Commit 21b22245 authored by Toon Claes's avatar Toon Claes

Port of 23104-remove-public-param-for-projects to EE

API: remove `public` param for projects

The create and edit actions for projects had these parameters:

- `public` (optional) - if true same as setting `visibility_level = 20`
- `visibility_level` (optional)

Remove the `public` parameter to avoid contradiction.
parent 40e3494d
---
title: 'API: remove `public` param for projects'
merge_request: 8736
author:
...@@ -644,7 +644,6 @@ Parameters: ...@@ -644,7 +644,6 @@ Parameters:
| `snippets_enabled` | boolean | no | Enable snippets for this project | | `snippets_enabled` | boolean | no | Enable snippets for this project |
| `container_registry_enabled` | boolean | no | Enable container registry for this project | | `container_registry_enabled` | boolean | no | Enable container registry for this project |
| `shared_runners_enabled` | boolean | no | Enable shared runners for this project | | `shared_runners_enabled` | boolean | no | Enable shared runners for this project |
| `public` | boolean | no | If `true`, the same as setting `visibility_level` to 20 |
| `visibility_level` | integer | no | See [project visibility level](#project-visibility-level) | | `visibility_level` | integer | no | See [project visibility level](#project-visibility-level) |
| `import_url` | string | no | URL to import repository from | | `import_url` | string | no | URL to import repository from |
| `public_builds` | boolean | no | If `true`, builds can be viewed by non-project-members | | `public_builds` | boolean | no | If `true`, builds can be viewed by non-project-members |
...@@ -679,7 +678,6 @@ Parameters: ...@@ -679,7 +678,6 @@ Parameters:
| `snippets_enabled` | boolean | no | Enable snippets for this project | | `snippets_enabled` | boolean | no | Enable snippets for this project |
| `container_registry_enabled` | boolean | no | Enable container registry for this project | | `container_registry_enabled` | boolean | no | Enable container registry for this project |
| `shared_runners_enabled` | boolean | no | Enable shared runners for this project | | `shared_runners_enabled` | boolean | no | Enable shared runners for this project |
| `public` | boolean | no | If `true`, the same as setting `visibility_level` to 20 |
| `visibility_level` | integer | no | See [project visibility level](#project-visibility-level) | | `visibility_level` | integer | no | See [project visibility level](#project-visibility-level) |
| `import_url` | string | no | URL to import repository from | | `import_url` | string | no | URL to import repository from |
| `public_builds` | boolean | no | If `true`, builds can be viewed by non-project-members | | `public_builds` | boolean | no | If `true`, builds can be viewed by non-project-members |
...@@ -714,7 +712,6 @@ Parameters: ...@@ -714,7 +712,6 @@ Parameters:
| `snippets_enabled` | boolean | no | Enable snippets for this project | | `snippets_enabled` | boolean | no | Enable snippets for this project |
| `container_registry_enabled` | boolean | no | Enable container registry for this project | | `container_registry_enabled` | boolean | no | Enable container registry for this project |
| `shared_runners_enabled` | boolean | no | Enable shared runners for this project | | `shared_runners_enabled` | boolean | no | Enable shared runners for this project |
| `public` | boolean | no | If `true`, the same as setting `visibility_level` to 20 |
| `visibility_level` | integer | no | See [project visibility level](#project-visibility-level) | | `visibility_level` | integer | no | See [project visibility level](#project-visibility-level) |
| `import_url` | string | no | URL to import repository from | | `import_url` | string | no | URL to import repository from |
| `public_builds` | boolean | no | If `true`, builds can be viewed by non-project-members | | `public_builds` | boolean | no | If `true`, builds can be viewed by non-project-members |
......
...@@ -16,7 +16,6 @@ module API ...@@ -16,7 +16,6 @@ module API
optional :shared_runners_enabled, type: Boolean, desc: 'Flag indication if shared runners are enabled for that project' optional :shared_runners_enabled, type: Boolean, desc: 'Flag indication if shared runners are enabled for that project'
optional :container_registry_enabled, type: Boolean, desc: 'Flag indication if the container registry is enabled for that project' optional :container_registry_enabled, type: Boolean, desc: 'Flag indication if the container registry is enabled for that project'
optional :lfs_enabled, type: Boolean, desc: 'Flag indication if Git LFS is enabled for that project' optional :lfs_enabled, type: Boolean, desc: 'Flag indication if Git LFS is enabled for that project'
optional :public, type: Boolean, desc: 'Create a public project. The same as visibility_level = 20.'
optional :visibility_level, type: Integer, values: [ optional :visibility_level, type: Integer, values: [
Gitlab::VisibilityLevel::PRIVATE, Gitlab::VisibilityLevel::PRIVATE,
Gitlab::VisibilityLevel::INTERNAL, Gitlab::VisibilityLevel::INTERNAL,
...@@ -30,16 +29,6 @@ module API ...@@ -30,16 +29,6 @@ module API
optional :repository_storage, type: String, desc: 'Which storage shard the repository is on. Available only to admins' optional :repository_storage, type: String, desc: 'Which storage shard the repository is on. Available only to admins'
optional :approvals_before_merge, type: Integer, desc: 'How many approvers should approve merge request by default' optional :approvals_before_merge, type: Integer, desc: 'How many approvers should approve merge request by default'
end end
def map_public_to_visibility_level(attrs)
publik = attrs.delete(:public)
if !publik.nil? && !attrs[:visibility_level].present?
# Since setting the public attribute to private could mean either
# private or internal, use the more conservative option, private.
attrs[:visibility_level] = (publik == true) ? Gitlab::VisibilityLevel::PUBLIC : Gitlab::VisibilityLevel::PRIVATE
end
attrs
end
end end
resource :projects do resource :projects do
...@@ -165,7 +154,7 @@ module API ...@@ -165,7 +154,7 @@ module API
use :create_params use :create_params
end end
post do post do
attrs = map_public_to_visibility_level(declared_params(include_missing: false)) attrs = declared_params(include_missing: false)
project = ::Projects::CreateService.new(current_user, attrs).execute project = ::Projects::CreateService.new(current_user, attrs).execute
if project.saved? if project.saved?
...@@ -194,7 +183,7 @@ module API ...@@ -194,7 +183,7 @@ module API
user = User.find_by(id: params.delete(:user_id)) user = User.find_by(id: params.delete(:user_id))
not_found!('User') unless user not_found!('User') unless user
attrs = map_public_to_visibility_level(declared_params(include_missing: false)) attrs = declared_params(include_missing: false)
project = ::Projects::CreateService.new(user, attrs).execute project = ::Projects::CreateService.new(user, attrs).execute
if project.saved? if project.saved?
...@@ -272,7 +261,7 @@ module API ...@@ -272,7 +261,7 @@ module API
at_least_one_of :name, :description, :issues_enabled, :merge_requests_enabled, at_least_one_of :name, :description, :issues_enabled, :merge_requests_enabled,
:wiki_enabled, :builds_enabled, :snippets_enabled, :wiki_enabled, :builds_enabled, :snippets_enabled,
:shared_runners_enabled, :container_registry_enabled, :shared_runners_enabled, :container_registry_enabled,
:lfs_enabled, :public, :visibility_level, :public_builds, :lfs_enabled, :visibility_level, :public_builds,
:request_access_enabled, :only_allow_merge_if_build_succeeds, :request_access_enabled, :only_allow_merge_if_build_succeeds,
:only_allow_merge_if_all_discussions_are_resolved, :path, :only_allow_merge_if_all_discussions_are_resolved, :path,
:default_branch, :default_branch,
...@@ -281,7 +270,7 @@ module API ...@@ -281,7 +270,7 @@ module API
end end
put ':id' do put ':id' do
authorize_admin_project authorize_admin_project
attrs = map_public_to_visibility_level(declared_params(include_missing: false)) attrs = declared_params(include_missing: false)
authorize! :rename_project, user_project if attrs[:name].present? authorize! :rename_project, user_project if attrs[:name].present?
authorize! :change_visibility_level, user_project if attrs[:visibility_level].present? authorize! :change_visibility_level, user_project if attrs[:visibility_level].present?
......
...@@ -359,13 +359,6 @@ describe API::Projects, api: true do ...@@ -359,13 +359,6 @@ describe API::Projects, api: true do
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PUBLIC) expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PUBLIC)
end end
it 'sets a project as public using :public' do
project = attributes_for(:project, { public: true })
post api('/projects', user), project
expect(json_response['public']).to be_truthy
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PUBLIC)
end
it 'sets a project as internal' do it 'sets a project as internal' do
project = attributes_for(:project, :internal) project = attributes_for(:project, :internal)
post api('/projects', user), project post api('/projects', user), project
...@@ -373,13 +366,6 @@ describe API::Projects, api: true do ...@@ -373,13 +366,6 @@ describe API::Projects, api: true do
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::INTERNAL) expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::INTERNAL)
end end
it 'sets a project as internal overriding :public' do
project = attributes_for(:project, :internal, { public: true })
post api('/projects', user), project
expect(json_response['public']).to be_falsey
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::INTERNAL)
end
it 'sets a project as private' do it 'sets a project as private' do
project = attributes_for(:project, :private) project = attributes_for(:project, :private)
post api('/projects', user), project post api('/projects', user), project
...@@ -387,13 +373,6 @@ describe API::Projects, api: true do ...@@ -387,13 +373,6 @@ describe API::Projects, api: true do
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE) expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE)
end end
it 'sets a project as private using :public' do
project = attributes_for(:project, { public: false })
post api('/projects', user), project
expect(json_response['public']).to be_falsey
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE)
end
it 'sets a project as allowing merge even if build fails' do it 'sets a project as allowing merge even if build fails' do
project = attributes_for(:project, { only_allow_merge_if_build_succeeds: false }) project = attributes_for(:project, { only_allow_merge_if_build_succeeds: false })
post api('/projects', user), project post api('/projects', user), project
...@@ -431,13 +410,14 @@ describe API::Projects, api: true do ...@@ -431,13 +410,14 @@ describe API::Projects, api: true do
end end
context 'when a visibility level is restricted' do context 'when a visibility level is restricted' do
let(:project_param) { attributes_for(:project, :public) }
before do before do
@project = attributes_for(:project, { public: true })
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC]) stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
end end
it 'does not allow a non-admin to use a restricted visibility level' do it 'does not allow a non-admin to use a restricted visibility level' do
post api('/projects', user), @project post api('/projects', user), project_param
expect(response).to have_http_status(400) expect(response).to have_http_status(400)
expect(json_response['message']['visibility_level'].first).to( expect(json_response['message']['visibility_level'].first).to(
...@@ -446,7 +426,8 @@ describe API::Projects, api: true do ...@@ -446,7 +426,8 @@ describe API::Projects, api: true do
end end
it 'allows an admin to override restricted visibility settings' do it 'allows an admin to override restricted visibility settings' do
post api('/projects', admin), @project post api('/projects', admin), project_param
expect(json_response['public']).to be_truthy expect(json_response['public']).to be_truthy
expect(json_response['visibility_level']).to( expect(json_response['visibility_level']).to(
eq(Gitlab::VisibilityLevel::PUBLIC) eq(Gitlab::VisibilityLevel::PUBLIC)
...@@ -499,15 +480,6 @@ describe API::Projects, api: true do ...@@ -499,15 +480,6 @@ describe API::Projects, api: true do
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PUBLIC) expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PUBLIC)
end end
it 'sets a project as public using :public' do
project = attributes_for(:project, { public: true })
post api("/projects/user/#{user.id}", admin), project
expect(response).to have_http_status(201)
expect(json_response['public']).to be_truthy
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PUBLIC)
end
it 'sets a project as internal' do it 'sets a project as internal' do
project = attributes_for(:project, :internal) project = attributes_for(:project, :internal)
post api("/projects/user/#{user.id}", admin), project post api("/projects/user/#{user.id}", admin), project
...@@ -517,14 +489,6 @@ describe API::Projects, api: true do ...@@ -517,14 +489,6 @@ describe API::Projects, api: true do
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::INTERNAL) expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::INTERNAL)
end end
it 'sets a project as internal overriding :public' do
project = attributes_for(:project, :internal, { public: true })
post api("/projects/user/#{user.id}", admin), project
expect(response).to have_http_status(201)
expect(json_response['public']).to be_falsey
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::INTERNAL)
end
it 'sets a project as private' do it 'sets a project as private' do
project = attributes_for(:project, :private) project = attributes_for(:project, :private)
post api("/projects/user/#{user.id}", admin), project post api("/projects/user/#{user.id}", admin), project
...@@ -532,13 +496,6 @@ describe API::Projects, api: true do ...@@ -532,13 +496,6 @@ describe API::Projects, api: true do
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE) expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE)
end end
it 'sets a project as private using :public' do
project = attributes_for(:project, { public: false })
post api("/projects/user/#{user.id}", admin), project
expect(json_response['public']).to be_falsey
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE)
end
it 'sets a project as allowing merge even if build fails' do it 'sets a project as allowing merge even if build fails' do
project = attributes_for(:project, { only_allow_merge_if_build_succeeds: false }) project = attributes_for(:project, { only_allow_merge_if_build_succeeds: false })
post api("/projects/user/#{user.id}", admin), project post api("/projects/user/#{user.id}", admin), project
...@@ -865,7 +822,7 @@ describe API::Projects, api: true do ...@@ -865,7 +822,7 @@ describe API::Projects, api: true do
it 'creates a new project snippet' do it 'creates a new project snippet' do
post api("/projects/#{project.id}/snippets", user), post api("/projects/#{project.id}/snippets", user),
title: 'api test', file_name: 'sample.rb', code: 'test', title: 'api test', file_name: 'sample.rb', code: 'test',
visibility_level: '0' visibility_level: Gitlab::VisibilityLevel::PRIVATE
expect(response).to have_http_status(201) expect(response).to have_http_status(201)
expect(json_response['title']).to eq('api test') expect(json_response['title']).to eq('api test')
end end
...@@ -1114,7 +1071,7 @@ describe API::Projects, api: true do ...@@ -1114,7 +1071,7 @@ describe API::Projects, api: true do
end end
it 'updates visibility_level' do it 'updates visibility_level' do
project_param = { visibility_level: 20 } project_param = { visibility_level: Gitlab::VisibilityLevel::PUBLIC }
put api("/projects/#{project3.id}", user), project_param put api("/projects/#{project3.id}", user), project_param
expect(response).to have_http_status(200) expect(response).to have_http_status(200)
project_param.each_pair do |k, v| project_param.each_pair do |k, v|
...@@ -1124,7 +1081,7 @@ describe API::Projects, api: true do ...@@ -1124,7 +1081,7 @@ describe API::Projects, api: true do
it 'updates visibility_level from public to private' do it 'updates visibility_level from public to private' do
project3.update_attributes({ visibility_level: Gitlab::VisibilityLevel::PUBLIC }) project3.update_attributes({ visibility_level: Gitlab::VisibilityLevel::PUBLIC })
project_param = { public: false } project_param = { visibility_level: Gitlab::VisibilityLevel::PRIVATE }
put api("/projects/#{project3.id}", user), project_param put api("/projects/#{project3.id}", user), project_param
expect(response).to have_http_status(200) expect(response).to have_http_status(200)
project_param.each_pair do |k, v| project_param.each_pair do |k, v|
...@@ -1206,7 +1163,7 @@ describe API::Projects, api: true do ...@@ -1206,7 +1163,7 @@ describe API::Projects, api: true do
end end
it 'does not update visibility_level' do it 'does not update visibility_level' do
project_param = { visibility_level: 20 } project_param = { visibility_level: Gitlab::VisibilityLevel::PUBLIC }
put api("/projects/#{project3.id}", user4), project_param put api("/projects/#{project3.id}", user4), project_param
expect(response).to have_http_status(403) expect(response).to have_http_status(403)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment