Merge branch '207472-create-confidential-note-api' into 'master'

Add confidential attribute for notes creation See merge request gitlab-org/gitlab!36793

Merge branch '207472-create-confidential-note-api' into 'master'
Add confidential attribute for notes creation See merge request gitlab-org/gitlab!36793
6a27379a · Peter Leitzen · a50fe76e · 726a4525 · 6a27379a · 6a27379a
Commit 6a27379a authored Jul 15, 2020 by Peter Leitzen
5 changed files
--- a/changelogs/unreleased/207472-create-confidential-note-api.yml
+++ b/changelogs/unreleased/207472-create-confidential-note-api.yml
+---
+title: Add confidential attribute to public API for notes creation
+merge_request: 36793
+author:
+type: added
--- a/doc/api/notes.md
+++ b/doc/api/notes.md
@@ -116,6 +116,7 @@ Parameters:
 - `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding)
 - `issue_iid` (required) - The IID of an issue
 - `body` (required) - The content of a note. Limited to 1,000,000 characters.
+- `confidential` (optional) - The confidential flag of a note. Default is false.
 - `created_at` (optional) - Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z (requires admin or project/group owner rights)

 ```shell

--- a/lib/api/notes.rb
+++ b/lib/api/notes.rb
@@ -68,6 +68,7 @@ module API
        params do
          requires :noteable_id, type: Integer, desc: 'The ID of the noteable'
          requires :body, type: String, desc: 'The content of a note'
+          optional :confidential, type: Boolean, desc: 'Confidentiality note flag, default is false'
          optional :created_at, type: String, desc: 'The creation date of the note'
        end
        post ":id/#{noteables_str}/:noteable_id/notes" do
@@ -77,6 +78,7 @@ module API
            note: params[:body],
            noteable_type: noteables_str.classify,
            noteable_id: noteable.id,
+            confidential: params[:confidential],
            created_at: params[:created_at]
          }


--- a/spec/services/notes/create_service_spec.rb
+++ b/spec/services/notes/create_service_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe Notes::CreateService do
  let_it_be(:issue) { create(:issue, project: project) }
  let_it_be(:user) { create(:user) }
  let(:opts) do
-    { note: 'Awesome comment', noteable_type: 'Issue', noteable_id: issue.id }
+    { note: 'Awesome comment', noteable_type: 'Issue', noteable_id: issue.id, confidential: true }
  end

  describe '#execute' do

--- a/spec/support/shared_examples/requests/api/notes_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/notes_shared_examples.rb
@@ -132,6 +132,16 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name|

      expect(response).to have_gitlab_http_status(:created)
      expect(json_response['body']).to eq('hi!')
+      expect(json_response['confidential']).to be_falsey
+      expect(json_response['author']['username']).to eq(user.username)
+    end
+
+    it "creates a confidential note if confidential is set to true" do
+      post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/notes", user), params: { body: 'hi!', confidential: true }
+
+      expect(response).to have_gitlab_http_status(:created)
+      expect(json_response['body']).to eq('hi!')
+      expect(json_response['confidential']).to be_truthy
      expect(json_response['author']['username']).to eq(user.username)
    end