprecations.md
+++ b/doc/update/deprecations.md
@ -50,6 +50,25 @@ GitLab self-monitoring gives administrators of self-hosted GitLab instances the

 **Planned removal milestone: 15.0 (2022-05-22)**

+### GraphQL permissions change for Package settings
+
+WARNING:
+This feature will be changed or removed in 15.0
+as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
+Before updating GitLab, review the details carefully to determine if you need to make any
+changes to your code, settings, or workflow.
+
+The GitLab Package stage offers a Package Registry, Container Registry, and Dependency Proxy to help you manage all of your dependencies using GitLab. Each of these product categories has a variety of settings that can be adjusted using the API.
+
+The permissions model for GraphQL is being updated. After 15.0, users with the Guest, Reporter, and Developer role can no longer update these settings:
+
+- [Package Registry settings](https://docs.gitlab.com/ee/api/graphql/reference/#packagesettings)
+- [Container Registry cleanup policy](https://docs.gitlab.com/ee/api/graphql/reference/#containerexpirationpolicy)
+- [Dependency Proxy time-to-live policy](https://docs.gitlab.com/ee/api/graphql/reference/#dependencyproxyimagettlgrouppolicy)
+- [Enabling the Dependency Proxy for your group](https://docs.gitlab.com/ee/api/graphql/reference/#dependencyproxysetting)
+
+**Planned removal milestone: 15.0 (2022-05-22)**
+
 ### Move `custom_hooks_dir` setting from GitLab Shell to Gitaly

 The [`custom_hooks_dir`](https://docs.gitlab.com/ee/administration/server_hooks.html#create-a-global-server-hook-for-all-repositories) setting is now configured in Gitaly, and will be removed from GitLab Shell in GitLab 15.0.
--- a/qa/qa/page/project/pipeline_editor/show.rb
+++ b/qa/qa/page/project/pipeline_editor/show.rb
@ -77,6 +77,7 @@ module QA
          end

          def submit_changes
+            Support::Waiter.wait_until { !find_element(:commit_changes_button).disabled? }
            click_element(:commit_changes_button)

            wait_for_requests
--- a/spec/graphql/mutations/saved_replies/update_spec.rb
+++ b/spec/graphql/mutations/saved_replies/update_spec.rb
@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Mutations::SavedReplies::Update do
+  let_it_be(:current_user) { create(:user) }
+  let_it_be(:saved_reply) { create(:saved_reply, user: current_user) }
+
+  let(:mutation) { described_class.new(object: nil, context: { current_user: current_user }, field: nil) }
+
+  let(:mutation_arguments) { { name: 'save_reply_name', content: 'Save Reply Content' } }
+
+  describe '#resolve' do
+    subject(:resolve) do
+      mutation.resolve(id: saved_reply.to_global_id, **mutation_arguments)
+    end
+
+    context 'when feature is disabled' do
+      before do
+        stub_feature_flags(saved_replies: false)
+      end
+
+      it 'raises Gitlab::Graphql::Errors::ResourceNotAvailable' do
+        expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled')
+      end
+    end
+
+    context 'when feature is enabled for current user' do
+      before do
+        stub_feature_flags(saved_replies: current_user)
+      end
+
+      context 'when service fails to update a new saved reply' do
+        let(:mutation_arguments) { { name: '', content: '' } }
+
+        it { expect(subject[:saved_reply]).to be_nil }
+        it { expect(subject[:errors]).to match_array(["Content can't be blank", "Name can't be blank", "Name can contain only lowercase letters, digits, '_' and '-'. Must start with a letter, and cannot end with '-' or '_'"]) }
+      end
+
+      context 'when service successfully updates the saved reply' do
+        it { expect(subject[:saved_reply].name).to eq(mutation_arguments[:name]) }
+        it { expect(subject[:saved_reply].content).to eq(mutation_arguments[:content]) }
+        it { expect(subject[:errors]).to be_empty }
+      end
+    end
+  end
+end
--- a/spec/services/users/saved_replies/update_service_spec.rb
+++ b/spec/services/users/saved_replies/update_service_spec.rb
@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Users::SavedReplies::UpdateService do
+  describe '#execute' do
+    let_it_be(:current_user) { create(:user) }
+    let_it_be(:saved_reply) { create(:saved_reply, user: current_user) }
+    let_it_be(:other_saved_reply) { create(:saved_reply, user: current_user) }
+    let_it_be(:saved_reply_from_other_user) { create(:saved_reply) }
+
+    subject { described_class.new(current_user: current_user, saved_reply: saved_reply, name: name, content: content).execute }
+
+    context 'when update fails' do
+      let(:name) { other_saved_reply.name }
+      let(:content) { '' }
+
+      it { is_expected.not_to be_success }
+
+      it 'returns error messages' do
+        expect(subject.errors).to match_array(["Content can't be blank", "Name has already been taken"])
+      end
+    end
+
+    context 'when update succeeds' do
+      let(:name) { saved_reply_from_other_user.name }
+      let(:content) { 'New content for Saved Reply' }
+
+      it { is_expected.to be_success }
+
+      it 'updates new Saved Reply in database' do
+        expect { subject }.not_to change(::Users::SavedReply, :count)
+      end
+
+      it 'returns saved reply' do
+        expect(subject[:saved_reply]).to eq(saved_reply)
+      end
+    end
+  end
+end