Commit 7dc5e160 authored by Sean Arnold's avatar Sean Arnold

Move Alerts metric image API to CE

- Services
- Policy
- etc

Changelog: changed
parent f9af2df0
......@@ -14,7 +14,8 @@ class UploadsController < ApplicationController
"appearance" => Appearance,
"personal_snippet" => PersonalSnippet,
"projects/topic" => Projects::Topic,
nil => PersonalSnippet
'alert_management_metric_image' => ::AlertManagement::MetricImage,
nil => PersonalSnippet,
}.freeze
rescue_from UnknownUploadModelError, with: :render_404
......@@ -56,6 +57,8 @@ class UploadsController < ApplicationController
true
when Projects::Topic
true
when ::AlertManagement::MetricImage
can?(current_user, :read_alert_management_metric_image, model.alert)
else
can?(current_user, "read_#{model.class.underscore}".to_sym, model)
end
......
......@@ -142,6 +142,10 @@ module AlertManagement
reference.to_i > 0 && reference.to_i <= Gitlab::Database::MAX_INT_VALUE
end
def metric_images_available?
::AlertManagement::MetricImage.available_for?(project)
end
def prometheus?
monitoring_tool == Gitlab::AlertManagement::Payload::MONITORING_TOOLS[:prometheus]
end
......
......@@ -3,7 +3,15 @@
module AlertManagement
class AlertPolicy < ::BasePolicy
delegate { @subject.project }
rule { can?(:read_alert_management_alert) }.policy do
enable :read_alert_management_metric_image
end
rule { can?(:update_alert_management_alert) }.policy do
enable :upload_alert_management_metric_image
enable :update_alert_management_metric_image
enable :destroy_alert_management_metric_image
end
end
end
AlertManagement::AlertPolicy.prepend_mod
......@@ -38,6 +38,12 @@ scope path: :uploads do
post ':model/authorize',
to: 'uploads#authorize',
constraints: { model: /personal_snippet|user/ }
# Alert Metric Images
get "-/system/:model/:mounted_as/:id/:filename",
to: "uploads#show",
constraints: { model: /alert_management_metric_image/, mounted_as: /file/, filename: %r{[^/]+} },
as: 'alert_metric_image_upload'
end
# Redirect old note attachments path to new uploads path.
......
......@@ -6,8 +6,7 @@ module EE
extend ::Gitlab::Utils::Override
EE_MODEL_CLASSES = {
'issuable_metric_image' => IssuableMetricImage,
'alert_management_metric_image' => ::AlertManagement::MetricImage
'issuable_metric_image' => IssuableMetricImage
}.freeze
class_methods do
......@@ -24,8 +23,6 @@ module EE
case model
when IssuableMetricImage
can?(current_user, :read_issuable_metric_image, model)
when ::AlertManagement::MetricImage
can?(current_user, :read_alert_management_metric_image, model.alert)
else
super
end
......
......@@ -21,10 +21,6 @@ module EE
::Deployments::AutoRollbackWorker.perform_async(environment.id)
end
def metric_images_available?
::AlertManagement::MetricImage.available_for?(project)
end
end
end
end
# frozen_string_literal: true
module EE
module AlertManagement
module AlertPolicy
extend ActiveSupport::Concern
prepended do
rule { can?(:read_alert_management_alert) }.policy do
enable :read_alert_management_metric_image
end
rule { can?(:update_alert_management_alert) }.policy do
enable :upload_alert_management_metric_image
enable :update_alert_management_metric_image
enable :destroy_alert_management_metric_image
end
end
end
end
end
......@@ -6,10 +6,4 @@ scope path: :uploads do
to: "uploads#show",
constraints: { model: /issuable_metric_image/, mounted_as: /file/, filename: %r{[^/]+} },
as: 'issuable_metric_image_upload'
# Alert Metric Images
get "-/system/:model/:mounted_as/:id/:filename",
to: "uploads#show",
constraints: { model: /alert_management_metric_image/, mounted_as: /file/, filename: %r{[^/]+} },
as: 'alert_metric_image_upload'
end
......@@ -10,7 +10,6 @@ module EE
mount ::EE::API::GroupBoards
mount ::API::AlertManagementAlerts
mount ::API::AuditEvents
mount ::API::ProjectApprovalRules
mount ::API::StatusChecks
......
......@@ -12,7 +12,6 @@ module Gitlab
file
import_export
issuable_metric_image
metric_image
namespace_file
personal_file
].freeze
......
......@@ -22,21 +22,5 @@ RSpec.describe UploadsController do
expect(response).to have_gitlab_http_status(:ok)
end
end
context 'when viewing alert metric images' do
let(:alert) { create(:alert_management_alert, project: project) }
let(:metric_image) { create(:alert_metric_image, alert: alert) }
before do
project.add_developer(user)
sign_in(user)
end
it "responds with status 200" do
get :show, params: { model: "alert_management_metric_image", mounted_as: 'file', id: metric_image.id, filename: metric_image.filename }
expect(response).to have_gitlab_http_status(:ok)
end
end
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe AlertManagement::AlertPolicy do
describe '#rules' do
let_it_be(:user) { create(:user) }
let_it_be(:project) { create(:project) }
let_it_be(:alert) { create(:alert_management_alert, project: project, issue: incident) }
let_it_be(:incident) { nil }
let(:policy) { described_class.new(user, alert) }
describe 'rules' do
shared_examples 'does not allow metric image reads' do
it { expect(policy).to be_disallowed(:read_alert_management_metric_image) }
end
shared_examples 'does not allow metric image updates' do
specify do
expect(policy).to be_disallowed(:upload_alert_management_metric_image)
expect(policy).to be_disallowed(:destroy_alert_management_metric_image)
end
end
shared_examples 'allows metric image reads' do
it { expect(policy).to be_allowed(:read_alert_management_metric_image) }
end
shared_examples 'allows metric image updates' do
specify do
expect(policy).to be_allowed(:upload_alert_management_metric_image)
expect(policy).to be_allowed(:destroy_alert_management_metric_image)
end
end
context 'when user is not a member' do
include_examples 'does not allow metric image reads'
include_examples 'does not allow metric image updates'
end
context 'when user is a guest' do
before do
project.add_guest(user)
end
include_examples 'does not allow metric image reads'
include_examples 'does not allow metric image updates'
end
context 'when user is a developer' do
before do
project.add_developer(user)
end
include_examples 'allows metric image reads'
include_examples 'allows metric image updates'
end
end
end
end
......@@ -163,6 +163,7 @@ module API
mount ::API::Admin::InstanceClusters
mount ::API::Admin::PlanLimits
mount ::API::Admin::Sidekiq
mount ::API::AlertManagementAlerts
mount ::API::Appearance
mount ::API::Applications
mount ::API::Avatar
......
......@@ -701,6 +701,24 @@ RSpec.describe UploadsController do
end
end
end
context 'when viewing alert metric images' do
let!(:user) { create(:user) }
let!(:project) { create(:project) }
let(:alert) { create(:alert_management_alert, project: project) }
let(:metric_image) { create(:alert_metric_image, alert: alert) }
before do
project.add_developer(user)
sign_in(user)
end
it "responds with status 200" do
get :show, params: { model: "alert_management_metric_image", mounted_as: 'file', id: metric_image.id, filename: metric_image.filename }
expect(response).to have_gitlab_http_status(:ok)
end
end
end
def post_authorize(verified: true)
......
......@@ -3,9 +3,10 @@
require 'spec_helper'
RSpec.describe AlertManagement::AlertPolicy, :models do
let(:alert) { create(:alert_management_alert) }
let(:project) { alert.project }
let(:user) { create(:user) }
let_it_be(:user) { create(:user) }
let_it_be(:project) { create(:project) }
let_it_be(:alert) { create(:alert_management_alert, project: project, issue: incident) }
let_it_be(:incident) { nil }
subject(:policy) { described_class.new(user, alert) }
......@@ -21,5 +22,50 @@ RSpec.describe AlertManagement::AlertPolicy, :models do
it { is_expected.to be_allowed :read_alert_management_alert }
it { is_expected.to be_allowed :update_alert_management_alert }
end
shared_examples 'does not allow metric image reads' do
it { expect(policy).to be_disallowed(:read_alert_management_metric_image) }
end
shared_examples 'does not allow metric image updates' do
specify do
expect(policy).to be_disallowed(:upload_alert_management_metric_image)
expect(policy).to be_disallowed(:destroy_alert_management_metric_image)
end
end
shared_examples 'allows metric image reads' do
it { expect(policy).to be_allowed(:read_alert_management_metric_image) }
end
shared_examples 'allows metric image updates' do
specify do
expect(policy).to be_allowed(:upload_alert_management_metric_image)
expect(policy).to be_allowed(:destroy_alert_management_metric_image)
end
end
context 'when user is not a member' do
include_examples 'does not allow metric image reads'
include_examples 'does not allow metric image updates'
end
context 'when user is a guest' do
before do
project.add_guest(user)
end
include_examples 'does not allow metric image reads'
include_examples 'does not allow metric image updates'
end
context 'when user is a developer' do
before do
project.add_developer(user)
end
include_examples 'allows metric image reads'
include_examples 'allows metric image updates'
end
end
end
......@@ -21,6 +21,17 @@ RSpec.describe 'Uploads', 'routing' do
)
end
it 'allows fetching alert metric metric images' do
expect(get('/uploads/-/system/alert_management_metric_image/file/1/test.jpg')).to route_to(
controller: 'uploads',
action: 'show',
model: 'alert_management_metric_image',
id: '1',
filename: 'test.jpg',
mounted_as: 'file'
)
end
it 'does not allow creating uploads for other models' do
unroutable_models = UploadsController::MODEL_CLASSES.keys.compact - %w(personal_snippet user)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment