Commit 50506faa authored by Małgorzata Ksionek's avatar Małgorzata Ksionek

Add setting filtering to api endpoint

Fix schema file

Fix rubocop problems

Fix rubocop problems

Pretty up js file

Fix spacing
parent 3e908d49
This diff is collapsed.
......@@ -16,7 +16,7 @@ export default function mountProjectSettingsApprovals(el) {
...el.dataset,
prefix: 'project-settings',
allowMultiRule: parseBoolean(el.dataset.allowMultiRule),
canEdit: parseBoolean(el.dataset.canEdit)
canEdit: parseBoolean(el.dataset.canEdit),
});
return new Vue({
......
......@@ -87,7 +87,7 @@ module EE
attrs << %i[merge_pipelines_enabled]
end
attrs = attrs + merge_request_rules_params
attrs += merge_request_rules_params
if allow_mirror_params?
attrs + mirror_params
......@@ -115,15 +115,15 @@ module EE
def merge_request_rules_params
attrs = []
if can?(current_user, :modify_merge_request_commiter_setting, @project)
if can?(current_user, :modify_merge_request_commiter_setting, project)
attrs << :merge_requests_disable_committers_approval
end
if can?(current_user, :modify_approvers_rules, @project)
if can?(current_user, :modify_approvers_rules, project)
attrs << :disable_overriding_approvers_per_merge_request
end
if can?(current_user, :modify_merge_request_author_setting, @project)
if can?(current_user, :modify_merge_request_author_setting, project)
attrs << :merge_requests_author_approval
end
......
......@@ -734,6 +734,7 @@ module EE
return self[:merge_requests_author_approval] unless License.feature_available?(:merge_request_approvers_rules)
return false if ::Gitlab::CurrentSettings.prevent_merge_requests_author_approval?
self[:merge_requests_author_approval]
end
......
......@@ -48,7 +48,7 @@
.form-group.committers-approval
.form-check
= form.check_box :merge_requests_disable_committers_approval, { disabled: !can?(current_user, :modify_merge_request_commiter_setting, @project), class: 'form-check-input' }
= form.check_box :merge_requests_disable_committers_approval, { disabled: !can?(current_user, :modify_merge_request_commiter_setting, @project), class: 'form-check-input' }
= form.label :merge_requests_disable_committers_approval, class: 'form-check-label' do
%span= _('Prevent approval of merge requests by merge request committers')
= link_to icon('question-circle'), help_page_path('user/project/merge_requests/merge_request_approvals',
......
......@@ -7,6 +7,25 @@ module API
ARRAY_COERCION_LAMBDA = ->(val) { val.empty? ? [] : Array.wrap(val) }
helpers do
def filter_params(params)
unless can?(current_user, :modify_merge_request_commiter_setting, user_project)
params.delete(:merge_requests_disable_committers_approval)
end
unless can?(current_user, :modify_approvers_rules, user_project)
params.delete(:disable_overriding_approvers_per_merge_request)
end
unless can?(current_user, :modify_merge_request_author_setting, user_project)
params.delete(:merge_requests_author_approval)
end
# binding.pry
params
end
end
params do
requires :id, type: String, desc: 'The ID of a project'
end
......@@ -34,8 +53,8 @@ module API
at_least_one_of :approvals_before_merge, :reset_approvals_on_push, :disable_overriding_approvers_per_merge_request, :merge_requests_author_approval, :merge_requests_disable_committers_approval, :require_password_to_approve
end
post '/' do
project_params = declared(params, include_missing: false, include_parent_namespaces: false)
declared_params = declared(params, include_missing: false, include_parent_namespaces: false)
project_params = filter_params(declared_params)
result = ::Projects::UpdateService.new(user_project, current_user, project_params).execute
if result[:status] == :success
......
......@@ -356,7 +356,7 @@ describe ProjectsController do
describe ':disable_overriding_approvers_per_merge_request' do
it_behaves_like 'merge request approvers rules' do
let(:app_setting) { :disable_overriding_approvers_per_merge_request }
let(:setting) { :disable_overriding_approvers_per_merge_request}
let(:setting) { :disable_overriding_approvers_per_merge_request }
end
end
......
......@@ -482,7 +482,6 @@ describe Project do
end
end
context 'merge requests related settings' do
shared_examples 'setting modified by application setting' do
context 'final setting' do
......
......@@ -98,6 +98,39 @@ describe API::ProjectApprovals do
end
end
shared_examples 'updates merge requests settings when possible' do
using RSpec::Parameterized::TableSyntax
where(:license_value, :setting_value, :param_value, :final_value) do
false | false | false | false
false | true | false | false
false | false | true | true
false | true | true | true
true | false | false | false
true | true | false | nil
true | false | true | true
true | true | true | nil
end
with_them do
before do
stub_licensed_features(merge_request_approvers_rules: license_value)
stub_application_setting(app_setting => setting_value)
end
it 'changes settings properly' do
settings = {
setting => param_value
}
post api(url, current_user), params: settings
project.reload
expect(project[setting]).to eq(final_value)
end
end
end
context 'as a project admin' do
it_behaves_like 'a user with access' do
let(:current_user) { user }
......@@ -110,6 +143,62 @@ describe API::ProjectApprovals do
let(:current_user) { admin }
let(:visible_approver_groups_count) { 1 }
end
context 'updates merge requests settings' do
# context 'updates merge requests author approval setting when possible' do
# using RSpec::Parameterized::TableSyntax
# where(:license_value, :setting_value, :param_value, :final_value) do
# false | false | false | false
# false | true | false | false
# false | false | true | true
# false | true | true | true
# true | false | false | false
# true | true | false | false
# true | false | true | true
# true | true | true | false
# end
# with_them do
# let(:current_user) { admin }
# let(:app_setting) { :prevent_merge_requests_committers_approval }
# let(:setting) { :merge_requests_disable_committers_approval }
# before do
# stub_licensed_features(merge_request_approvers_rules: license_value)
# stub_application_setting(app_setting => setting_value)
# end
# it 'changes settings properly' do
# settings = {
# setting => param_value
# }
# post api(url, current_user), params: settings
# expect(json_response.symbolize_keys).to include({ setting => final_value})
# end
# end
# end
it_behaves_like 'updates merge requests settings when possible' do
let(:current_user) { admin }
let(:app_setting) { :disable_overriding_approvers_per_merge_request }
let(:setting) { :disable_overriding_approvers_per_merge_request }
end
it_behaves_like 'updates merge requests settings when possible' do
let(:current_user) { admin }
let(:app_setting) { :prevent_merge_requests_committers_approval }
let(:setting) { :merge_requests_disable_committers_approval }
end
it_behaves_like 'updates merge requests settings when possible' do
let(:current_user) { admin }
let(:app_setting) { :prevent_merge_requests_committers_approval }
let(:setting) { :merge_requests_disable_committers_approval }
end
end
end
context 'as a user without access' do
......
......@@ -11884,6 +11884,9 @@ msgstr ""
msgid "Merge requests"
msgstr ""
msgid "Merge requests approvals"
msgstr ""
msgid "Merge requests are a place to propose changes you've made to a project and discuss those changes with others"
msgstr ""
......@@ -14104,6 +14107,9 @@ msgstr ""
msgid "Prevent approval of merge requests by merge request author"
msgstr ""
msgid "Prevent approval of merge requests by merge request commiters"
msgstr ""
msgid "Prevent approval of merge requests by merge request committers"
msgstr ""
......@@ -16334,6 +16340,9 @@ msgstr ""
msgid "Rook"
msgstr ""
msgid "Rules that define what git pushes are accepted for a project. All newly created projects will use this settings."
msgstr ""
msgid "Run CI/CD pipelines for external repositories"
msgstr ""
......@@ -17370,6 +17379,9 @@ msgstr ""
msgid "Settings"
msgstr ""
msgid "Settings to prevent self-approval across all projects in the instance. Only an administrator can modify those settings."
msgstr ""
msgid "Severity: %{severity}"
msgstr ""
......@@ -21109,6 +21121,9 @@ msgstr ""
msgid "Users"
msgstr ""
msgid "Users cannot modify merge request approvers list"
msgstr ""
msgid "Users in License:"
msgstr ""
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment