Consider artifact locking in build_details_entity

Uses `build.pipeline.artifacts_locked?` to help determine whether or not to show the artifact controls in the job details page.

Consider artifact locking in build_details_entity
Uses `build.pipeline.artifacts_locked?` to help determine whether or not to show the artifact controls in the job details page.
16ce6833 · Matija Čupić · 72c7c40b · 16ce6833 · 16ce6833 · 16ce6833
Commit 16ce6833 authored Aug 07, 2020 by Matija Čupić
4 changed files
--- a/app/controllers/projects/artifacts_controller.rb
+++ b/app/controllers/projects/artifacts_controller.rb
@@ -108,7 +108,9 @@ class Projects::ArtifactsController < Projects::ApplicationController
  end

  def validate_artifacts!
-    render_404 unless build&.artifacts?
+    if build.nil? || build.artifacts_file.nil? || (build.pipeline.unlocked? && build.artifacts_expired?)
+      render_404
+    end
  end

  def build

--- a/app/serializers/build_details_entity.rb
+++ b/app/serializers/build_details_entity.rb
@@ -27,11 +27,11 @@ class BuildDetailsEntity < JobEntity
  end

  expose :artifact, if: -> (*) { can?(current_user, :read_build, build) } do
-    expose :download_path, if: -> (*) { build.artifacts? } do |build|
+    expose :download_path, if: -> (*) { build.pipeline.artifacts_locked? || build.artifacts? } do |build|
      download_project_job_artifacts_path(project, build)
    end

-    expose :browse_path, if: -> (*) { build.browsable_artifacts? } do |build|
+    expose :browse_path, if: -> (*) { build.pipeline.artifacts_locked? || build.browsable_artifacts? } do |build|
      browse_project_job_artifacts_path(project, build)
    end

@@ -46,6 +46,10 @@ class BuildDetailsEntity < JobEntity
    expose :expired, if: -> (*) { build.artifacts_expire_at.present? } do |build|
      build.artifacts_expired?
    end
+
+    expose :locked do |build|
+      build.pipeline.artifacts_locked?
+    end
  end

  expose :report_artifacts,

--- a/spec/fixtures/api/schemas/job/artifact.json
+++ b/spec/fixtures/api/schemas/job/artifact.json
@@ -5,7 +5,8 @@
    "browse_path": { "type": "string"},
    "keep_path": { "type": "string"},
    "expired": { "type": "boolean" },
-    "expire_at": { "type": "string", "format": "date-time" }
+    "expire_at": { "type": "string", "format": "date-time" },
+    "locked": { "type": "boolean" }
  },
  "additionalProperties": false
 }
--- a/spec/serializers/build_details_entity_spec.rb
+++ b/spec/serializers/build_details_entity_spec.rb
@@ -185,12 +185,38 @@ RSpec.describe BuildDetailsEntity do
      end
    end

+    context 'when the build has expired artifacts' do
+      let!(:build) { create(:ci_build, :artifacts, artifacts_expire_at: 7.days.ago) }
+
+      it 'does not expose any artifact actions path' do
+        expect(subject[:artifact].keys).not_to include(:download_path, :browse_path, :keep_path)
+      end
+
+      it 'artifact locked is false' do
+        expect(subject.dig(:artifact, :locked)).to eq(false)
+      end
+
+      context 'when the pipeline is artifacts_locked' do
+        before do
+          build.pipeline.update!(locked: :artifacts_locked)
+        end
+
+        it 'artifact locked is true' do
+          expect(subject.dig(:artifact, :locked)).to eq(true)
+        end
+
+        it 'exposes download and browse artifact actions path' do
+          expect(subject[:artifact].keys).to include(:download_path, :browse_path)
+        end
+      end
+    end
+
    context 'when the build has archive type artifacts' do
      let!(:build) { create(:ci_build, :artifacts, artifacts_expire_at: 7.days.from_now) }
      let!(:report) { create(:ci_job_artifact, :codequality, job: build) }

      it 'exposes artifact details' do
-        expect(subject[:artifact].keys).to include(:download_path, :browse_path, :keep_path, :expire_at, :expired)
+        expect(subject[:artifact].keys).to include(:download_path, :browse_path, :keep_path, :expire_at, :expired, :locked)
      end
    end
  end