Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
0fd397bb
Commit
0fd397bb
authored
Nov 21, 2016
by
James Lopez
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added permissions per stage to cycle analytics endpoint
parent
9aded5c8
Changes
13
Hide whitespace changes
Inline
Side-by-side
Showing
13 changed files
with
199 additions
and
11 deletions
+199
-11
app/controllers/projects/cycle_analytics_controller.rb
app/controllers/projects/cycle_analytics_controller.rb
+3
-2
app/models/cycle_analytics.rb
app/models/cycle_analytics.rb
+8
-1
changelogs/unreleased/fix-cycle-analytics-permissions.yml
changelogs/unreleased/fix-cycle-analytics-permissions.yml
+4
-0
lib/gitlab/cycle_analytics/permissions.rb
lib/gitlab/cycle_analytics/permissions.rb
+49
-0
spec/lib/gitlab/cycle_analytics/permissions_spec.rb
spec/lib/gitlab/cycle_analytics/permissions_spec.rb
+127
-0
spec/models/cycle_analytics/code_spec.rb
spec/models/cycle_analytics/code_spec.rb
+1
-1
spec/models/cycle_analytics/issue_spec.rb
spec/models/cycle_analytics/issue_spec.rb
+1
-1
spec/models/cycle_analytics/plan_spec.rb
spec/models/cycle_analytics/plan_spec.rb
+1
-1
spec/models/cycle_analytics/production_spec.rb
spec/models/cycle_analytics/production_spec.rb
+1
-1
spec/models/cycle_analytics/review_spec.rb
spec/models/cycle_analytics/review_spec.rb
+1
-1
spec/models/cycle_analytics/staging_spec.rb
spec/models/cycle_analytics/staging_spec.rb
+1
-1
spec/models/cycle_analytics/summary_spec.rb
spec/models/cycle_analytics/summary_spec.rb
+1
-1
spec/models/cycle_analytics/test_spec.rb
spec/models/cycle_analytics/test_spec.rb
+1
-1
No files found.
app/controllers/projects/cycle_analytics_controller.rb
View file @
0fd397bb
...
...
@@ -6,7 +6,7 @@ class Projects::CycleAnalyticsController < Projects::ApplicationController
before_action
:authorize_read_cycle_analytics!
def
show
@cycle_analytics
=
::
CycleAnalytics
.
new
(
@project
,
from:
start_date
(
cycle_analytics_params
))
@cycle_analytics
=
::
CycleAnalytics
.
new
(
@project
,
from:
start_date
(
cycle_analytics_params
)
,
user:
current_user
)
respond_to
do
|
format
|
format
.
html
...
...
@@ -54,7 +54,8 @@ class Projects::CycleAnalyticsController < Projects::ApplicationController
{
summary:
summary
,
stats:
stats
stats:
stats
,
permissions:
@cycle_analytics
.
permissions
}
end
end
app/models/cycle_analytics.rb
View file @
0fd397bb
class
CycleAnalytics
def
initialize
(
project
,
from
:)
STAGES
=
%i[issue plan code test review staging production]
.
freeze
def
initialize
(
project
,
from
:,
user
:)
@project
=
project
@from
=
from
@user
=
user
@fetcher
=
Gitlab
::
CycleAnalytics
::
MetricsFetcher
.
new
(
project:
project
,
from:
from
,
branch:
nil
)
end
...
...
@@ -9,6 +12,10 @@ class CycleAnalytics
@summary
||=
Summary
.
new
(
@project
,
from:
@from
)
end
def
permissions
Gitlab
::
CycleAnalytics
::
Permissions
.
get
(
user:
@user
,
project:
@project
)
end
def
issue
@fetcher
.
calculate_metric
(
:issue
,
Issue
.
arel_table
[
:created_at
],
...
...
changelogs/unreleased/fix-cycle-analytics-permissions.yml
0 → 100644
View file @
0fd397bb
---
title
:
Added permissions per stage to cycle analytics endpoint
merge_request
:
author
:
lib/gitlab/cycle_analytics/permissions.rb
0 → 100644
View file @
0fd397bb
module
Gitlab
module
CycleAnalytics
class
Permissions
STAGE_PERMISSIONS
=
{
read_build:
[
:test
,
:staging
],
read_issue:
[
:issue
,
:production
],
read_merge_request:
[
:code
,
:review
]
}.
freeze
def
self
.
get
(
*
args
)
new
(
*
args
).
get
end
def
initialize
(
user
:,
project
:)
@user
=
user
@project
=
project
@stage_permission_hash
=
{}
end
def
get
::
CycleAnalytics
::
STAGES
.
each
do
|
stage
|
@stage_permission_hash
[
stage
]
=
authorized_stage?
(
stage
)
end
@stage_permission_hash
end
private
def
authorized_stage?
(
stage
)
return
false
unless
authorize_project
(
:read_cycle_analytics
)
permissions_for_stage
(
stage
).
keys
.
each
do
|
permission
|
return
false
unless
authorize_project
(
permission
)
end
true
end
def
permissions_for_stage
(
stage
)
STAGE_PERMISSIONS
.
select
{
|
_permission
,
stages
|
stages
.
include?
(
stage
)
}
end
def
authorize_project
(
permission
)
Ability
.
allowed?
(
@user
,
permission
,
@project
)
end
end
end
end
spec/lib/gitlab/cycle_analytics/permissions_spec.rb
0 → 100644
View file @
0fd397bb
require
'spec_helper'
describe
Gitlab
::
CycleAnalytics
::
Permissions
do
let
(
:project
)
{
create
(
:empty_project
)
}
let
(
:user
)
{
create
(
:user
)
}
subject
{
described_class
.
get
(
user:
user
,
project:
project
)
}
context
'user with no relation to the project'
do
it
'has no permissions to issue stage'
do
expect
(
subject
[
:issue
]).
to
eq
(
false
)
end
it
'has no permissions to test stage'
do
expect
(
subject
[
:test
]).
to
eq
(
false
)
end
it
'has no permissions to staging stage'
do
expect
(
subject
[
:staging
]).
to
eq
(
false
)
end
it
'has no permissions to production stage'
do
expect
(
subject
[
:production
]).
to
eq
(
false
)
end
it
'has no permissions to code stage'
do
expect
(
subject
[
:code
]).
to
eq
(
false
)
end
it
'has no permissions to review stage'
do
expect
(
subject
[
:review
]).
to
eq
(
false
)
end
it
'has no permissions to plan stage'
do
expect
(
subject
[
:plan
]).
to
eq
(
false
)
end
end
context
'user is master'
do
before
do
project
.
team
<<
[
user
,
:master
]
end
it
'has permissions to issue stage'
do
expect
(
subject
[
:issue
]).
to
eq
(
true
)
end
it
'has permissions to test stage'
do
expect
(
subject
[
:test
]).
to
eq
(
true
)
end
it
'has permissions to staging stage'
do
expect
(
subject
[
:staging
]).
to
eq
(
true
)
end
it
'has permissions to production stage'
do
expect
(
subject
[
:production
]).
to
eq
(
true
)
end
it
'has permissions to code stage'
do
expect
(
subject
[
:code
]).
to
eq
(
true
)
end
it
'has permissions to review stage'
do
expect
(
subject
[
:review
]).
to
eq
(
true
)
end
it
'has permissions to plan stage'
do
expect
(
subject
[
:plan
]).
to
eq
(
true
)
end
end
context
'user has no build permissions'
do
before
do
project
.
team
<<
[
user
,
:guest
]
end
it
'has permissions to issue stage'
do
expect
(
subject
[
:issue
]).
to
eq
(
true
)
end
it
'has no permissions to test stage'
do
expect
(
subject
[
:test
]).
to
eq
(
false
)
end
it
'has no permissions to staging stage'
do
expect
(
subject
[
:staging
]).
to
eq
(
false
)
end
end
context
'user has no merge request permissions'
do
before
do
project
.
team
<<
[
user
,
:guest
]
end
it
'has permissions to issue stage'
do
expect
(
subject
[
:issue
]).
to
eq
(
true
)
end
it
'has no permissions to code stage'
do
expect
(
subject
[
:code
]).
to
eq
(
false
)
end
it
'has no permissions to review stage'
do
expect
(
subject
[
:review
]).
to
eq
(
false
)
end
end
context
'user has no issue permissions'
do
before
do
project
.
team
<<
[
user
,
:developer
]
project
.
project_feature
.
update_attribute
(
:issues_access_level
,
ProjectFeature
::
DISABLED
)
end
it
'has permissions to code stage'
do
expect
(
subject
[
:code
]).
to
eq
(
true
)
end
it
'has no permissions to issue stage'
do
expect
(
subject
[
:issue
]).
to
eq
(
false
)
end
it
'has no permissions to production stage'
do
expect
(
subject
[
:production
]).
to
eq
(
false
)
end
end
end
spec/models/cycle_analytics/code_spec.rb
View file @
0fd397bb
...
...
@@ -6,7 +6,7 @@ describe 'CycleAnalytics#code', feature: true do
let
(
:project
)
{
create
(
:project
)
}
let
(
:from_date
)
{
10
.
days
.
ago
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
,
user:
user
)
}
context
'with deployment'
do
generate_cycle_analytics_spec
(
...
...
spec/models/cycle_analytics/issue_spec.rb
View file @
0fd397bb
...
...
@@ -6,7 +6,7 @@ describe 'CycleAnalytics#issue', models: true do
let
(
:project
)
{
create
(
:project
)
}
let
(
:from_date
)
{
10
.
days
.
ago
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
,
user:
user
)
}
generate_cycle_analytics_spec
(
phase: :issue
,
...
...
spec/models/cycle_analytics/plan_spec.rb
View file @
0fd397bb
...
...
@@ -6,7 +6,7 @@ describe 'CycleAnalytics#plan', feature: true do
let
(
:project
)
{
create
(
:project
)
}
let
(
:from_date
)
{
10
.
days
.
ago
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
,
user:
user
)
}
generate_cycle_analytics_spec
(
phase: :plan
,
...
...
spec/models/cycle_analytics/production_spec.rb
View file @
0fd397bb
...
...
@@ -6,7 +6,7 @@ describe 'CycleAnalytics#production', feature: true do
let
(
:project
)
{
create
(
:project
)
}
let
(
:from_date
)
{
10
.
days
.
ago
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
,
user:
user
)
}
generate_cycle_analytics_spec
(
phase: :production
,
...
...
spec/models/cycle_analytics/review_spec.rb
View file @
0fd397bb
...
...
@@ -6,7 +6,7 @@ describe 'CycleAnalytics#review', feature: true do
let
(
:project
)
{
create
(
:project
)
}
let
(
:from_date
)
{
10
.
days
.
ago
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
,
user:
user
)
}
generate_cycle_analytics_spec
(
phase: :review
,
...
...
spec/models/cycle_analytics/staging_spec.rb
View file @
0fd397bb
...
...
@@ -6,7 +6,7 @@ describe 'CycleAnalytics#staging', feature: true do
let
(
:project
)
{
create
(
:project
)
}
let
(
:from_date
)
{
10
.
days
.
ago
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
,
user:
user
)
}
generate_cycle_analytics_spec
(
phase: :staging
,
...
...
spec/models/cycle_analytics/summary_spec.rb
View file @
0fd397bb
...
...
@@ -4,7 +4,7 @@ describe CycleAnalytics::Summary, models: true do
let
(
:project
)
{
create
(
:project
)
}
let
(
:from
)
{
Time
.
now
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
subject
{
described_class
.
new
(
project
,
from:
from
)
}
subject
{
described_class
.
new
(
project
,
from:
from
,
user:
user
)
}
describe
"#new_issues"
do
it
"finds the number of issues created after the 'from date'"
do
...
...
spec/models/cycle_analytics/test_spec.rb
View file @
0fd397bb
...
...
@@ -6,7 +6,7 @@ describe 'CycleAnalytics#test', feature: true do
let
(
:project
)
{
create
(
:project
)
}
let
(
:from_date
)
{
10
.
days
.
ago
}
let
(
:user
)
{
create
(
:user
,
:admin
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
)
}
subject
{
CycleAnalytics
.
new
(
project
,
from:
from_date
,
user:
user
)
}
generate_cycle_analytics_spec
(
phase: :test
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment