Add import CSV endpoint for requiremtents

- Add Workhorse authorize endpoint for direct upload

Add import CSV endpoint for requiremtents
- Add Workhorse authorize endpoint for direct upload
5a3e6606 · Eugenia Grieff · Ash McKenzie · d59352ae · 5a3e6606 · 5a3e6606
Commit 5a3e6606 authored Nov 18, 2020 by Eugenia Grieff Committed by Ash McKenzie Nov 30, 2020
5 changed files
--- a/config/feature_flags/development/import_requirements_csv.yml
+++ b/config/feature_flags/development/import_requirements_csv.yml
+---
+name: import_requirements_csv
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/48060
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/284846
+milestone: '13.7'
+type: development
+group: group::product planning
+default_enabled: false
--- a/ee/app/controllers/projects/requirements_management/requirements_controller.rb
+++ b/ee/app/controllers/projects/requirements_management/requirements_controller.rb
@@ -2,6 +2,10 @@

 class Projects::RequirementsManagement::RequirementsController < Projects::ApplicationController
  before_action :authorize_read_requirement!
+  before_action :authorize_import_access!, only: [:import_csv]
+  before_action do
+    push_frontend_feature_flag(:import_requirements_csv, project)
+  end

  feature_category :requirements_management

@@ -10,4 +14,26 @@ class Projects::RequirementsManagement::RequirementsController < Projects::Appli
      format.html
    end
  end
+
+  def import_csv
+    if uploader = UploadService.new(project, params[:file]).execute
+      RequirementsManagement::ImportRequirementsCsvWorker.perform_async(current_user.id, project.id, uploader.upload.id) # rubocop:disable CodeReuse/Worker
+
+      flash[:notice] = _("Your requirements are being imported. Once finished, you'll get a confirmation email.")
+    else
+      flash[:alert] = _("File upload error.")
+    end
+
+    redirect_to project_requirements_management_requirements_path(project)
+  end
+
+  def authorize_import_access!
+    ensure_import_enabled
+
+    return if can?(current_user, :import_requirements, project)
+  end
+
+  def ensure_import_enabled
+    render_404 unless Feature.enabled?(:import_requirements_csv, project, default_enabled: false)
+  end
 end
--- a/ee/app/policies/ee/project_policy.rb
+++ b/ee/app/policies/ee/project_policy.rb
@@ -342,6 +342,7 @@ module EE
        enable :create_requirement_test_report
        enable :admin_requirement
        enable :update_requirement
+        enable :import_requirements
      end

      rule { requirements_available & owner }.enable :destroy_requirement

--- a/ee/config/routes/project.rb
+++ b/ee/config/routes/project.rb
@@ -12,7 +12,11 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
      # Use this scope for all new project routes.
      scope '-' do
        namespace :requirements_management do
-          resources :requirements, only: [:index]
+          resources :requirements, only: [:index] do
+            collection do
+              post :import_csv
+            end
+          end
        end

        namespace :quality do

--- a/ee/spec/controllers/projects/requirements_management/requirements_controller_spec.rb
+++ b/ee/spec/controllers/projects/requirements_management/requirements_controller_spec.rb
@@ -5,9 +5,17 @@ require 'spec_helper'
 RSpec.describe Projects::RequirementsManagement::RequirementsController do
  let_it_be(:user) { create(:user) }

-  subject { get :index, params: { namespace_id: project.namespace, project_id: project } }
+  shared_examples 'response with 404 status' do
+    it 'returns 404' do
+      subject
+
+      expect(response).to have_gitlab_http_status(:not_found)
+    end
+  end

  describe 'GET #index' do
+    subject { get :index, params: { namespace_id: project.namespace, project_id: project } }
+
    context 'private project' do
      let(:project) { create(:project) }

@@ -35,11 +43,7 @@ RSpec.describe Projects::RequirementsManagement::RequirementsController do
            stub_licensed_features(requirements: false)
          end

-          it 'returns 404' do
-            subject
-
-            expect(response).to have_gitlab_http_status(:not_found)
-          end
+          it_behaves_like 'response with 404 status'
        end
      end

@@ -53,11 +57,7 @@ RSpec.describe Projects::RequirementsManagement::RequirementsController do
            stub_licensed_features(requirements: true)
          end

-          it 'returns 404' do
-            subject
-
-            expect(response).to have_gitlab_http_status(:not_found)
-          end
+          it_behaves_like 'response with 404 status'
        end
      end

@@ -85,14 +85,10 @@ RSpec.describe Projects::RequirementsManagement::RequirementsController do
          sign_in(user)
        end

-        it 'returns 404' do
-          subject
-
-          expect(response).to have_gitlab_http_status(:not_found)
-        end
+        it_behaves_like 'response with 404 status'
      end

-      context 'with requirements visible to project memebers' do
+      context 'with requirements visible to project members' do
        before do
          project.project_feature.update!({ requirements_access_level: ::ProjectFeature::PRIVATE })
        end
@@ -116,11 +112,7 @@ RSpec.describe Projects::RequirementsManagement::RequirementsController do
            sign_in(user)
          end

-          it 'returns 404' do
-            subject
-
-            expect(response).to have_gitlab_http_status(:not_found)
-          end
+          it_behaves_like 'response with 404 status'
        end
      end

@@ -140,4 +132,89 @@ RSpec.describe Projects::RequirementsManagement::RequirementsController do
      end
    end
  end
+
+  describe 'POST #import_csv' do
+    let_it_be(:project) { create(:project, :public) }
+    let(:file) { fixture_file_upload('spec/fixtures/csv_comma.csv') }
+
+    subject { import_csv }
+
+    context 'unauthorized' do
+      context 'when user is not signed in' do
+        before do
+          sign_out(:user)
+        end
+
+        it_behaves_like 'response with 404 status'
+      end
+
+      context 'with project members with guest role' do
+        before do
+          sign_in(user)
+          project.add_guest(user)
+        end
+
+        it_behaves_like 'response with 404 status'
+      end
+    end
+
+    context 'authorized' do
+      before do
+        sign_in(user)
+        project.add_reporter(user)
+      end
+
+      context 'when requirements feature is available' do
+        before do
+          stub_licensed_features(requirements: true)
+        end
+
+        context 'when import_requirements_csv feature flag is enabled' do
+          before do
+            stub_feature_flags(import_requirements_csv: true)
+          end
+
+          it "returns 302 for project members with reporter role" do
+            subject
+
+            expect(flash[:notice]).to eq(_("Your requirements are being imported. Once finished, you'll get a confirmation email."))
+            expect(response).to redirect_to(project_requirements_management_requirements_path(project))
+          end
+
+          it "shows error when upload fails" do
+            expect_next_instance_of(UploadService) do |upload_service|
+              expect(upload_service).to receive(:execute).and_return(nil)
+            end
+
+            subject
+
+            expect(flash[:alert]).to include(_('File upload error.'))
+            expect(response).to redirect_to(project_requirements_management_requirements_path(project))
+          end
+        end
+
+        context 'when import_requirements_csv feature flag is disabled' do
+          before do
+            stub_feature_flags(import_requirements_csv: false)
+          end
+
+          it_behaves_like 'response with 404 status'
+        end
+      end
+
+      context 'when requirements feature is available' do
+        before do
+          stub_licensed_features(requirements: false)
+        end
+
+        it_behaves_like 'response with 404 status'
+      end
+    end
+
+    def import_csv
+      post :import_csv, params: { namespace_id: project.namespace.to_param,
+                                  project_id: project.to_param,
+                                  file: file }
+    end
+  end
 end