Commit 45d00ef1 authored by Sanad Liaquat's avatar Sanad Liaquat

Merge branch 'ml-qa-auth-runtime-feature-as-admin' into 'master'

Authenticate `Runtime::Feature` as admin

See merge request gitlab-org/gitlab!19672
parents a5b19b33 f1ac6c47
...@@ -17,6 +17,10 @@ module QA ...@@ -17,6 +17,10 @@ module QA
@unique_id = SecureRandom.hex(8) @unique_id = SecureRandom.hex(8)
end end
def admin?
api_resource&.dig(:is_admin) || false
end
def username def username
@username || "qa-user-#{unique_id}" @username || "qa-user-#{unique_id}"
end end
......
...@@ -7,6 +7,7 @@ module QA ...@@ -7,6 +7,7 @@ module QA
extend Support::Api extend Support::Api
SetFeatureError = Class.new(RuntimeError) SetFeatureError = Class.new(RuntimeError)
AuthorizationError = Class.new(RuntimeError)
def enable(key) def enable(key)
QA::Runtime::Logger.info("Enabling feature: #{key}") QA::Runtime::Logger.info("Enabling feature: #{key}")
...@@ -26,7 +27,22 @@ module QA ...@@ -26,7 +27,22 @@ module QA
private private
def api_client def api_client
@api_client ||= Runtime::API::Client.new(:gitlab) @api_client ||= begin
if Runtime::Env.admin_personal_access_token
Runtime::API::Client.new(:gitlab, personal_access_token: Runtime::Env.admin_personal_access_token)
else
user = Resource::User.fabricate_via_api! do |user|
user.username = Runtime::User.admin_username
user.password = Runtime::User.admin_password
end
unless user.admin?
raise AuthorizationError, "Administrator access is required to enable/disable feature flags. User '#{user.username}' is not an administrator."
end
Runtime::API::Client.new(:gitlab, user: user)
end
end
end end
def set_feature(key, value) def set_feature(key, value)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment