Complete API implementation

Add Feature flag default disabled Add API specs

Complete API implementation
Add Feature flag default disabled Add API specs
8a5e59bc · Rajendra Kadam · 7fc36780 · 8a5e59bc · 8a5e59bc · 8a5e59bc
Commit 8a5e59bc authored Mar 26, 2021 by Rajendra Kadam
5 changed files
--- a/config/feature_flags/ops/usage_data_non_sql_metrics.yml
+++ b/config/feature_flags/ops/usage_data_non_sql_metrics.yml
+---
+name: usage_data_non_sql_metrics
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57050
+rollout_issue_url: 
+milestone: '13.11'
+type: ops
+group: group::product intelligence
+default_enabled: false
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -294,6 +294,7 @@ module API
      mount ::API::Unleash
      mount ::API::UsageData
      mount ::API::UsageDataQueries
+      mount ::API::UsageDataNonSqlMetrics
      mount ::API::UserCounts
      mount ::API::Users
      mount ::API::Variables

--- a/lib/api/usage_data_non_sql_metrics.rb
+++ b/lib/api/usage_data_non_sql_metrics.rb
@@ -2,21 +2,23 @@

 module API
  class UsageDataNonSqlMetrics < ::API::Base
-    before { authenticate! }
+    before { authenticated_as_admin! }

    feature_category :usage_ping

    namespace 'usage_data' do
      before do
-        forbidden!('Invalid CSRF token is provided') unless verified_request?
+        not_found! unless Feature.enabled?(:usage_data_non_sql_metrics, default_enabled: :yaml, type: :ops)
      end

      desc 'Get Non SQL usage ping metrics' do
-        detail 'This feature was introduced in GitLab 13.11.0'
+        detail 'This feature was introduced in GitLab 13.11.'
      end

      get 'non_sql_metrics' do
-        data = Gitlab::UsageDataNonSqlMetrics.data
+        Gitlab::QueryLimiting.disable!('https://gitlab.com/gitlab-org/gitlab/-/issues/325534')
+
+        data = Gitlab::UsageDataNonSqlMetrics.uncached_data

        present data
      end

--- a/lib/api/usage_data_queries.rb
+++ b/lib/api/usage_data_queries.rb
@@ -8,7 +8,7 @@ module API

    namespace 'usage_data' do
      before do
-        not_found! unless Feature.enabled?(:usage_data_queries_api, default_enabled: false, type: :ops)
+        not_found! unless Feature.enabled?(:usage_data_queries_api, default_enabled: :yaml, type: :ops)
      end

      desc 'Get raw SQL queries for usage data SQL metrics' do

--- a/spec/requests/api/usage_data_non_sql_metrics_spec.rb
+++ b/spec/requests/api/usage_data_non_sql_metrics_spec.rb
@@ -3,35 +3,64 @@
 require 'spec_helper'

 RSpec.describe API::UsageDataNonSqlMetrics do
+  include UsageDataHelpers
+
+  let_it_be(:admin) { create(:user, admin: true) }
  let_it_be(:user) { create(:user) }

+  before do
+    stub_usage_data_connections
+  end

  describe 'GET /usage_data/non_sql_metrics' do
    let(:endpoint) { '/usage_data/non_sql_metrics' }

    context 'with authentication' do
      before do
-        allow(Gitlab::RequestForgeryProtection).to receive(:verified?).and_return(true)
+        stub_feature_flags(usage_data_non_sql_metrics: true)
+      end
+
+      it 'returns non sql metrics if user is admin' do
+        get api(endpoint, admin)
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(json_response['counts']).to be_a(Hash)
+      end
+
+      it 'returns forbidden is user is not admin' do
+        get api(endpoint, user)
+
+        expect(response).to have_gitlab_http_status(:forbidden)
+      end
+    end
+
+    context 'without authentication' do
+      before do
+        stub_feature_flags(usage_data_non_sql_metrics: true)
      end

-      it 'returns non sql metrics' do
-        get api(endpoint, user) do
+      it 'returns unauthorized' do
+        get api(endpoint)

-          #TODO: Add check on response
-          expect(response).to have_gitlab_http_status(:ok)
-        end
+        expect(response).to have_gitlab_http_status(:unauthorized)
      end
    end

-    context 'without CSRF token' do
+    context 'when feature_flag is disabled' do
      before do
-        allow(Gitlab::RequestForgeryProtection).to receive(:verified?).and_return(false)
+        stub_feature_flags(usage_data_non_sql_metrics: false)
+      end
+
+      it 'returns not_found for admin' do
+        get api(endpoint, admin)
+
+        expect(response).to have_gitlab_http_status(:not_found)
      end

-      it 'returns forbidden' do
+      it 'returns forbidden for non-admin' do
        get api(endpoint, user)

-        exepect(response).to have_gitlab_http_status(:forbidden)
+        expect(response).to have_gitlab_http_status(:forbidden)
      end
    end
  end