Allow anonymous users to view embedded Grafana metrics in public project

Previously, the attempt to present embedded Grafana metrics for
anonymous users failed and raised this exception in the worker code:

    GrafanaMetricEmbedService: undefined method `id' for nil:NilClass

app/services/metrics/dashboard/grafana_metric_embed_service.rb

@@ -33,7 +33,7 @@ module Metrics
 
         def from_cache(project_id, user_id, grafana_url)
           project = Project.find(project_id)
-          user = User.find(user_id)
+          user = User.find(user_id) if user_id.present?
 
           new(project, user, grafana_url: grafana_url)
         end
@@ -56,7 +56,7 @@ module Metrics
       end
 
       def cache_key(*args)
-        [project.id, current_user.id, grafana_url]
+        [project.id, current_user&.id, grafana_url]
       end
 
       # Required for ReactiveCaching; Usage overridden by

changelogs/unreleased/217014-grafanametricembedservice-undefined-method-id-for-nil-nilclass.yml

+---
+title: Allow anonymous users to view embedded Grafana metrics in public project
+merge_request: 37844
+author:
+type: fixed

spec/services/metrics/dashboard/grafana_metric_embed_service_spec.rb

@@ -7,7 +7,7 @@ RSpec.describe Metrics::Dashboard::GrafanaMetricEmbedService do
   include ReactiveCachingHelpers
   include GrafanaApiHelpers
 
-  let_it_be(:project) { build(:project) }
+  let_it_be(:project) { create(:project) }
   let_it_be(:user) { create(:user) }
   let_it_be(:grafana_integration) { create(:grafana_integration, project: project) }
 
@@ -15,7 +15,7 @@ RSpec.describe Metrics::Dashboard::GrafanaMetricEmbedService do
     valid_grafana_dashboard_link(grafana_integration.grafana_url)
   end
 
-  before do
+  before_all do
     project.add_maintainer(user)
   end
 
@@ -58,6 +58,31 @@ RSpec.describe Metrics::Dashboard::GrafanaMetricEmbedService do
       expect(subject.current_user).to eq(user)
       expect(subject.params[:grafana_url]).to eq(grafana_url)
     end
+
+    context 'with unknown users' do
+      let(:params) { [project.id, current_user_id, grafana_url] }
+
+      context 'when anonymous' do
+        where(:current_user_id) do
+          [nil, '']
+        end
+
+        with_them do
+          it 'sets current_user as nil' do
+            expect(subject.current_user).to be_nil
+          end
+        end
+      end
+
+      context 'when invalid' do
+        let(:current_user_id) { non_existing_record_id }
+
+        it 'raise record not found error' do
+          expect { subject }
+            .to raise_error(ActiveRecord::RecordNotFound, /Couldn't find User/)
+        end
+      end
+    end
   end
 
   describe '#get_dashboard', :use_clean_rails_memory_store_caching do
@@ -145,7 +170,17 @@ RSpec.describe Metrics::Dashboard::GrafanaMetricEmbedService do
           stub_datasource_request(grafana_integration.grafana_url)
         end
 
-        it_behaves_like 'valid embedded dashboard service response'
+        context 'when project is private and user is member' do
+          it_behaves_like 'valid embedded dashboard service response'
+        end
+
+        context 'when project is public and user is anonymous' do
+          let(:project) { create(:project, :public) }
+          let(:user) { nil }
+          let(:grafana_integration) { create(:grafana_integration, project: project) }
+
+          it_behaves_like 'valid embedded dashboard service response'
+        end
       end
     end
 

spec/support/shared_examples/services/metrics/dashboard_shared_examples.rb

@@ -78,6 +78,12 @@ RSpec.shared_examples 'raises error for users with insufficient permissions' do
 
     it_behaves_like 'misconfigured dashboard service response', :unauthorized
   end
+
+  context 'when the user is anonymous' do
+    let(:user) { nil }
+
+    it_behaves_like 'misconfigured dashboard service response', :unauthorized
+  end
 end
 
 RSpec.shared_examples 'valid dashboard cloning process' do |dashboard_template, sequence|