Remove IP/email restrictions from subgroup settings

Not able to be edited in subgroup settings. Was readonly

Remove IP/email restrictions from subgroup settings
Not able to be edited in subgroup settings. Was readonly
73f21b99 · peterhegman · 3a8e081e · 73f21b99 · 73f21b99 · 73f21b99
Commit 73f21b99 authored Mar 25, 2020 by peterhegman
3 changed files
--- a/ee/app/views/groups/settings/_allowed_email_domain.html.haml
+++ b/ee/app/views/groups/settings/_allowed_email_domain.html.haml
- return unless group.feature_available?(:group_allowed_email_domains)
+- return if !group.feature_available?(:group_allowed_email_domains) || group.parent_id.present?
- read_only = group.parent_id.present?
 %h5= _('Restrict membership by email')
 = f.fields_for :allowed_email_domain do |allowed_email_domain_form|
  .form-group
-    - if read_only
+    = allowed_email_domain_form.text_field :domain, class: 'form-control', placeholder: _('Enter domain')
-      = allowed_email_domain_form.text_field :domain, value: group.root_ancestor_allowed_email_domain&.domain, class: 'form-control', disabled: true, placeholder: _('No value set by top-level parent group.')
-      .form-text.text-muted
-        = _('Email domain is not editable in subgroups. Value inherited from top-level parent group.')
-    - else
-      = allowed_email_domain_form.text_field :domain, class: 'form-control', placeholder: _('Enter domain')
    .form-text.text-muted
      - read_more_link = link_to(_('Read more'), help_page_path('user/group/index', anchor: 'allowed-domain-restriction-premium-only'))
      = _('Only users with an email address in this domain can be added to the group.<br>Example: <code>gitlab.com</code>. Some common domains are not allowed. %{read_more_link}.').html_safe % { read_more_link: read_more_link }
--- a/ee/app/views/groups/settings/_ip_restriction.html.haml
+++ b/ee/app/views/groups/settings/_ip_restriction.html.haml
- return unless group.feature_available?(:group_ip_restriction)
+- return if !group.feature_available?(:group_ip_restriction) || group.parent_id.present?
- read_only = group.parent_id.present?
 %h5= _('Restrict access by IP address')
 .form-group
-  - if read_only
+  = f.text_field :ip_restriction_ranges, class: 'form-control', data: { qa_selector: 'ip_restriction_field' }, placeholder: _('Enter IP address range')
-    = f.text_field :ip_restriction_ranges, value: group.root_ancestor&.ip_restriction_ranges, class: 'form-control', disabled: true, placeholder: _('No value set by top-level parent group.')
-    .form-text.text-muted
-      = _('IP address restriction is not editable in subgroups. Value inherited from top-level parent group.')
-  - else
-    = f.text_field :ip_restriction_ranges, class: 'form-control', data: { qa_selector: 'ip_restriction_field' }, placeholder: _('Enter IP address range')
  .form-text.text-muted
    - read_more_link = link_to(_('Read more'), help_page_path('user/group/index', anchor: 'ip-access-restriction-ultimate'))
    = _('This group, including all subgroups, projects and git repositories, will only be reachable from the specified IP address range. Multiple addresses are supported with comma delimiters.<br>Example: <code>192.168.0.0/24,192.168.1.0/24</code>. %{read_more_link}.').html_safe % { read_more_link: read_more_link }
--- a/ee/spec/views/groups/edit.html.haml_spec.rb
+++ b/ee/spec/views/groups/edit.html.haml_spec.rb
@@ -50,35 +50,13 @@ describe 'groups/edit.html.haml' do
    end
    context 'subgroup' do
-      shared_examples 'renders read-only ip_restriction setting of root ancestor' do
-        it 'renders disabled ranges of root ancestor in comma separated format' do
-          render
-          expect(rendered).to render_template('groups/settings/_ip_restriction')
-          expect(rendered).to(have_field('group_ip_restriction_ranges',
-                                         { disabled: true,
-                                           with: ranges.join(",") }))
-        end
-      end
      let(:group) { create(:group, :nested) }
-      before do
+      it 'does not show ip_restriction setting' do
-        ranges.each do |range|
+        render
-          create(:ip_restriction, group: group.parent, range: range)
-        end
-      end
-      context 'with single subnet' do
-        let(:ranges) { ['192.168.0.0/24'] }
-        it_behaves_like 'renders read-only ip_restriction setting of root ancestor'
-      end
-      context 'with multiple subnets' do
-        let(:ranges) { ['192.168.0.0/24', '192.168.1.0/8'] }
-        it_behaves_like 'renders read-only ip_restriction setting of root ancestor'
+        expect(rendered).to render_template('groups/settings/_ip_restriction')
+        expect(rendered).not_to have_field('group_ip_restriction_attributes_range')
      end
    end
@@ -120,18 +98,11 @@ describe 'groups/edit.html.haml' do
    context 'subgroup' do
      let(:group) { create(:group, :nested) }
-      before do
+      it 'does not show allowed_email_domain setting' do
-        create(:allowed_email_domain, group: group.parent)
-        group.build_allowed_email_domain
-      end
-      it 'show read-only allowed_email_domain setting of root ancestor' do
        render
        expect(rendered).to render_template('groups/settings/_allowed_email_domain')
-        expect(rendered).to(have_field('group_allowed_email_domain_attributes_domain',
+        expect(rendered).not_to have_field('group_allowed_email_domain_attributes_domain')
-                                       { disabled: true,
-                                         with: 'gitlab.com' }))
      end
    end