Commit 085a1a2f authored by Heinrich Lee Yu's avatar Heinrich Lee Yu

Merge branch '210541-move-reset_alerting_token-to-core' into 'master'

Move Operations#reset_alerting_token to CE

Closes #210541

See merge request gitlab-org/gitlab!27890
parents 2109ab64 ab38d7af
...@@ -4,6 +4,9 @@ module Projects ...@@ -4,6 +4,9 @@ module Projects
module Settings module Settings
class OperationsController < Projects::ApplicationController class OperationsController < Projects::ApplicationController
before_action :authorize_admin_operations! before_action :authorize_admin_operations!
before_action :authorize_read_prometheus_alerts!, only: [:reset_alerting_token]
respond_to :json, only: [:reset_alerting_token]
helper_method :error_tracking_setting helper_method :error_tracking_setting
...@@ -27,8 +30,24 @@ module Projects ...@@ -27,8 +30,24 @@ module Projects
end end
end end
def reset_alerting_token
result = ::Projects::Operations::UpdateService
.new(project, current_user, alerting_params)
.execute
if result[:status] == :success
render json: { token: project.alerting_setting.token }
else
render json: {}, status: :unprocessable_entity
end
end
private private
def alerting_params
{ alerting_setting_attributes: { regenerate_token: true } }
end
def prometheus_service def prometheus_service
project.find_or_initialize_service(::PrometheusService.to_param) project.find_or_initialize_service(::PrometheusService.to_param)
end end
......
...@@ -13,12 +13,30 @@ module Projects ...@@ -13,12 +13,30 @@ module Projects
def project_update_params def project_update_params
error_tracking_params error_tracking_params
.merge(alerting_setting_params)
.merge(metrics_setting_params) .merge(metrics_setting_params)
.merge(grafana_integration_params) .merge(grafana_integration_params)
.merge(prometheus_integration_params) .merge(prometheus_integration_params)
.merge(incident_management_setting_params) .merge(incident_management_setting_params)
end end
def alerting_setting_params
return {} unless can?(current_user, :read_prometheus_alerts, project)
attr = params[:alerting_setting_attributes]
return {} unless attr
regenerate_token = attr.delete(:regenerate_token)
if regenerate_token
attr[:token] = nil
else
attr = attr.except(:token)
end
{ alerting_setting_attributes: attr }
end
def metrics_setting_params def metrics_setting_params
attribs = params[:metrics_setting_attributes] attribs = params[:metrics_setting_attributes]
return {} unless attribs return {} unless attribs
......
...@@ -75,7 +75,12 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do ...@@ -75,7 +75,12 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
put :reset_registration_token put :reset_registration_token
end end
resource :operations, only: [:show, :update] resource :operations, only: [:show, :update] do
member do
post :reset_alerting_token
end
end
resource :integrations, only: [:show] resource :integrations, only: [:show]
resource :repository, only: [:show], controller: :repository do resource :repository, only: [:show], controller: :repository do
......
...@@ -8,31 +8,10 @@ module EE ...@@ -8,31 +8,10 @@ module EE
extend ActiveSupport::Concern extend ActiveSupport::Concern
prepended do prepended do
before_action :authorize_read_prometheus_alerts!,
only: [:reset_alerting_token]
respond_to :json, only: [:reset_alerting_token]
def reset_alerting_token
result = ::Projects::Operations::UpdateService
.new(project, current_user, alerting_params)
.execute
if result[:status] == :success
render json: { token: project.alerting_setting.token }
else
render json: {}, status: :unprocessable_entity
end
end
helper_method :tracing_setting helper_method :tracing_setting
private private
def alerting_params
{ alerting_setting_attributes: { regenerate_token: true } }
end
def tracing_setting def tracing_setting
@tracing_setting ||= project.tracing_setting || project.build_tracing_setting @tracing_setting ||= project.tracing_setting || project.build_tracing_setting
end end
......
...@@ -11,7 +11,6 @@ module EE ...@@ -11,7 +11,6 @@ module EE
def project_update_params def project_update_params
super super
.merge(tracing_setting_params) .merge(tracing_setting_params)
.merge(alerting_setting_params)
.merge(incident_management_setting_params) .merge(incident_management_setting_params)
.merge(status_page_setting_params) .merge(status_page_setting_params)
end end
...@@ -27,23 +26,6 @@ module EE ...@@ -27,23 +26,6 @@ module EE
{ tracing_setting_attributes: attr.merge(_destroy: destroy) } { tracing_setting_attributes: attr.merge(_destroy: destroy) }
end end
def alerting_setting_params
return {} unless can?(current_user, :read_prometheus_alerts, project)
attr = params[:alerting_setting_attributes]
return {} unless attr
regenerate_token = attr.delete(:regenerate_token)
if regenerate_token
attr[:token] = nil
else
attr = attr.except(:token)
end
{ alerting_setting_attributes: attr }
end
def incident_management_setting_params def incident_management_setting_params
params.slice(:incident_management_setting_attributes) params.slice(:incident_management_setting_attributes)
end end
......
...@@ -38,12 +38,6 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do ...@@ -38,12 +38,6 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
end end
namespace :settings do namespace :settings do
resource :operations, only: [] do
member do
post :reset_alerting_token
end
end
resource :slack, only: [:destroy, :edit, :update] do resource :slack, only: [:destroy, :edit, :update] do
get :slack_auth get :slack_auth
end end
......
...@@ -365,107 +365,6 @@ describe Projects::Settings::OperationsController do ...@@ -365,107 +365,6 @@ describe Projects::Settings::OperationsController do
end end
end end
describe 'POST reset_alerting_token' do
let(:project) { create(:project) }
before do
stub_licensed_features(prometheus_alerts: true)
project.add_maintainer(user)
end
context 'with existing alerting setting' do
let!(:alerting_setting) do
create(:project_alerting_setting, project: project)
end
let!(:old_token) { alerting_setting.token }
it 'returns newly reset token' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['token']).to eq(alerting_setting.reload.token)
expect(old_token).not_to eq(alerting_setting.token)
end
end
context 'without existing alerting setting' do
it 'creates a token' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:ok)
expect(project.alerting_setting).not_to be_nil
expect(json_response['token']).to eq(project.alerting_setting.token)
end
end
context 'when update fails' do
let(:operations_update_service) { spy(:operations_update_service) }
let(:alerting_params) do
{ alerting_setting_attributes: { regenerate_token: true } }
end
before do
expect(::Projects::Operations::UpdateService)
.to receive(:new).with(project, user, alerting_params)
.and_return(operations_update_service)
expect(operations_update_service).to receive(:execute)
.and_return(status: :error)
end
it 'returns unprocessable_entity' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:unprocessable_entity)
expect(json_response).to be_empty
end
end
context 'with insufficient permissions' do
before do
project.add_reporter(user)
end
it 'returns 404' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'as an anonymous user' do
before do
sign_out(user)
end
it 'returns a redirect' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:redirect)
end
end
context 'without a license' do
before do
stub_licensed_features(prometheus_alerts: false)
end
it 'returns 404' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:not_found)
end
end
private
def reset_alerting_token
post :reset_alerting_token,
params: project_params(project),
format: :json
end
end
private private
def project_params(project, tracing_params: nil, incident_management_params: nil, status_page_params: nil) def project_params(project, tracing_params: nil, incident_management_params: nil, status_page_params: nil)
......
...@@ -99,88 +99,6 @@ describe Projects::Operations::UpdateService do ...@@ -99,88 +99,6 @@ describe Projects::Operations::UpdateService do
end end
end end
context 'alerting setting' do
before do
stub_licensed_features(prometheus_alerts: true)
project.add_maintainer(user)
end
shared_examples 'no operation' do
it 'does nothing' do
expect(result[:status]).to eq(:success)
expect(project.reload.alerting_setting).to be_nil
end
end
context 'with valid params' do
let(:params) { { alerting_setting_attributes: alerting_params } }
shared_examples 'setting creation' do
it 'creates a setting' do
expect(project.alerting_setting).to be_nil
expect(result[:status]).to eq(:success)
expect(project.reload.alerting_setting).not_to be_nil
end
end
context 'when regenerate_token is not set' do
let(:alerting_params) { { token: 'some token' } }
context 'with an existing setting' do
let!(:alerting_setting) do
create(:project_alerting_setting, project: project)
end
it 'ignores provided token' do
expect(result[:status]).to eq(:success)
expect(project.reload.alerting_setting.token)
.to eq(alerting_setting.token)
end
end
context 'without an existing setting' do
it_behaves_like 'setting creation'
end
end
context 'when regenerate_token is set' do
let(:alerting_params) { { regenerate_token: true } }
context 'with an existing setting' do
let(:token) { 'some token' }
let!(:alerting_setting) do
create(:project_alerting_setting, project: project, token: token)
end
it 'regenerates token' do
expect(result[:status]).to eq(:success)
expect(project.reload.alerting_setting.token).not_to eq(token)
end
end
context 'without an existing setting' do
it_behaves_like 'setting creation'
context 'with insufficient permissions' do
before do
project.add_reporter(user)
end
it_behaves_like 'no operation'
end
end
end
end
context 'with empty params' do
let(:params) { {} }
it_behaves_like 'no operation'
end
end
context 'status page setting' do context 'status page setting' do
before do before do
project.add_maintainer(user) project.add_maintainer(user)
......
...@@ -295,6 +295,94 @@ describe Projects::Settings::OperationsController do ...@@ -295,6 +295,94 @@ describe Projects::Settings::OperationsController do
end end
end end
end end
describe 'POST reset_alerting_token' do
let(:project) { create(:project) }
before do
project.add_maintainer(user)
end
context 'with existing alerting setting' do
let!(:alerting_setting) do
create(:project_alerting_setting, project: project)
end
let!(:old_token) { alerting_setting.token }
it 'returns newly reset token' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['token']).to eq(alerting_setting.reload.token)
expect(old_token).not_to eq(alerting_setting.token)
end
end
context 'without existing alerting setting' do
it 'creates a token' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:ok)
expect(project.alerting_setting).not_to be_nil
expect(json_response['token']).to eq(project.alerting_setting.token)
end
end
context 'when update fails' do
let(:operations_update_service) { spy(:operations_update_service) }
let(:alerting_params) do
{ alerting_setting_attributes: { regenerate_token: true } }
end
before do
expect(::Projects::Operations::UpdateService)
.to receive(:new).with(project, user, alerting_params)
.and_return(operations_update_service)
expect(operations_update_service).to receive(:execute)
.and_return(status: :error)
end
it 'returns unprocessable_entity' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:unprocessable_entity)
expect(json_response).to be_empty
end
end
context 'with insufficient permissions' do
before do
project.add_reporter(user)
end
it 'returns 404' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'as an anonymous user' do
before do
sign_out(user)
end
it 'returns a redirect' do
reset_alerting_token
expect(response).to have_gitlab_http_status(:redirect)
end
end
private
def reset_alerting_token
post :reset_alerting_token,
params: project_params(project),
format: :json
end
end
end end
private private
......
...@@ -11,6 +11,87 @@ describe Projects::Operations::UpdateService do ...@@ -11,6 +11,87 @@ describe Projects::Operations::UpdateService do
subject { described_class.new(project, user, params) } subject { described_class.new(project, user, params) }
describe '#execute' do describe '#execute' do
context 'alerting setting' do
before do
project.add_maintainer(user)
end
shared_examples 'no operation' do
it 'does nothing' do
expect(result[:status]).to eq(:success)
expect(project.reload.alerting_setting).to be_nil
end
end
context 'with valid params' do
let(:params) { { alerting_setting_attributes: alerting_params } }
shared_examples 'setting creation' do
it 'creates a setting' do
expect(project.alerting_setting).to be_nil
expect(result[:status]).to eq(:success)
expect(project.reload.alerting_setting).not_to be_nil
end
end
context 'when regenerate_token is not set' do
let(:alerting_params) { { token: 'some token' } }
context 'with an existing setting' do
let!(:alerting_setting) do
create(:project_alerting_setting, project: project)
end
it 'ignores provided token' do
expect(result[:status]).to eq(:success)
expect(project.reload.alerting_setting.token)
.to eq(alerting_setting.token)
end
end
context 'without an existing setting' do
it_behaves_like 'setting creation'
end
end
context 'when regenerate_token is set' do
let(:alerting_params) { { regenerate_token: true } }
context 'with an existing setting' do
let(:token) { 'some token' }
let!(:alerting_setting) do
create(:project_alerting_setting, project: project, token: token)
end
it 'regenerates token' do
expect(result[:status]).to eq(:success)
expect(project.reload.alerting_setting.token).not_to eq(token)
end
end
context 'without an existing setting' do
it_behaves_like 'setting creation'
context 'with insufficient permissions' do
before do
project.add_reporter(user)
end
it_behaves_like 'no operation'
end
end
end
end
context 'with empty params' do
let(:params) { {} }
it_behaves_like 'no operation'
end
end
context 'metrics dashboard setting' do context 'metrics dashboard setting' do
let(:params) do let(:params) do
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment