Move Alerts metric image API to CE

- Services
- Policy
- etc

Changelog: changed

app/controllers/uploads_controller.rb

@@ -14,7 +14,8 @@ class UploadsController < ApplicationController
     "appearance"       => Appearance,
     "personal_snippet" => PersonalSnippet,
     "projects/topic"   => Projects::Topic,
-    nil                => PersonalSnippet
+    'alert_management_metric_image' => ::AlertManagement::MetricImage,
+    nil                => PersonalSnippet,
   }.freeze
 
   rescue_from UnknownUploadModelError, with: :render_404
@@ -56,6 +57,8 @@ class UploadsController < ApplicationController
       true
     when Projects::Topic
       true
+    when ::AlertManagement::MetricImage
+      can?(current_user, :read_alert_management_metric_image, model.alert)
     else
       can?(current_user, "read_#{model.class.underscore}".to_sym, model)
     end

app/models/alert_management/alert.rb

@@ -142,6 +142,10 @@ module AlertManagement
       reference.to_i > 0 && reference.to_i <= Gitlab::Database::MAX_INT_VALUE
     end
 
+    def metric_images_available?
+      ::AlertManagement::MetricImage.available_for?(project)
+    end
+
     def prometheus?
       monitoring_tool == Gitlab::AlertManagement::Payload::MONITORING_TOOLS[:prometheus]
     end

app/policies/alert_management/alert_policy.rb

@@ -3,7 +3,15 @@
 module AlertManagement
   class AlertPolicy < ::BasePolicy
     delegate { @subject.project }
+
+    rule { can?(:read_alert_management_alert) }.policy do
+      enable :read_alert_management_metric_image
+    end
+
+    rule { can?(:update_alert_management_alert) }.policy do
+      enable :upload_alert_management_metric_image
+      enable :update_alert_management_metric_image
+      enable :destroy_alert_management_metric_image
+    end
   end
 end
-
-AlertManagement::AlertPolicy.prepend_mod

config/routes/uploads.rb

@@ -38,6 +38,12 @@ scope path: :uploads do
   post ':model/authorize',
     to: 'uploads#authorize',
     constraints: { model: /personal_snippet|user/ }
+
+  # Alert Metric Images
+  get "-/system/:model/:mounted_as/:id/:filename",
+      to:           "uploads#show",
+      constraints:  { model: /alert_management_metric_image/, mounted_as: /file/, filename: %r{[^/]+} },
+      as: 'alert_metric_image_upload'
 end
 
 # Redirect old note attachments path to new uploads path.

ee/app/controllers/ee/uploads_controller.rb

@@ -6,8 +6,7 @@ module EE
     extend ::Gitlab::Utils::Override
 
     EE_MODEL_CLASSES = {
-      'issuable_metric_image' => IssuableMetricImage,
-      'alert_management_metric_image' => ::AlertManagement::MetricImage
+      'issuable_metric_image' => IssuableMetricImage
     }.freeze
 
     class_methods do
@@ -24,8 +23,6 @@ module EE
       case model
       when IssuableMetricImage
         can?(current_user, :read_issuable_metric_image, model)
-      when ::AlertManagement::MetricImage
-        can?(current_user, :read_alert_management_metric_image, model.alert)
       else
         super
       end

ee/app/models/ee/alert_management/alert.rb

@@ -21,10 +21,6 @@ module EE
 
         ::Deployments::AutoRollbackWorker.perform_async(environment.id)
       end
-
-      def metric_images_available?
-        ::AlertManagement::MetricImage.available_for?(project)
-      end
     end
   end
 end

ee/app/policies/ee/alert_management/alert_policy.rb

-# frozen_string_literal: true
-
-module EE
-  module AlertManagement
-    module AlertPolicy
-      extend ActiveSupport::Concern
-
-      prepended do
-        rule { can?(:read_alert_management_alert) }.policy do
-          enable :read_alert_management_metric_image
-        end
-
-        rule { can?(:update_alert_management_alert) }.policy do
-          enable :upload_alert_management_metric_image
-          enable :update_alert_management_metric_image
-          enable :destroy_alert_management_metric_image
-        end
-      end
-    end
-  end
-end

ee/config/routes/uploads.rb

@@ -6,10 +6,4 @@ scope path: :uploads do
       to:           "uploads#show",
       constraints:  { model: /issuable_metric_image/, mounted_as: /file/, filename: %r{[^/]+} },
       as: 'issuable_metric_image_upload'
-
-  # Alert Metric Images
-  get "-/system/:model/:mounted_as/:id/:filename",
-      to:           "uploads#show",
-      constraints:  { model: /alert_management_metric_image/, mounted_as: /file/, filename: %r{[^/]+} },
-      as: 'alert_metric_image_upload'
 end

ee/lib/ee/api/api.rb

@@ -10,7 +10,6 @@ module EE
 
         mount ::EE::API::GroupBoards
 
-        mount ::API::AlertManagementAlerts
         mount ::API::AuditEvents
         mount ::API::ProjectApprovalRules
         mount ::API::StatusChecks

ee/lib/gitlab/geo/replication.rb

@@ -12,7 +12,6 @@ module Gitlab
         file
         import_export
         issuable_metric_image
-        metric_image
         namespace_file
         personal_file
       ].freeze

ee/spec/controllers/ee/uploads_controller_spec.rb

@@ -22,21 +22,5 @@ RSpec.describe UploadsController do
         expect(response).to have_gitlab_http_status(:ok)
       end
     end
-
-    context 'when viewing alert metric images' do
-      let(:alert) { create(:alert_management_alert, project: project) }
-      let(:metric_image) { create(:alert_metric_image, alert: alert) }
-
-      before do
-        project.add_developer(user)
-        sign_in(user)
-      end
-
-      it "responds with status 200" do
-        get :show, params: { model: "alert_management_metric_image", mounted_as: 'file', id: metric_image.id, filename: metric_image.filename }
-
-        expect(response).to have_gitlab_http_status(:ok)
-      end
-    end
   end
 end

ee/spec/policies/alert_management/alert_policy_spec.rb

-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe AlertManagement::AlertPolicy do
-  describe '#rules' do
-    let_it_be(:user) { create(:user) }
-    let_it_be(:project) { create(:project) }
-    let_it_be(:alert) { create(:alert_management_alert, project: project, issue: incident) }
-    let_it_be(:incident) { nil }
-
-    let(:policy) { described_class.new(user, alert) }
-
-    describe 'rules' do
-      shared_examples 'does not allow metric image reads' do
-        it { expect(policy).to be_disallowed(:read_alert_management_metric_image) }
-      end
-
-      shared_examples 'does not allow metric image updates' do
-        specify do
-          expect(policy).to be_disallowed(:upload_alert_management_metric_image)
-          expect(policy).to be_disallowed(:destroy_alert_management_metric_image)
-        end
-      end
-
-      shared_examples 'allows metric image reads' do
-        it { expect(policy).to be_allowed(:read_alert_management_metric_image) }
-      end
-
-      shared_examples 'allows metric image updates' do
-        specify do
-          expect(policy).to be_allowed(:upload_alert_management_metric_image)
-          expect(policy).to be_allowed(:destroy_alert_management_metric_image)
-        end
-      end
-
-      context 'when user is not a member' do
-        include_examples 'does not allow metric image reads'
-        include_examples 'does not allow metric image updates'
-      end
-
-      context 'when user is a guest' do
-        before do
-          project.add_guest(user)
-        end
-
-        include_examples 'does not allow metric image reads'
-        include_examples 'does not allow metric image updates'
-      end
-
-      context 'when user is a developer' do
-        before do
-          project.add_developer(user)
-        end
-
-        include_examples 'allows metric image reads'
-        include_examples 'allows metric image updates'
-      end
-    end
-  end
-end

lib/api/api.rb

@@ -163,6 +163,7 @@ module API
       mount ::API::Admin::InstanceClusters
       mount ::API::Admin::PlanLimits
       mount ::API::Admin::Sidekiq
+      mount ::API::AlertManagementAlerts
       mount ::API::Appearance
       mount ::API::Applications
       mount ::API::Avatar

spec/controllers/uploads_controller_spec.rb

@@ -701,6 +701,24 @@ RSpec.describe UploadsController do
         end
       end
     end
+
+    context 'when viewing alert metric images' do
+      let!(:user) { create(:user) }
+      let!(:project) { create(:project) }
+      let(:alert) { create(:alert_management_alert, project: project) }
+      let(:metric_image) { create(:alert_metric_image, alert: alert) }
+
+      before do
+        project.add_developer(user)
+        sign_in(user)
+      end
+
+      it "responds with status 200" do
+        get :show, params: { model: "alert_management_metric_image", mounted_as: 'file', id: metric_image.id, filename: metric_image.filename }
+
+        expect(response).to have_gitlab_http_status(:ok)
+      end
+    end
   end
 
   def post_authorize(verified: true)

spec/policies/alert_management/alert_policy_spec.rb

@@ -3,9 +3,10 @@
 require 'spec_helper'
 
 RSpec.describe AlertManagement::AlertPolicy, :models do
-  let(:alert) { create(:alert_management_alert) }
-  let(:project) { alert.project }
-  let(:user) { create(:user) }
+  let_it_be(:user) { create(:user) }
+  let_it_be(:project) { create(:project) }
+  let_it_be(:alert) { create(:alert_management_alert, project: project, issue: incident) }
+  let_it_be(:incident) { nil }
 
   subject(:policy) { described_class.new(user, alert) }
 
@@ -21,5 +22,50 @@ RSpec.describe AlertManagement::AlertPolicy, :models do
       it { is_expected.to be_allowed :read_alert_management_alert }
       it { is_expected.to be_allowed :update_alert_management_alert }
     end
+
+    shared_examples 'does not allow metric image reads' do
+      it { expect(policy).to be_disallowed(:read_alert_management_metric_image) }
+    end
+
+    shared_examples 'does not allow metric image updates' do
+      specify do
+        expect(policy).to be_disallowed(:upload_alert_management_metric_image)
+        expect(policy).to be_disallowed(:destroy_alert_management_metric_image)
+      end
+    end
+
+    shared_examples 'allows metric image reads' do
+      it { expect(policy).to be_allowed(:read_alert_management_metric_image) }
+    end
+
+    shared_examples 'allows metric image updates' do
+      specify do
+        expect(policy).to be_allowed(:upload_alert_management_metric_image)
+        expect(policy).to be_allowed(:destroy_alert_management_metric_image)
+      end
+    end
+
+    context 'when user is not a member' do
+      include_examples 'does not allow metric image reads'
+      include_examples 'does not allow metric image updates'
+    end
+
+    context 'when user is a guest' do
+      before do
+        project.add_guest(user)
+      end
+
+      include_examples 'does not allow metric image reads'
+      include_examples 'does not allow metric image updates'
+    end
+
+    context 'when user is a developer' do
+      before do
+        project.add_developer(user)
+      end
+
+      include_examples 'allows metric image reads'
+      include_examples 'allows metric image updates'
+    end
   end
 end

spec/routing/uploads_routing_spec.rb

@@ -21,6 +21,17 @@ RSpec.describe 'Uploads', 'routing' do
     )
   end
 
+  it 'allows fetching alert metric metric images' do
+    expect(get('/uploads/-/system/alert_management_metric_image/file/1/test.jpg')).to route_to(
+      controller: 'uploads',
+      action: 'show',
+      model: 'alert_management_metric_image',
+      id: '1',
+      filename: 'test.jpg',
+      mounted_as: 'file'
+    )
+  end
+
   it 'does not allow creating uploads for other models' do
     unroutable_models = UploadsController::MODEL_CLASSES.keys.compact - %w(personal_snippet user)