Adds documentation

doc/api/projects.md

@@ -669,6 +669,12 @@ POST /projects
 | `ci_config_path` | string | no | The path to CI config file |
 | `repository_storage` | string | no | Which storage shard the repository is on. Available only to admins |
 | `approvals_before_merge` | integer | no | How many approvers should approve merge request by default |
+| `mirror` | boolean | no | Enables pull mirroring in a project |
+| `mirror_trigger_builds` | boolean | no | Pull mirroring triggers builds |
+
+>**Note**: If your HTTP repository is not publicly accessible,
+add authentication information to the URL: `https://username:password@gitlab.company.com/group/project.git`
+where `password` is a public access key with the `api` scope enabled.
 
 ## Create project for user
 
@@ -708,6 +714,12 @@ POST /projects/user/:user_id
 | `repository_storage` | string | no | Which storage shard the repository is on. Available only to admins |
 | `approvals_before_merge` | integer | no | How many approvers should approve merge request by default |
 | `external_authorization_classification_label` | string | no | The classification label for the project |
+| `mirror` | boolean | no | Enables pull mirroring in a project |
+| `mirror_trigger_builds` | boolean | no | Pull mirroring triggers builds |
+
+>**Note**: If your HTTP repository is not publicly accessible,
+add authentication information to the URL: `https://username:password@gitlab.company.com/group/project.git`
+where `password` is a public access key with the `api` scope enabled.
 
 ## Edit project
 
@@ -746,6 +758,15 @@ PUT /projects/:id
 | `repository_storage` | string | no | Which storage shard the repository is on. Available only to admins |
 | `approvals_before_merge` | integer | no | How many approvers should approve merge request by default |
 | `external_authorization_classification_label` | string | no | The classification label for the project |
+| `mirror` | boolean | no | Enables pull mirroring in a project |
+| `mirror_user_id` | integer | no | User responsible for all the activity surrounding a pull mirror event |
+| `mirror_trigger_builds` | boolean | no | Pull mirroring triggers builds |
+| `only_mirror_protected_branches` | boolean | no | Only mirror protected branches |
+| `mirror_overwrites_diverged_branches` | boolean | no | Pull mirror overwrites diverged branches |
+
+>**Note**: If your HTTP repository is not publicly accessible,
+add authentication information to the URL: `https://username:password@gitlab.company.com/group/project.git`
+where `password` is a public access key with the `api` scope enabled.
 
 ## Fork project
 

ee/app/services/ee/projects/update_service.rb

@@ -37,7 +37,7 @@ module EE
           log_audit_events
 
           sync_wiki_on_enable if !wiki_was_enabled && project.wiki_enabled?
-          project.force_import_job! if ::Gitlab::Utils.to_boolean(params[:mirror]) && project.mirror?
+          project.force_import_job! if params[:mirror].present? && project.mirror?
         end
 
         result

ee/lib/ee/api/entities.rb

@@ -19,10 +19,10 @@ module EE
           expose :repository_storage, if: ->(_project, options) { options[:current_user].try(:admin?) }
           expose :approvals_before_merge, if: ->(project, _) { project.feature_available?(:merge_request_approvers) }
           expose :mirror, if: ->(project, _) { project.feature_available?(:repository_mirrors) }
-          expose :mirror_user_id, if: ->(project, _) { project.feature_available?(:repository_mirrors) }
-          expose :mirror_trigger_builds, if: ->(project, _) { project.feature_available?(:repository_mirrors) }
-          expose :only_mirror_protected_branches, if: ->(project, _) { project.feature_available?(:repository_mirrors) }
-          expose :mirror_overwrites_diverged_branches, if: ->(project, _) { project.feature_available?(:repository_mirrors) }
+          expose :mirror_user_id, if: ->(project, _) { project.mirror? && project.feature_available?(:repository_mirrors) }
+          expose :mirror_trigger_builds, if: ->(project, _) { project.mirror? && project.feature_available?(:repository_mirrors) }
+          expose :only_mirror_protected_branches, if: ->(project, _) { project.mirror? && project.feature_available?(:repository_mirrors) }
+          expose :mirror_overwrites_diverged_branches, if: ->(project, _) { project.mirror? && project.feature_available?(:repository_mirrors) }
         end
       end
 

ee/lib/ee/api/helpers.rb

@@ -62,15 +62,18 @@ module EE
               .allow_group_owners_to_manage_ldap
       end
 
+      def mirroring_available?
+        ::Gitlab::CurrentSettings.current_application_settings.mirror_available ||
+          current_user&.admin?
+      end
+
       def valid_mirror_user?(mirror_params)
-        return true unless mirror_params[:mirror]
-        return false unless mirror_params[:mirror_user_id].present?
+        return true unless mirror_params[:mirror_user_id].present?
 
-        default_mirror_users.map(&:id).include?(mirror_params[:mirror_user_id].to_i)
-      end
+        mirror_user_id = mirror_params[:mirror_user_id].to_i
 
-      def default_mirror_users
-        [current_user, user_project.mirror_user].compact.uniq
+        mirror_user_id == current_user.id ||
+          mirror_user_id == user_project.mirror_user&.id
       end
     end
   end

ee/spec/controllers/projects_controller_spec.rb

@@ -144,6 +144,8 @@ describe ProjectsController do
         end
 
         it 'updates repository mirror attributes' do
+          expect_any_instance_of(EE::Project).to receive(:force_import_job!).once
+
           put :update,
             namespace_id: project.namespace,
             id: project,

ee/spec/requests/api/projects_spec.rb

@@ -13,7 +13,6 @@ describe API::Projects do
           name: "Foo",
           mirror: true,
           import_url: import_url,
-          mirror_user_id: user.id,
           mirror_trigger_builds: true
         }
       end
@@ -44,6 +43,33 @@ describe API::Projects do
           mirror_trigger_builds: false
         )
       end
+
+      context 'when pull mirroring is not available' do
+        before do
+          stub_ee_application_setting(mirror_available: false)
+        end
+
+        it 'returns a 403' do
+          post api('/projects', user), mirror_params
+
+          expect(response).to have_gitlab_http_status(403)
+          expect(json_response["message"]).to eq("Pull mirroring is not available")
+        end
+
+        it 'creates project with mirror settings' do
+          admin = create(:admin)
+
+          post api('/projects', admin), mirror_params
+
+          expect(response).to have_gitlab_http_status(201)
+          expect(Project.first).to have_attributes(
+            mirror: true,
+            import_url: import_url,
+            mirror_user_id: admin.id,
+            mirror_trigger_builds: true
+          )
+        end
+      end
     end
   end
 
@@ -75,7 +101,42 @@ describe API::Projects do
         }
       end
 
+      context 'when pull mirroring is not available' do
+        before do
+          stub_ee_application_setting(mirror_available: false)
+        end
+
+        it 'raises an API error' do
+          put(api("/projects/#{project.id}", user), mirror_params)
+
+          expect(response).to have_gitlab_http_status(403)
+          expect(json_response["message"]).to eq("Pull mirroring is not available")
+        end
+
+        it 'updates mirror related attributes when user is admin' do
+          admin = create(:admin)
+          mirror_params[:mirror_user_id] = admin.id
+          project.add_maintainer(admin)
+
+          expect_any_instance_of(EE::Project).to receive(:force_import_job!).once
+
+          put(api("/projects/#{project.id}", admin), mirror_params)
+
+          expect(response).to have_gitlab_http_status(200)
+          expect(project.reload).to have_attributes(
+            mirror: true,
+            import_url: import_url,
+            mirror_user_id: admin.id,
+            mirror_trigger_builds: true,
+            only_mirror_protected_branches: true,
+            mirror_overwrites_diverged_branches: true
+          )
+        end
+      end
+
       it 'updates mirror related attributes' do
+        expect_any_instance_of(EE::Project).to receive(:force_import_job!).once
+
         put(api("/projects/#{project.id}", user), mirror_params)
 
         expect(response).to have_gitlab_http_status(200)
@@ -89,22 +150,24 @@ describe API::Projects do
         )
       end
 
-      it 'reverts to current user when mirror_user_id is invalid' do
+      it 'updates project without mirror attributes when the project is unable to setup repository mirroring' do
+        stub_licensed_features(repository_mirrors: false)
+
+        put(api("/projects/#{project.id}", user), mirror_params)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(project.reload.mirror).to be false
+      end
+
+      it 'renders an API error when mirror user is invalid' do
         invalid_mirror_user = create(:user)
         project.add_developer(invalid_mirror_user)
         mirror_params[:mirror_user_id] = invalid_mirror_user.id
 
         put(api("/projects/#{project.id}", user), mirror_params)
 
-        expect(response).to have_gitlab_http_status(200)
-        expect(project.reload).to have_attributes(
-          mirror: true,
-          import_url: import_url,
-          mirror_user_id: user.id,
-          mirror_trigger_builds: true,
-          only_mirror_protected_branches: true,
-          mirror_overwrites_diverged_branches: true
-        )
+        expect(response).to have_gitlab_http_status(400)
+        expect(json_response["message"]).to eq("Invalid mirror user")
       end
 
       it 'returns 403 when the user does not have access to mirror settings' do

lib/api/helpers/projects_helpers.rb

@@ -33,7 +33,6 @@ module API
             optional :approvals_before_merge, type: Integer, desc: 'How many approvers should approve merge request by default'
             optional :external_authorization_classification_label, type: String, desc: 'The classification label for the project'
             optional :mirror, type: Boolean, desc: 'Enables pull mirroring in a project'
-            optional :mirror_user_id, type: Integer, desc: 'User responsible for all the activity surrounding a pull mirror event'
             optional :mirror_trigger_builds, type: Boolean, desc: 'Pull mirroring triggers builds'
           end
 

lib/api/projects.rb

@@ -140,6 +140,9 @@ module API
       post do
         attrs = declared_params(include_missing: false)
         attrs = translate_params_for_compatibility(attrs)
+
+        break render_api_error!("Pull mirroring is not available", 403) if attrs[:mirror].present? && !mirroring_available?
+
         attrs[:mirror_user_id] = current_user.id if attrs[:mirror]
 
         project = ::Projects::CreateService.new(current_user, attrs).execute
@@ -174,6 +177,9 @@ module API
 
         attrs = declared_params(include_missing: false)
         attrs = translate_params_for_compatibility(attrs)
+
+        break render_api_error!("Pull mirroring is not available", 403) if attrs[:mirror].present? && !mirroring_available?
+
         attrs[:mirror_user_id] = user.id if attrs[:mirror]
 
         project = ::Projects::CreateService.new(user, attrs).execute
@@ -297,6 +303,7 @@ module API
           :external_authorization_classification_label,
           :import_url
         ]
+        optional :mirror_user_id, type: Integer, desc: 'User responsible for all the activity surrounding a pull mirror event'
         optional :only_mirror_protected_branches, type: Boolean, desc: 'Only mirror protected branches'
         optional :mirror_overwrites_diverged_branches, type: Boolean, desc: 'Pull mirror overwrites diverged branches'
 
@@ -310,8 +317,9 @@ module API
         authorize! :change_visibility_level, user_project if attrs[:visibility].present?
 
         attrs = translate_params_for_compatibility(attrs)
-        attrs[:mirror] = user_project.mirror? unless attrs[:mirror].present?
-        attrs[:mirror_user_id] = current_user.id unless valid_mirror_user?(attrs)
+
+        break render_api_error!("Pull mirroring is not available", 403) if attrs[:mirror].present? && !mirroring_available?
+        break render_api_error!("Invalid mirror user", 400) unless valid_mirror_user?(attrs)
 
         result = ::Projects::UpdateService.new(user_project, current_user, attrs).execute