StatusPageSetting to StatusPage::ProjectSetting

- fix spec mentions - set manual table name - set factory to use new class

StatusPageSetting to StatusPage::ProjectSetting
- fix spec mentions - set manual table name - set factory to use new class
2e695db3 · Sean Arnold · Peter Leitzen · 43566a40 · 2e695db3 · 2e695db3
Commit 2e695db3 authored Apr 17, 2020 by Sean Arnold Committed by Peter Leitzen Apr 17, 2020
10 changed files
--- a/ee/app/models/ee/project.rb
+++ b/ee/app/models/ee/project.rb
@@ -47,7 +47,7 @@ module EE
      has_one :service_desk_setting, class_name: 'ServiceDeskSetting'
      has_one :tracing_setting, class_name: 'ProjectTracingSetting'
      has_one :feature_usage, class_name: 'ProjectFeatureUsage'
-      has_one :status_page_setting, inverse_of: :project
+      has_one :status_page_setting, inverse_of: :project, class_name: 'StatusPage::ProjectSetting'
      has_one :compliance_framework_setting, class_name: 'ComplianceManagement::ComplianceFramework::ProjectSettings', inverse_of: :project

      has_many :reviews, inverse_of: :project

--- a/ee/app/models/status_page/project_setting.rb
+++ b/ee/app/models/status_page/project_setting.rb
+# frozen_string_literal: true
+
+module StatusPage
+  class ProjectSetting < ApplicationRecord
+    # AWS validations. See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25863#note_295772553
+    AWS_BUCKET_NAME_REGEXP = /\A[a-z0-9][a-z0-9\-.]*\z/.freeze
+    AWS_ACCESS_KEY_REGEXP  = /\A[A-Z0-9]{20}\z/.freeze
+    AWS_SECRET_KEY_REGEXP  = /\A[A-Za-z0-9\/+=]{40}\z/.freeze
+
+    self.table_name = 'status_page_settings'
+
+    belongs_to :project
+
+    attr_encrypted :aws_secret_key,
+      mode:      :per_attribute_iv,
+      algorithm: 'aes-256-gcm',
+      key:       Settings.attr_encrypted_db_key_base_32
+
+    before_validation :check_secret_changes
+
+    validates :aws_s3_bucket_name,
+              length: { minimum: 3, maximum: 63 },
+              presence: true,
+              format: { with: AWS_BUCKET_NAME_REGEXP }
+    validates :aws_access_key,
+              presence: true,
+              format: { with: AWS_ACCESS_KEY_REGEXP }
+    validates :aws_secret_key,
+              presence: true,
+              format: { with: AWS_SECRET_KEY_REGEXP }
+    validates :project, :aws_region, :encrypted_aws_secret_key,
+              presence: true
+    validates :enabled, inclusion: { in: [true, false] }
+
+    scope :enabled, -> { where(enabled: true) }
+
+    def masked_aws_secret_key
+      return if aws_secret_key.blank?
+
+      '*' * 40
+    end
+
+    def enabled?
+      super &&
+        project&.feature_available?(:status_page) &&
+        project&.beta_feature_available?(:status_page)
+    end
+
+    def storage_client
+      return unless enabled?
+
+      StatusPage::Storage::S3Client.new(
+        region: aws_region,
+        bucket_name: aws_s3_bucket_name,
+        access_key_id: aws_access_key,
+        secret_access_key: aws_secret_key
+      )
+    end
+
+    private
+
+    def check_secret_changes
+      return unless masked_aws_secret_key == aws_secret_key
+
+      restore_attributes [:aws_secret_key, :encrypted_aws_secret_key, :encrypted_aws_secret_key_iv]
+    end
+  end
+end
--- a/ee/lib/ee/gitlab/usage_data.rb
+++ b/ee/lib/ee/gitlab/usage_data.rb
@@ -158,7 +158,7 @@ module EE
                projects_reporting_ci_cd_back_to_github: count(::GithubService.without_defaults.active),
                projects_with_packages: distinct_count(::Packages::Package, :project_id),
                projects_with_tracing_enabled: count(ProjectTracingSetting),
-                status_page_projects: count(::StatusPageSetting.enabled),
+                status_page_projects: count(::StatusPage::ProjectSetting.enabled),
                status_page_issues: count(::Issue.on_status_page),
                template_repositories: count(::Project.with_repos_templates) + count(::Project.with_groups_level_repos_templates)
              },

--- a/ee/spec/controllers/projects/settings/operations_controller_spec.rb
+++ b/ee/spec/controllers/projects/settings/operations_controller_spec.rb
@@ -295,7 +295,7 @@ describe Projects::Settings::OperationsController do
          project.status_page_setting
        end

-        it { is_expected.to be_a(StatusPageSetting) }
+        it { is_expected.to be_a(StatusPage::ProjectSetting) }

        context 'when feature flag is disabled' do
          before do

--- a/ee/spec/factories/status_page_settings.rb
+++ b/ee/spec/factories/status_page_settings.rb
 # frozen_string_literal: true

 FactoryBot.define do
-  factory :status_page_setting, class: 'StatusPageSetting' do
+  factory :status_page_setting, class: 'StatusPage::ProjectSetting' do
    project
    aws_s3_bucket_name { 'bucket-name' }
    aws_region { 'ap-southeast-2' }
-    aws_access_key { FFaker::String.from_regexp(StatusPageSetting::AWS_ACCESS_KEY_REGEXP) }
-    aws_secret_key { FFaker::String.from_regexp(StatusPageSetting::AWS_SECRET_KEY_REGEXP) }
+    aws_access_key { FFaker::String.from_regexp(StatusPage::ProjectSetting::AWS_ACCESS_KEY_REGEXP) }
+    aws_secret_key { FFaker::String.from_regexp(StatusPage::ProjectSetting::AWS_SECRET_KEY_REGEXP) }
    enabled { false }

    trait :enabled do

--- a/ee/spec/models/project_spec.rb
+++ b/ee/spec/models/project_spec.rb
@@ -23,7 +23,7 @@ describe Project do

    it { is_expected.to have_one(:import_state).class_name('ProjectImportState') }
    it { is_expected.to have_one(:repository_state).class_name('ProjectRepositoryState').inverse_of(:project) }
-    it { is_expected.to have_one(:status_page_setting).class_name('StatusPageSetting') }
+    it { is_expected.to have_one(:status_page_setting).class_name('StatusPage::ProjectSetting') }
    it { is_expected.to have_one(:compliance_framework_setting).class_name('ComplianceManagement::ComplianceFramework::ProjectSettings') }

    it { is_expected.to have_many(:reviews).inverse_of(:project) }

--- a/ee/spec/models/status_page_setting_spec.rb
+++ b/ee/spec/models/status_page_setting_spec.rb
@@ -2,7 +2,7 @@

 require 'spec_helper'

-describe StatusPageSetting do
+describe StatusPage::ProjectSetting do
  describe 'associations' do
    it { is_expected.to belong_to(:project) }
  end
@@ -63,7 +63,7 @@ describe StatusPageSetting do
  end

  describe 'attribute encryption' do
-    let(:new_secret) { FFaker::String.from_regexp(StatusPageSetting::AWS_SECRET_KEY_REGEXP) }
+    let(:new_secret) { FFaker::String.from_regexp(StatusPage::ProjectSetting::AWS_SECRET_KEY_REGEXP) }

    subject(:status_page_setting) { create(:status_page_setting, aws_secret_key: new_secret) }


--- a/ee/spec/services/status_page/unpublish_details_service_spec.rb
+++ b/ee/spec/services/status_page/unpublish_details_service_spec.rb
@@ -17,7 +17,7 @@ describe StatusPage::UnpublishDetailsService do
    let(:storage_client) { instance_double(StatusPage::Storage::S3Client) }

    let(:status_page_setting) do
-      instance_double(StatusPageSetting, enabled?: status_page_setting_enabled,
+      instance_double(StatusPage::ProjectSetting, enabled?: status_page_setting_enabled,
                      storage_client: storage_client)
    end


--- a/ee/spec/support/shared_contexts/status_page/status_page_enabled_context.rb
+++ b/ee/spec/support/shared_contexts/status_page/status_page_enabled_context.rb
@@ -9,6 +9,7 @@ RSpec.shared_context 'status page enabled' do

    unless project.status_page_setting
      create(:status_page_setting, :enabled, project: project)
+      project.reload
    end
  end
 end
--- a/ee/spec/support/shared_examples/status_page/publish_shared_examples.rb
+++ b/ee/spec/support/shared_examples/status_page/publish_shared_examples.rb
@@ -7,7 +7,7 @@ RSpec.shared_examples 'publish incidents' do
  let(:content_json) { content.to_json }

  let(:status_page_setting) do
-    instance_double(StatusPageSetting, enabled?: status_page_setting_enabled,
+    instance_double(StatusPage::ProjectSetting, enabled?: status_page_setting_enabled,
                    storage_client: storage_client)
  end