Commit cabb8b20 authored by Jan Beckmann's avatar Jan Beckmann Committed by Kushal Pandya

Add confidential parameter to epic link creation API

- set to copy the confidentiality status from the parent epic
- replicate this behavior on the frontend

Fixes https://gitlab.com/gitlab-org/gitlab/-/issues/229839
parent a6a1c608
......@@ -131,6 +131,7 @@ POST /groups/:id/epics/:epic_iid/epics
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
| `epic_iid` | integer | yes | The internal ID of the (future parent) epic. |
| `title` | string | yes | The title of a newly created epic. |
| `confidential` | boolean | no | Whether the epic should be confidential. Will be ignored if `confidential_epics` feature flag is disabled. Defaults to the confidentiality state of the parent epic. |
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/epics/5/epics?title=Newpic"
......
......@@ -67,12 +67,13 @@ export default {
});
},
createChildEpic({ groupId, parentEpicIid, title }) {
createChildEpic({ confidential, groupId, parentEpicIid, title }) {
const url = Api.buildUrl(this.childEpicPath)
.replace(':id', encodeURIComponent(groupId))
.replace(':epic_iid', parentEpicIid);
return axios.post(url, {
confidential,
title,
});
},
......
......@@ -389,6 +389,7 @@ export const createItem = ({ state, dispatch }, { itemTitle }) => {
dispatch('requestCreateItem');
Api.createChildEpic({
confidential: state.parentItem.confidential,
groupId: state.parentItem.fullPath,
parentEpicIid: state.parentItem.iid,
title: itemTitle,
......
---
title: Allow creation of confidential sub-epics from tree
merge_request: 37882
author: Jan Beckmann
type: fixed
......@@ -74,12 +74,14 @@ module API
end
params do
requires :title, type: String, desc: 'The title of a child epic'
optional :confidential, type: Boolean, desc: 'Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled'
end
post ':id/(-/)epics/:epic_iid/epics' do
authorize_subepics_feature!
authorize_can_admin_epic_link!
create_params = { parent_id: epic.id, title: params[:title] }
confidential = params[:confidential].nil? ? epic.confidential : params[:confidential]
create_params = { parent_id: epic.id, title: params[:title], confidential: confidential }
child_epic = ::Epics::CreateService.new(user_group, current_user, create_params).execute
......
......@@ -151,6 +151,28 @@ RSpec.describe API::EpicLinks do
expect(epic.reload.children).to include(Epic.last)
end
context 'when the parent epic is confidential' do
let(:epic) { create(:epic, group: group, confidential: true) }
it 'copies the confidentiality status from the parent epic' do
subject
expect(Epic.last).to be_confidential
end
it 'does not allow creating a non-confidential sub-epic' do
post api(url, user), params: { title: 'child epic', confidential: false }
expect(response).to have_gitlab_http_status(:bad_request)
end
end
it 'does apply the confidential parameter if set' do
post api(url, user), params: { title: 'child epic', confidential: true }
expect(Epic.last).to be_confidential
end
context 'and epic has errors' do
it 'returns 400 error' do
child_epic = Epic.new(title: 'with errors')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment