Error tracking client keys api

18524842 · Dmitriy Zaporozhets (DZ) · Etienne Baqué · b40f172e · 18524842 · 18524842
Commit 18524842 authored Aug 19, 2021 by Dmitriy Zaporozhets (DZ) Committed by Etienne Baqué Aug 19, 2021
7 changed files
--- a/app/models/error_tracking/client_key.rb
+++ b/app/models/error_tracking/client_key.rb
@@ -17,6 +17,6 @@ class ErrorTracking::ClientKey < ApplicationRecord
  private
  def generate_key
-    self.public_key = "glet_#{SecureRandom.hex}"
+    self.public_key ||= "glet_#{SecureRandom.hex}"
  end
 end
--- a/doc/api/error_tracking.md
+++ b/doc/api/error_tracking.md
@@ -68,3 +68,84 @@ Example response:
  "integrated": false
 }
 ```
+## Error Tracking client keys
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68384) in GitLab 14.3.
+For [integrated error tracking](https://gitlab.com/gitlab-org/gitlab/-/issues/329596) feature that is behind a disabled feature flag. Only for project maintainers.
+### List project client keys
+```plaintext
+GET /projects/:id/error_tracking/client_keys
+```
+| Attribute | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. |
+```shell
+curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/error_tracking/client_keys"
+```
+Example response:
+```json
+[
+  {
+    "id": 1,
+    "active": true,
+    "public_key": "glet_aa77551d849c083f76d0bc545ed053a3"
+  },
+  {
+    "id": 3,
+    "active": true,
+    "public_key": "glet_0ff98b1d849c083f76d0bc545ed053a3"
+  }
+]
+```
+### Create a client key
+Creates a new client key for a project. The public key attribute is generated automatically.
+```plaintext
+POST /projects/:id/error_tracking/client_keys
+```
+| Attribute  | Type | Required | Description |
+| ---------  | ---- | -------- | ----------- |
+| `id`       | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. |
+```shell
+curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" --header "Content-Type: application/json" \
+     "https://gitlab.example.com/api/v4/projects/5/error_tracking/client_keys"
+```
+Example response:
+```json
+{
+  "id": 3,
+  "active": true,
+  "public_key": "glet_0ff98b1d849c083f76d0bc545ed053a3"
+}
+```
+### Delete a client key
+Removes a client key from the project.
+```plaintext
+DELETE /projects/:id/error_tracking/client_keys/:key_id
+```
+| Attribute | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `id`      | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. |
+| `key_id`  | integer | yes | The ID of the client key. |
+```shell
+curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/error_tracking/client_keys/13"
+```
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -171,6 +171,7 @@ module API
      mount ::API::Deployments
      mount ::API::Environments
      mount ::API::ErrorTracking
+      mount ::API::ErrorTrackingClientKeys
      mount ::API::ErrorTrackingCollector
      mount ::API::Events
      mount ::API::FeatureFlags

--- a/lib/api/entities/error_tracking.rb
+++ b/lib/api/entities/error_tracking.rb
@@ -10,6 +10,12 @@ module API
        expose :api_url
        expose :integrated
      end
+      class ClientKey < Grape::Entity
+        expose :id
+        expose :active
+        expose :public_key
+      end
    end
  end
 end
--- a/lib/api/error_tracking.rb
+++ b/lib/api/error_tracking.rb
@@ -6,24 +6,30 @@ module API
    feature_category :error_tracking
+    helpers do
+      def project_setting
+        @project_setting ||= user_project.error_tracking_setting
+      end
+    end
    params do
      requires :id, type: String, desc: 'The ID of a project'
    end
    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
+      before do
+        authorize! :admin_operations, user_project
+        not_found!('Error Tracking Setting') unless project_setting
+      end
      desc 'Get error tracking settings for the project' do
        detail 'This feature was introduced in GitLab 12.7.'
        success Entities::ErrorTracking::ProjectSetting
      end
      get ':id/error_tracking/settings' do
-        authorize! :admin_operations, user_project
+        present project_setting, with: Entities::ErrorTracking::ProjectSetting
-        setting = user_project.error_tracking_setting
-        not_found!('Error Tracking Setting') unless setting
-        present setting, with: Entities::ErrorTracking::ProjectSetting
      end
      desc 'Enable or disable error tracking settings for the project' do
@@ -36,12 +42,6 @@ module API
      end
      patch ':id/error_tracking/settings/' do
-        authorize! :admin_operations, user_project
-        setting = user_project.error_tracking_setting
-        not_found!('Error Tracking Setting') unless setting
        update_params = {
          error_tracking_setting_attributes: { enabled: params[:active] }
        }
@@ -53,7 +53,7 @@ module API
        result = ::Projects::Operations::UpdateService.new(user_project, current_user, update_params).execute
        if result[:status] == :success
-          present setting, with: Entities::ErrorTracking::ProjectSetting
+          present project_setting, with: Entities::ErrorTracking::ProjectSetting
        else
          result
        end

--- a/lib/api/error_tracking_client_keys.rb
+++ b/lib/api/error_tracking_client_keys.rb
+# frozen_string_literal: true
+module API
+  class ErrorTrackingClientKeys < ::API::Base
+    before { authenticate! }
+    feature_category :error_tracking
+    params do
+      requires :id, type: String, desc: 'The ID of a project'
+    end
+    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
+      segment ':id/error_tracking' do
+        before do
+          authorize! :admin_operations, user_project
+        end
+        desc 'List all client keys' do
+          detail 'This feature was introduced in GitLab 14.3.'
+          success Entities::ErrorTracking::ClientKey
+        end
+        get '/client_keys' do
+          collection = user_project.error_tracking_client_keys
+          present paginate(collection), with: Entities::ErrorTracking::ClientKey
+        end
+        desc 'Create a client key' do
+          detail 'This feature was introduced in GitLab 14.3.'
+          success Entities::ErrorTracking::ClientKey
+        end
+        post '/client_keys' do
+          key = user_project.error_tracking_client_keys.create!
+          present key, with: Entities::ErrorTracking::ClientKey
+        end
+        desc 'Delete a client key' do
+          detail 'This feature was introduced in GitLab 14.3.'
+          success Entities::ErrorTracking::ClientKey
+        end
+        delete '/client_keys/:key_id' do
+          key = user_project.error_tracking_client_keys.find(params[:key_id])
+          key.destroy!
+        end
+      end
+    end
+  end
+end
--- a/spec/requests/api/error_tracking_client_keys_spec.rb
+++ b/spec/requests/api/error_tracking_client_keys_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+RSpec.describe API::ErrorTrackingClientKeys do
+  let_it_be(:guest) { create(:user) }
+  let_it_be(:maintainer) { create(:user) }
+  let_it_be(:setting) { create(:project_error_tracking_setting) }
+  let_it_be(:project) { setting.project }
+  let!(:client_key) { create(:error_tracking_client_key, project: project) }
+  before do
+    project.add_guest(guest)
+    project.add_maintainer(maintainer)
+  end
+  shared_examples 'endpoint with authorization' do
+    context 'when unauthenticated' do
+      let(:user) { nil }
+      it { expect(response).to have_gitlab_http_status(:unauthorized) }
+    end
+    context 'when authenticated as non-maintainer' do
+      let(:user) { guest }
+      it { expect(response).to have_gitlab_http_status(:forbidden) }
+    end
+  end
+  describe "GET /projects/:id/error_tracking/client_keys" do
+    before do
+      get api("/projects/#{project.id}/error_tracking/client_keys", user)
+    end
+    it_behaves_like 'endpoint with authorization'
+    context 'when authenticated as maintainer' do
+      let(:user) { maintainer }
+      it 'returns client keys' do
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response).to include_pagination_headers
+        expect(json_response.size).to eq(1)
+        expect(json_response.first['id']).to eq(client_key.id)
+      end
+    end
+  end
+  describe "POST /projects/:id/error_tracking/client_keys" do
+    before do
+      post api("/projects/#{project.id}/error_tracking/client_keys", user)
+    end
+    it_behaves_like 'endpoint with authorization'
+    context 'when authenticated as maintainer' do
+      let(:user) { maintainer }
+      it 'returns a newly created client key' do
+        new_key = project.error_tracking_client_keys.last
+        expect(json_response['id']).to eq(new_key.id)
+        expect(json_response['public_key']).to eq(new_key.public_key)
+      end
+    end
+  end
+  describe "DELETE /projects/:id/error_tracking/client_keys/:key_id" do
+    before do
+      delete api("/projects/#{project.id}/error_tracking/client_keys/#{client_key.id}", user)
+    end
+    it_behaves_like 'endpoint with authorization'
+    context 'when authenticated as maintainer' do
+      let(:user) { maintainer }
+      it 'returns a correct status' do
+        expect(response).to have_gitlab_http_status(:ok)
+      end
+    end
+  end
+end