Downgrade coverage-check approval rule to premium

This commit allows to create coverage-check approval rule using gitlab premium plan. Changelog: changed EE: true

Downgrade coverage-check approval rule to premium
This commit allows to create coverage-check approval rule using gitlab premium plan. Changelog: changed EE: true
7d72ece6 · Maxime Orefice · 712fd7f3 · 7d72ece6 · 7d72ece6 · 7d72ece6
Commit 7d72ece6 authored Apr 04, 2022 by Maxime Orefice
8 changed files
--- a/ee/app/models/gitlab_subscriptions/features.rb
+++ b/ee/app/models/gitlab_subscriptions/features.rb
@@ -153,6 +153,7 @@ module GitlabSubscriptions
      escalation_policies
      export_user_permissions
      zentao_issues_integration
+      coverage_check_approval_rule
    ].freeze

    ULTIMATE_FEATURES = %i[

--- a/ee/app/policies/ee/merge_request_policy.rb
+++ b/ee/app/policies/ee/merge_request_policy.rb
@@ -26,6 +26,11 @@ module EE
        protected_branch.present? && group_access?(protected_branch)
      end

+      condition(:approval_rules_licence_enabled) do
+        @subject.target_project.licensed_feature_available?(:coverage_check_approval_rule) ||
+        @subject.target_project.licensed_feature_available?(:report_approver_rules)
+      end
+
      def group_access?(protected_branch)
        protected_branch.approval_project_rules.for_groups(@user.group_members.reporters.select(:source_id)).exists?
      end
@@ -48,6 +53,8 @@ module EE
        prevent :create_note
        prevent :resolve_note
      end
+
+      rule { approval_rules_licence_enabled }.enable :create_merge_request_approval_rules
    end
  end
 end
--- a/ee/app/services/ee/merge_requests/create_service.rb
+++ b/ee/app/services/ee/merge_requests/create_service.rb
@@ -10,7 +10,7 @@ module EE
        super

        ::MergeRequests::SyncCodeOwnerApprovalRulesWorker.perform_async(issuable.id)
-        ::MergeRequests::SyncReportApproverApprovalRules.new(issuable).execute
+        ::MergeRequests::SyncReportApproverApprovalRules.new(issuable, current_user).execute

        ::MergeRequests::UpdateBlocksService
          .new(issuable, current_user, blocking_merge_requests_params)

--- a/ee/app/services/ee/merge_requests/refresh_service.rb
+++ b/ee/app/services/ee/merge_requests/refresh_service.rb
@@ -32,7 +32,7 @@ module EE
      def update_approvers_for_source_branch_merge_requests
        merge_requests_for_source_branch.each do |merge_request|
          ::MergeRequests::SyncCodeOwnerApprovalRules.new(merge_request).execute if project.feature_available?(:code_owners)
-          ::MergeRequests::SyncReportApproverApprovalRules.new(merge_request).execute if project.feature_available?(:report_approver_rules)
+          ::MergeRequests::SyncReportApproverApprovalRules.new(merge_request, current_user).execute
        end
      end


--- a/ee/app/services/merge_requests/sync_report_approver_approval_rules.rb
+++ b/ee/app/services/merge_requests/sync_report_approver_approval_rules.rb
@@ -2,18 +2,25 @@

 module MergeRequests
  class SyncReportApproverApprovalRules
-    def initialize(merge_request, params = {})
+    include Gitlab::Allowable
+
+    def initialize(merge_request, current_user, params = {})
      @merge_request = merge_request
+      @current_user = current_user
    end

    def execute
-      if merge_request.target_project.feature_available?(:report_approver_rules)
-        merge_request.synchronize_approval_rules_from_target_project
-      end
+      return if not_allowed?
+
+      merge_request.synchronize_approval_rules_from_target_project
    end

    private

-    attr_reader :merge_request
+    attr_reader :merge_request, :current_user
+
+    def not_allowed?
+      !can?(current_user, :create_merge_request_approval_rules, merge_request)
+    end
  end
 end
--- a/ee/spec/policies/merge_request_policy_spec.rb
+++ b/ee/spec/policies/merge_request_policy_spec.rb
@@ -290,4 +290,31 @@ RSpec.describe MergeRequestPolicy do
      it { is_expected.to(allowed ? be_allowed(policy) : be_disallowed(policy)) }
    end
  end
+
+  describe 'create_merge_request_approval_rules' do
+    using RSpec::Parameterized::TableSyntax
+
+    let(:policy) { :create_merge_request_approval_rules }
+    let(:current_user) { owner }
+
+    subject { policy_for(current_user) }
+
+    where(:coverage_license_enabled, :report_approver_license_enabled, :allowed) do
+      false | false | false
+      true  | true  | true
+      false | true  | true
+      true  | false | true
+    end
+
+    with_them do
+      before do
+        stub_licensed_features(
+          coverage_check_approval_rule: coverage_license_enabled,
+          report_approver_rules: report_approver_license_enabled
+        )
+      end
+
+      it { is_expected.to(allowed ? be_allowed(policy) : be_disallowed(policy)) }
+    end
+  end
 end
--- a/ee/spec/services/ee/merge_requests/refresh_service_spec.rb
+++ b/ee/spec/services/ee/merge_requests/refresh_service_spec.rb
@@ -251,7 +251,7 @@ RSpec.describe MergeRequests::RefreshService do

        it 'refreshes the report_approver rules for all relevant merge requests' do
          relevant_merge_requests.each do |merge_request|
-            expect_next_instance_of(::MergeRequests::SyncReportApproverApprovalRules, merge_request) do |service|
+            expect_next_instance_of(::MergeRequests::SyncReportApproverApprovalRules, merge_request, current_user) do |service|
              expect(service).to receive(:execute)
            end
          end

--- a/ee/spec/services/merge_requests/sync_report_approver_approval_rules_spec.rb
+++ b/ee/spec/services/merge_requests/sync_report_approver_approval_rules_spec.rb
@@ -3,9 +3,10 @@
 require 'spec_helper'

 RSpec.describe MergeRequests::SyncReportApproverApprovalRules do
-  subject(:service) { described_class.new(merge_request) }
+  subject(:service) { described_class.new(merge_request, current_user) }

  let(:merge_request) { create(:merge_request) }
+  let(:current_user) { create(:user) }

  describe '#execute' do
    using RSpec::Parameterized::TableSyntax
@@ -109,10 +110,38 @@ RSpec.describe MergeRequests::SyncReportApproverApprovalRules do
    end

    context 'when report_approver_rules are disabled' do
+      before do
+        stub_licensed_features(report_approver_rules: false)
+      end
+
+      it 'copies nothing' do
+        expect { service.execute }
+          .not_to change { merge_request.approval_rules.count }
+      end
+    end
+
+    context 'when coverage_check_approval_rule is disabled' do
+      before do
+        stub_licensed_features(coverage_check_approval_rule: false)
+      end
+
      it 'copies nothing' do
        expect { service.execute }
          .not_to change { merge_request.approval_rules.count }
      end
    end
+
+    context 'when coverage_check_approval_rule is enabled' do
+      let!(:coverage_project_rule) { create(:approval_project_rule, :code_coverage, project: merge_request.target_project) }
+
+      before do
+        stub_licensed_features(coverage_check_approval_rule: true)
+      end
+
+      it 'synchronize coverage check approval rule' do
+        expect { service.execute }
+          .to change { merge_request.approval_rules.count }.from(0).to(1)
+      end
+    end
  end
 end