Merge branch 'group_default_visibility' into 'master'

Fix visibility level error when updating group from API Closes #23083 See merge request gitlab-org/gitlab!17227

Merge branch 'group_default_visibility' into 'master'
Fix visibility level error when updating group from API Closes #23083 See merge request gitlab-org/gitlab!17227
2ba3231c · Douglas Barbosa Alexandre · efcb61a1 · 736971d6 · 2ba3231c · 2ba3231c
Commit 2ba3231c authored Sep 26, 2019 by Douglas Barbosa Alexandre
4 changed files
--- a/app/services/groups/create_service.rb
+++ b/app/services/groups/create_service.rb
@@ -9,6 +9,7 @@ module Groups

    def execute
      remove_unallowed_params
+      set_visibility_level

      @group = Group.new(params)

@@ -68,6 +69,12 @@ module Groups

      true
    end
+
+    def set_visibility_level
+      return if visibility_level.present?
+
+      params[:visibility_level] = Gitlab::CurrentSettings.current_application_settings.default_group_visibility
+    end
  end
 end


--- a/changelogs/unreleased/group_default_visibility.yml
+++ b/changelogs/unreleased/group_default_visibility.yml
+---
+title: Fix visibility level error when updating group from API
+merge_request: 17227
+author: Mathieu Parent
+type: fixed
--- a/lib/api/helpers/groups_helpers.rb
+++ b/lib/api/helpers/groups_helpers.rb
@@ -10,8 +10,6 @@ module API
        optional :description, type: String, desc: 'The description of the group'
        optional :visibility, type: String,
                 values: Gitlab::VisibilityLevel.string_values,
-                 default: Gitlab::VisibilityLevel.string_level(
-                   Gitlab::CurrentSettings.current_application_settings.default_group_visibility),
                 desc: 'The visibility of the group'
        optional :lfs_enabled, type: Boolean, desc: 'Enable/disable LFS for the projects in this group'
        optional :request_access_enabled, type: Boolean, desc: 'Allow users to request member access'

--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -497,6 +497,29 @@ describe API::Groups do

        expect(response).to have_gitlab_http_status(404)
      end
+
+      context 'within a subgroup' do
+        let(:group3) { create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC) }
+        let!(:subgroup) { create(:group, parent: group3, visibility_level: Gitlab::VisibilityLevel::PUBLIC) }
+
+        before do
+          group3.add_owner(user3)
+        end
+
+        it 'does not change visibility when not requested' do
+          put api("/groups/#{group3.id}", user3), params: { description: 'Bug #23083' }
+
+          expect(response).to have_gitlab_http_status(200)
+          expect(json_response['visibility']).to eq('public')
+        end
+
+        it 'prevents making private a group containing public subgroups' do
+          put api("/groups/#{group3.id}", user3), params: { visibility: 'private' }
+
+          expect(response).to have_gitlab_http_status(400)
+          expect(json_response['message']['visibility_level']).to contain_exactly('private is not allowed since there are sub-groups with higher visibility.')
+        end
+      end
    end

    context 'when authenticated as the admin' do