Commit 2bbc69a6 authored by Pedro Pombeiro's avatar Pedro Pombeiro

Add mutation to change namespace shared runners setting

Changelog: added
parent 10227591
# frozen_string_literal: true
module Mutations
module Groups
class UpdateSharedRunnersSetting < Mutations::BaseMutation
include Mutations::ResolvesGroup
graphql_name 'GroupSharedRunnersSettingUpdate'
authorize :update_group_shared_runners_setting
argument :full_path, GraphQL::Types::ID,
required: true,
description: 'Full path of the group that will be updated.'
argument :shared_runners_setting, Types::Namespace::SharedRunnersSettingEnum,
required: true,
description: copy_field_description(Types::GroupType, :shared_runners_setting)
def resolve(full_path:, **args)
group = authorized_find!(full_path: full_path)
result = ::Groups::UpdateSharedRunnersService
.new(group, current_user, args)
.execute
{
errors: result[:status] == :success ? [] : Array.wrap(result[:message])
}
end
private
def find_object(full_path:)
resolve_group(full_path: full_path)
end
end
end
end
...@@ -105,6 +105,7 @@ module Types ...@@ -105,6 +105,7 @@ module Types
mount_mutation Mutations::Ci::Runner::Delete, feature_flag: :runner_graphql_query mount_mutation Mutations::Ci::Runner::Delete, feature_flag: :runner_graphql_query
mount_mutation Mutations::Ci::RunnersRegistrationToken::Reset, feature_flag: :runner_graphql_query mount_mutation Mutations::Ci::RunnersRegistrationToken::Reset, feature_flag: :runner_graphql_query
mount_mutation Mutations::Namespace::PackageSettings::Update mount_mutation Mutations::Namespace::PackageSettings::Update
mount_mutation Mutations::Groups::UpdateSharedRunnersSetting
mount_mutation Mutations::UserCallouts::Create mount_mutation Mutations::UserCallouts::Create
mount_mutation Mutations::Packages::Destroy mount_mutation Mutations::Packages::Destroy
mount_mutation Mutations::Packages::DestroyFile mount_mutation Mutations::Packages::DestroyFile
......
...@@ -226,6 +226,10 @@ class GroupPolicy < BasePolicy ...@@ -226,6 +226,10 @@ class GroupPolicy < BasePolicy
rule { developer & dependency_proxy_available } rule { developer & dependency_proxy_available }
.enable :admin_dependency_proxy .enable :admin_dependency_proxy
rule { can?(:admin_group) }.policy do
enable :update_group_shared_runners_setting
end
rule { can?(:admin_group) & resource_access_token_feature_available }.policy do rule { can?(:admin_group) & resource_access_token_feature_available }.policy do
enable :read_resource_access_tokens enable :read_resource_access_tokens
enable :destroy_resource_access_tokens enable :destroy_resource_access_tokens
......
...@@ -2360,6 +2360,25 @@ Input type: `GitlabSubscriptionActivateInput` ...@@ -2360,6 +2360,25 @@ Input type: `GitlabSubscriptionActivateInput`
| <a id="mutationgitlabsubscriptionactivateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | | <a id="mutationgitlabsubscriptionactivateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. |
| <a id="mutationgitlabsubscriptionactivatelicense"></a>`license` | [`CurrentLicense`](#currentlicense) | The current license. | | <a id="mutationgitlabsubscriptionactivatelicense"></a>`license` | [`CurrentLicense`](#currentlicense) | The current license. |
### `Mutation.groupSharedRunnersSettingUpdate`
Input type: `GroupSharedRunnersSettingUpdateInput`
#### Arguments
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="mutationgroupsharedrunnerssettingupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationgroupsharedrunnerssettingupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Full path of the group that will be updated. |
| <a id="mutationgroupsharedrunnerssettingupdatesharedrunnerssetting"></a>`sharedRunnersSetting` | [`SharedRunnersSetting!`](#sharedrunnerssetting) | Shared runners availability for the namespace and its descendants. |
#### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="mutationgroupsharedrunnerssettingupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationgroupsharedrunnerssettingupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. |
### `Mutation.httpIntegrationCreate` ### `Mutation.httpIntegrationCreate`
Input type: `HttpIntegrationCreateInput` Input type: `HttpIntegrationCreateInput`
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Mutations::Groups::UpdateSharedRunnersSetting do
using RSpec::Parameterized::TableSyntax
let_it_be_with_reload(:group) { create(:group) }
let_it_be(:user) { create(:user) }
let(:params) { { full_path: group.full_path } }
specify { expect(described_class).to require_graphql_authorizations(:update_group_shared_runners_setting) }
describe '#resolve' do
subject { described_class.new(object: group, context: { current_user: user }, field: nil).resolve(**params) }
RSpec.shared_examples 'updating the group shared runners setting' do
it 'updates the group shared runners setting' do
expect { subject }
.to change { group.reload.shared_runners_setting }.from('enabled').to('disabled_and_unoverridable')
end
it 'returns no errors' do
expect(subject).to eq(errors: [])
end
context 'with invalid params' do
let_it_be(:params) { { full_path: group.full_path, shared_runners_setting: 'inexistent_setting' } }
it 'doesn\'t update the shared_runners_setting' do
expect { subject }
.not_to change { group.reload.shared_runners_setting }
end
it 'returns an error' do
expect(subject).to eq(
errors: ["state must be one of: #{::Namespace::SHARED_RUNNERS_SETTINGS.join(', ')}"]
)
end
end
end
RSpec.shared_examples 'denying access to group shared runners setting' do
it 'raises Gitlab::Graphql::Errors::ResourceNotAvailable' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'with existing group shared runners setting' do
let_it_be(:params) do
{ full_path: group.full_path,
shared_runners_setting: 'disabled_and_unoverridable' }
end
where(:user_role, :shared_examples_name) do
:owner | 'updating the group shared runners setting'
:developer | 'denying access to group shared runners setting'
:reporter | 'denying access to group shared runners setting'
:guest | 'denying access to group shared runners setting'
:anonymous | 'denying access to group shared runners setting'
end
with_them do
before do
group.send("add_#{user_role}", user) unless user_role == :anonymous
end
it_behaves_like params[:shared_examples_name]
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment