Merge branch 'revert-6f9a2927' into 'master'

Revert "Merge branch 'confdential_epics_removal' into 'master'" See merge request gitlab-org/gitlab!41704

Merge branch 'revert-6f9a2927' into 'master'
Revert "Merge branch 'confdential_epics_removal' into 'master'" See merge request gitlab-org/gitlab!41704
70dc5468 · Mayra Cabrera · ca6c6738 · f09e4d5b · 70dc5468 · 70dc5468
Commit 70dc5468 authored Sep 07, 2020 by Mayra Cabrera
18 changed files
--- a/doc/api/epics.md
+++ b/doc/api/epics.md
@@ -266,7 +266,7 @@ POST /groups/:id/epics
 | `title`             | string           | yes        | The title of the epic |
 | `labels`            | string           | no         | The comma separated list of labels |
 | `description`       | string           | no         | The description of the epic. Limited to 1,048,576 characters.  |
-| `confidential`      | boolean          | no         | Whether the epic should be confidential |
+| `confidential`      | boolean          | no         | Whether the epic should be confidential. Will be ignored if `confidential_epics` feature flag is disabled. |
 | `start_date_is_fixed` | boolean        | no         | Whether start date should be sourced from `start_date_fixed` or from milestones (since 11.3) |
 | `start_date_fixed`  | string           | no         | The fixed start date of an epic (since 11.3) |
 | `due_date_is_fixed` | boolean          | no         | Whether due date should be sourced from `due_date_fixed` or from milestones (since 11.3) |
@@ -347,7 +347,7 @@ PUT /groups/:id/epics/:epic_iid
 | `epic_iid`          | integer/string   | yes        | The internal ID of the epic  |
 | `title`             | string           | no         | The title of an epic |
 | `description`       | string           | no         | The description of an epic. Limited to 1,048,576 characters.  |
-| `confidential`      | boolean          | no         | Whether the epic should be confidential |
+| `confidential`      | boolean          | no         | Whether the epic should be confidential. Will be ignored if `confidential_epics` feature flag is disabled. |
 | `labels`            | string           | no         | The comma separated list of labels |
 | `start_date_is_fixed` | boolean        | no         | Whether start date should be sourced from `start_date_fixed` or from milestones (since 11.3) |
 | `start_date_fixed`  | string           | no         | The fixed start date of an epic (since 11.3) |

--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -2614,7 +2614,7 @@ input CreateEpicInput {
  clientMutationId: String
  """
-  Indicates if the epic is confidential
+  Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled
  """
  confidential: Boolean
@@ -16864,7 +16864,7 @@ input UpdateEpicInput {
  clientMutationId: String
  """
-  Indicates if the epic is confidential
+  Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled
  """
  confidential: Boolean

--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -7089,7 +7089,7 @@
            },
            {
              "name": "confidential",
-              "description": "Indicates if the epic is confidential",
+              "description": "Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled",
              "type": {
                "kind": "SCALAR",
                "name": "Boolean",
@@ -49621,7 +49621,7 @@
            },
            {
              "name": "confidential",
-              "description": "Indicates if the epic is confidential",
+              "description": "Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled",
              "type": {
                "kind": "SCALAR",
                "name": "Boolean",
--- a/doc/user/group/epics/manage_epics.md
+++ b/doc/user/group/epics/manage_epics.md
@@ -164,6 +164,18 @@ To make an epic confidential:
 - **In an existing epic:** in the epic's sidebar, select **Edit** next to **Confidentiality** then
  select **Turn on**.
+### Disable confidential epics **(PREMIUM ONLY)**
+The confidential epics feature is deployed behind a feature flag that is **enabled by default**.
+[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md)
+can disable it for your self-managed instance.
+To disable it:
+```ruby
+Feature.disable(:confidential_epics)
+```
 ## Manage issues assigned to an epic
 ### Add a new issue to an epic

--- a/ee/app/controllers/groups/epics_controller.rb
+++ b/ee/app/controllers/groups/epics_controller.rb
@@ -18,6 +18,7 @@ class Groups::EpicsController < Groups::ApplicationController
  before_action do
    push_frontend_feature_flag(:vue_issuable_epic_sidebar, @group)
+    push_frontend_feature_flag(:confidential_epics, @group, default_enabled: true)
  end
  def new; end

--- a/ee/app/controllers/groups/roadmap_controller.rb
+++ b/ee/app/controllers/groups/roadmap_controller.rb
@@ -11,6 +11,7 @@ module Groups
    before_action :persist_roadmap_layout, only: [:show]
    before_action do
      push_frontend_feature_flag(:roadmap_buffered_rendering, @group)
+      push_frontend_feature_flag(:confidential_epics, @group, default_enabled: true)
      push_frontend_feature_flag(:async_filtering, @group)
    end

--- a/ee/app/graphql/mutations/concerns/mutations/shared_epic_arguments.rb
+++ b/ee/app/graphql/mutations/concerns/mutations/shared_epic_arguments.rb
@@ -22,7 +22,7 @@ module Mutations
      argument :confidential,
                GraphQL::BOOLEAN_TYPE,
                required: false,
-                description: 'Indicates if the epic is confidential'
+                description: 'Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled'
      argument :start_date_fixed,
                GraphQL::STRING_TYPE,

--- a/ee/app/serializers/epic_entity.rb
+++ b/ee/app/serializers/epic_entity.rb
@@ -19,7 +19,7 @@ class EpicEntity < IssuableEntity
  expose :due_date_fixed, :due_date_from_milestones
  expose :state
  expose :lock_version
-  expose :confidential
+  expose :confidential, if: -> (epic) { Feature.enabled?(:confidential_epics, epic.group, default_enabled: true) }
  expose :web_url do |epic|
    group_epic_path(epic.group, epic)

--- a/ee/app/services/epics/create_service.rb
+++ b/ee/app/services/epics/create_service.rb
@@ -4,6 +4,7 @@ module Epics
  class CreateService < Epics::BaseService
    def execute
      set_date_params
+      params.extract!(:confidential) unless ::Feature.enabled?(:confidential_epics, group, default_enabled: true)
      epic = group.epics.new
      create(epic)

--- a/ee/app/services/epics/update_service.rb
+++ b/ee/app/services/epics/update_service.rb
@@ -13,6 +13,7 @@ module Epics
      # start_date and end_date columns are no longer writable by users because those
      # are composite fields managed by the system.
      params.extract!(:start_date, :end_date)
+      params.extract!(:confidential) unless ::Feature.enabled?(:confidential_epics, group, default_enabled: true)
      update_task_event(epic) || update(epic)

--- a/ee/lib/api/epics.rb
+++ b/ee/lib/api/epics.rb
@@ -69,7 +69,7 @@ module API
      params do
        requires :title, type: String, desc: 'The title of an epic'
        optional :description, type: String, desc: 'The description of an epic'
-        optional :confidential, type: Boolean, desc: 'Indicates if the epic is confidential'
+        optional :confidential, type: Boolean, desc: 'Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled'
        optional :start_date, as: :start_date_fixed, type: String, desc: 'The start date of an epic'
        optional :start_date_is_fixed, type: Boolean, desc: 'Indicates start date should be sourced from start_date_fixed field not the issue milestones'
        optional :end_date, as: :due_date_fixed, type: String, desc: 'The due date of an epic'
@@ -95,7 +95,7 @@ module API
        requires :epic_iid, type: Integer, desc: 'The internal ID of an epic'
        optional :title, type: String, desc: 'The title of an epic'
        optional :description, type: String, desc: 'The description of an epic'
-        optional :confidential, type: Boolean, desc: 'Indicates if the epic is confidential'
+        optional :confidential, type: Boolean, desc: 'Indicates if the epic is confidential. Will be ignored if `confidential_epics` feature flag is disabled'
        optional :start_date, as: :start_date_fixed, type: String, desc: 'The start date of an epic'
        optional :start_date_is_fixed, type: Boolean, desc: 'Indicates start date should be sourced from start_date_fixed field not the issue milestones'
        optional :end_date, as: :due_date_fixed, type: String, desc: 'The due date of an epic'

--- a/ee/spec/controllers/groups/epics_controller_spec.rb
+++ b/ee/spec/controllers/groups/epics_controller_spec.rb
@@ -312,6 +312,20 @@ RSpec.describe Groups::EpicsController do
          expect(response).to match_response_schema('entities/epic', dir: 'ee')
        end
+        context 'when confidential_epics flag is disabled' do
+          before do
+            stub_feature_flags(confidential_epics: false)
+          end
+          it 'does not include confidential attribute' do
+            group.add_developer(user)
+            show_epic(:json)
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(json_response).not_to include("confidential")
+          end
+        end
        context 'with unauthorized user' do
          it 'returns a not found 404 response' do
            show_epic(:json)

--- a/ee/spec/helpers/ee/issuables_helper_spec.rb
+++ b/ee/spec/helpers/ee/issuables_helper_spec.rb
@@ -15,6 +15,10 @@ RSpec.describe IssuablesHelper do
    context 'for an epic' do
      let_it_be(:epic) { create(:epic, author: user, description: 'epic text', confidential: true) }
+      before do
+        stub_feature_flags(confidential_epics: true)
+      end
      it 'returns the correct data' do
        @group = epic.group

--- a/ee/spec/requests/api/epics_spec.rb
+++ b/ee/spec/requests/api/epics_spec.rb
@@ -610,6 +610,20 @@ RSpec.describe API::Epics do
        end
      end
+      context 'when confidential_epics flag is disabled' do
+        before do
+          stub_feature_flags(confidential_epics: false)
+          post api(url, user), params: params
+        end
+        it 'ignores confidential attribute' do
+          epic = Epic.last
+          expect(epic.confidential).to be_falsey
+        end
+      end
      it 'creates a new epic with labels param as array' do
        params[:labels] = ['label1', 'label2', 'foo, bar', '&,?']
@@ -710,6 +724,19 @@ RSpec.describe API::Epics do
          end
        end
+        context 'when confidential_epics flag is disabled' do
+          before do
+            stub_feature_flags(confidential_epics: false)
+            stub_licensed_features(epics: true)
+            put api(url, user), params: params
+          end
+          it 'does not include confidential attribute' do
+            expect(epic.reload.confidential).to be_falsey
+          end
+        end
        it 'clears labels when labels param is nil' do
          params[:labels] = 'label1'
          put api(url, user), params: params

--- a/ee/spec/requests/api/graphql/mutations/epics/create_spec.rb
+++ b/ee/spec/requests/api/graphql/mutations/epics/create_spec.rb
@@ -96,6 +96,19 @@ RSpec.describe 'Creating an Epic' do
          expect { post_graphql_mutation(mutation, current_user: current_user) }.not_to change(Epic, :count)
        end
      end
+      context 'when confidential_epics is disabled' do
+        before do
+          stub_feature_flags(confidential_epics: false)
+        end
+        it 'ignores confidential field' do
+          post_graphql_mutation(mutation, current_user: current_user)
+          epic_hash = mutation_response['epic']
+          expect(epic_hash['confidential']).to be_falsey
+        end
+      end
    end
  end
 end
--- a/ee/spec/requests/api/graphql/mutations/epics/update_spec.rb
+++ b/ee/spec/requests/api/graphql/mutations/epics/update_spec.rb
@@ -132,6 +132,19 @@ RSpec.describe Mutations::Epics::Update do
        it_behaves_like 'a mutation that returns top-level errors',
          errors: ['The list of epic attributes is empty']
      end
+      context 'when confidential_epics is disabled' do
+        before do
+          stub_feature_flags(confidential_epics: false)
+        end
+        it 'ignores confidential field' do
+          post_graphql_mutation(mutation, current_user: current_user)
+          epic_hash = mutation_response['epic']
+          expect(epic_hash['confidential']).to be_falsey
+        end
+      end
    end
  end
 end
--- a/ee/spec/services/epics/create_service_spec.rb
+++ b/ee/spec/services/epics/create_service_spec.rb
@@ -25,6 +25,20 @@ RSpec.describe Epics::CreateService do
      expect(epic.confidential).to be_truthy
      expect(NewEpicWorker).to have_received(:perform_async).with(epic.id, user.id)
    end
+    context 'when confidential_epics is disabled' do
+      before do
+        stub_feature_flags(confidential_epics: false)
+      end
+      it 'ignores confidential attribute' do
+        expect { subject }.to change { Epic.count }.by(1)
+        epic = Epic.last
+        expect(epic).to be_persisted
+        expect(epic.confidential).to be_falsey
+      end
+    end
  end
  context 'handling fixed dates' do

--- a/ee/spec/services/epics/update_service_spec.rb
+++ b/ee/spec/services/epics/update_service_spec.rb
@@ -60,6 +60,19 @@ RSpec.describe Epics::UpdateService do
      it 'updates the last_edited_at value' do
        expect { update_epic(opts) }.to change { epic.last_edited_at }
      end
+      context 'when confidential_epics is disabled' do
+        before do
+          stub_feature_flags(confidential_epics: false)
+        end
+        it 'ignores confidential attribute on update' do
+          update_epic(opts)
+          expect(epic).to be_valid
+          expect(epic.confidential).to be_falsey
+        end
+      end
    end
    context 'when title has changed' do