Commit 958b6550 authored by Douglas Barbosa Alexandre's avatar Douglas Barbosa Alexandre

Merge branch 'reg-features-2' into 'master'

Enable repo size limit and group ip restriction for Registration features program

See merge request gitlab-org/gitlab!70912
parents 26b5a0c8 baaaae2b
...@@ -51,10 +51,18 @@ ...@@ -51,10 +51,18 @@
%p.gl-mb-3.text-muted= _('Registration Features include:') %p.gl-mb-3.text-muted= _('Registration Features include:')
.form-text .form-text
- email_from_gitlab_path = help_page_path('tools/email.md') - email_from_gitlab_path = help_page_path('tools/email.md')
- repo_size_limit_path = help_page_path('user/admin_area/settings/account_and_limit_settings.md', anchor: 'repository-size-limit')
- restrict_ip_path = help_page_path('user/group/index.md', anchor: 'restrict-group-access-by-ip-address')
- link_end = '</a>'.html_safe - link_end = '</a>'.html_safe
- email_from_gitlab_link = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: email_from_gitlab_path } - email_from_gitlab_link = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: email_from_gitlab_path }
- repo_size_limit_link = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: repo_size_limit_path }
- restrict_ip_link = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: restrict_ip_path }
%ul %ul
%li %li
= _('Email from GitLab - email users right from the Admin Area. %{link_start}Learn more%{link_end}.').html_safe % { link_start: email_from_gitlab_link, link_end: link_end } = _('Email from GitLab - email users right from the Admin Area. %{link_start}Learn more%{link_end}.').html_safe % { link_start: email_from_gitlab_link, link_end: link_end }
%li
= _('Limit project size at a global, group and project level. %{link_start}Learn more%{link_end}.').html_safe % { link_start: repo_size_limit_link, link_end: link_end }
%li
= _('Restrict group access by IP address. %{link_start}Learn more%{link_end}.').html_safe % { link_start: restrict_ip_link, link_end: link_end }
= f.submit _('Save changes'), class: "gl-button btn btn-confirm" = f.submit _('Save changes'), class: "gl-button btn btn-confirm"
# frozen_string_literal: true
module Admin
module IpRestrictionHelper
def ip_restriction_feature_available?(group)
group.licensed_feature_available?(:group_ip_restriction) || License.features_with_usage_ping.include?(:group_ip_restriction)
end
end
end
# frozen_string_literal: true
module Admin
module RepoSizeLimitHelper
def repo_size_limit_feature_available?
License.feature_available?(:repository_size_limit) || License.features_with_usage_ping.include?(:repository_size_limit)
end
end
end
...@@ -10,6 +10,7 @@ module EE ...@@ -10,6 +10,7 @@ module EE
extend ::Gitlab::Utils::Override extend ::Gitlab::Utils::Override
extend ::Gitlab::Cache::RequestCache extend ::Gitlab::Cache::RequestCache
include ::Gitlab::Utils::StrongMemoize include ::Gitlab::Utils::StrongMemoize
include ::Admin::RepoSizeLimitHelper
GIT_LFS_DOWNLOAD_OPERATION = 'download' GIT_LFS_DOWNLOAD_OPERATION = 'download'
PUBLIC_COST_FACTOR_RELEASE_DAY = Date.new(2021, 7, 17).freeze PUBLIC_COST_FACTOR_RELEASE_DAY = Date.new(2021, 7, 17).freeze
...@@ -601,7 +602,7 @@ module EE ...@@ -601,7 +602,7 @@ module EE
current_size_proc: -> { statistics.total_repository_size }, current_size_proc: -> { statistics.total_repository_size },
limit: actual_size_limit, limit: actual_size_limit,
namespace: namespace, namespace: namespace,
enabled: License.feature_available?(:repository_size_limit) enabled: repo_size_limit_feature_available?
) )
end end
end end
......
...@@ -15,6 +15,11 @@ class License < ApplicationRecord ...@@ -15,6 +15,11 @@ class License < ApplicationRecord
EES_FEATURES_WITH_USAGE_PING = %i[ EES_FEATURES_WITH_USAGE_PING = %i[
send_emails_from_admin_area send_emails_from_admin_area
repository_size_limit
].freeze
EEP_FEATURES_WITH_USAGE_PING = %i[
group_ip_restriction
].freeze ].freeze
EES_FEATURES = %i[ EES_FEATURES = %i[
...@@ -45,7 +50,6 @@ class License < ApplicationRecord ...@@ -45,7 +50,6 @@ class License < ApplicationRecord
protected_refs_for_users protected_refs_for_users
push_rules push_rules
repository_mirrors repository_mirrors
repository_size_limit
resource_access_token resource_access_token
seat_link seat_link
scoped_issue_board scoped_issue_board
...@@ -54,7 +58,7 @@ class License < ApplicationRecord ...@@ -54,7 +58,7 @@ class License < ApplicationRecord
wip_limits wip_limits
].freeze + EES_FEATURES_WITH_USAGE_PING ].freeze + EES_FEATURES_WITH_USAGE_PING
EEP_FEATURES = EES_FEATURES + %i[ EEP_FEATURES = EES_FEATURES + EEP_FEATURES_WITH_USAGE_PING + %i[
adjourned_deletion_for_projects_and_groups adjourned_deletion_for_projects_and_groups
admin_audit_log admin_audit_log
auditor_user auditor_user
...@@ -92,7 +96,6 @@ class License < ApplicationRecord ...@@ -92,7 +96,6 @@ class License < ApplicationRecord
group_allowed_email_domains group_allowed_email_domains
group_coverage_reports group_coverage_reports
group_forking_protection group_forking_protection
group_ip_restriction
group_merge_request_analytics group_merge_request_analytics
group_merge_request_approval_settings group_merge_request_approval_settings
group_milestone_project_releases group_milestone_project_releases
...@@ -205,7 +208,7 @@ class License < ApplicationRecord ...@@ -205,7 +208,7 @@ class License < ApplicationRecord
end end
end.freeze end.freeze
FEATURES_WITH_USAGE_PING = EES_FEATURES_WITH_USAGE_PING FEATURES_WITH_USAGE_PING = EES_FEATURES_WITH_USAGE_PING + EEP_FEATURES_WITH_USAGE_PING
# Add on codes that may occur in legacy licenses that don't have a plan yet. # Add on codes that may occur in legacy licenses that don't have a plan yet.
FEATURES_FOR_ADD_ONS = { FEATURES_FOR_ADD_ONS = {
......
- return unless License.feature_available?(:repository_size_limit) - return unless repo_size_limit_feature_available?
- form = local_assigns.fetch(:form) - form = local_assigns.fetch(:form)
......
- return if !group.licensed_feature_available?(:group_ip_restriction) || group.parent_id.present? - return if !ip_restriction_feature_available?(group) || group.parent_id.present?
- hidden_input_id = 'group_ip_restriction_ranges' - hidden_input_id = 'group_ip_restriction_ranges'
- label_id = "#{hidden_input_id}_label" - label_id = "#{hidden_input_id}_label"
......
- return unless current_user.admin? && License.feature_available?(:repository_size_limit) - return unless current_user.admin? && repo_size_limit_feature_available?
- form = local_assigns.fetch(:form) - form = local_assigns.fetch(:form)
- type = local_assigns.fetch(:type) - type = local_assigns.fetch(:type)
......
- return unless current_user.admin? && License.feature_available?(:repository_size_limit) - return unless current_user.admin? && repo_size_limit_feature_available?
- form = local_assigns.fetch(:form) - form = local_assigns.fetch(:form)
- is_project = local_assigns.fetch(:type) == :project - is_project = local_assigns.fetch(:type) == :project
......
...@@ -12,7 +12,7 @@ module Gitlab ...@@ -12,7 +12,7 @@ module Gitlab
end end
def allows_current_ip? def allows_current_ip?
return true unless group&.feature_available?(:group_ip_restriction) return true unless group&.feature_available?(:group_ip_restriction) || ::License.features_with_usage_ping.include?(:group_ip_restriction)
current_ip_address = Gitlab::IpAddressState.current current_ip_address = Gitlab::IpAddressState.current
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Admin::IpRestrictionHelper do
let(:group) { create(:group) }
describe '#ip_restriction_feature_available' do
subject { helper.ip_restriction_feature_available?(group) }
context 'when group_ip_restriction feature is available' do
before do
stub_licensed_features(group_ip_restriction: true)
end
it { is_expected.to be_truthy }
end
context 'when group_ip_restriction feature is disabled' do
before do
stub_licensed_features(group_ip_restriction: false)
end
it { is_expected.to be_falsey }
end
context 'when usage ping is enabled' do
before do
stub_application_setting(usage_ping_enabled: true)
end
context 'when usage_ping_features is enabled' do
before do
stub_application_setting(usage_ping_features_enabled: true)
end
it { is_expected.to be_truthy }
end
context 'when usage_ping_features is disabled' do
before do
stub_application_setting(usage_ping_features_enabled: false)
end
it { is_expected.to be_falsey }
end
end
context 'when usage ping is disabled' do
before do
stub_application_setting(usage_ping_enabled: false)
end
it { is_expected.to be_falsey }
end
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Admin::RepoSizeLimitHelper do
describe '#repo_size_limit_feature_available?' do
subject { helper.repo_size_limit_feature_available? }
context 'when repository_size_limit feature is available' do
before do
stub_licensed_features(repository_size_limit: true)
end
it { is_expected.to be_truthy }
end
context 'when repo_size_limit_feature_available is not available' do
before do
stub_licensed_features(repository_size_limit: false)
end
it { is_expected.to be_falsey }
end
context 'when usage ping is enabled' do
before do
stub_licensed_features(repository_size_limit: false)
stub_application_setting(usage_ping_enabled: true)
end
context 'when usage_ping_features is enabled' do
before do
stub_application_setting(usage_ping_features_enabled: true)
end
it { is_expected.to be_truthy }
end
context 'when usage_ping_features is disabled' do
before do
stub_application_setting(usage_ping_features_enabled: false)
end
it { is_expected.to be_falsey }
end
end
context 'when usage ping is disabled' do
before do
stub_application_setting(usage_ping_enabled: false)
stub_licensed_features(repository_size_limit: false)
end
it { is_expected.to be_falsey }
end
end
end
...@@ -7,6 +7,32 @@ RSpec.describe Gitlab::IpRestriction::Enforcer do ...@@ -7,6 +7,32 @@ RSpec.describe Gitlab::IpRestriction::Enforcer do
let(:group) { create(:group) } let(:group) { create(:group) }
let(:current_ip) { '192.168.0.2' } let(:current_ip) { '192.168.0.2' }
shared_examples 'ip_restriction' do
context 'without restriction' do
it { is_expected.to be_truthy }
end
context 'with restriction' do
before do
ranges.each do |range|
create(:ip_restriction, group: group, range: range)
end
end
context 'address is within one of the ranges' do
let(:ranges) { ['192.168.0.0/24', '255.255.255.224/27'] }
it { is_expected.to be_truthy }
end
context 'address is outside all of the ranges' do
let(:ranges) { ['10.0.0.0/8', '255.255.255.224/27'] }
it { is_expected.to be_falsey }
end
end
end
subject { described_class.new(group).allows_current_ip? } subject { described_class.new(group).allows_current_ip? }
before do before do
...@@ -14,33 +40,43 @@ RSpec.describe Gitlab::IpRestriction::Enforcer do ...@@ -14,33 +40,43 @@ RSpec.describe Gitlab::IpRestriction::Enforcer do
stub_licensed_features(group_ip_restriction: true) stub_licensed_features(group_ip_restriction: true)
end end
context 'without restriction' do it_behaves_like 'ip_restriction'
context 'group_ip_restriction feature is disabled' do
before do
stub_licensed_features(group_ip_restriction: false)
end
it { is_expected.to be_truthy } it { is_expected.to be_truthy }
end end
context 'with restriction' do context 'when usage ping is enabled' do
before do before do
ranges.each do |range| stub_licensed_features(group_ip_restriction: false)
create(:ip_restriction, group: group, range: range) stub_application_setting(usage_ping_enabled: true)
end
end end
context 'address is within one of the ranges' do context 'when usage_ping_features_enabled is enabled' do
let(:ranges) { ['192.168.0.0/24', '255.255.255.224/27'] } before do
stub_application_setting(usage_ping_features_enabled: true)
end
it { is_expected.to be_truthy } it_behaves_like 'ip_restriction'
end end
context 'address is outside all of the ranges' do context 'when usage_ping_features_enabled is disabled' do
let(:ranges) { ['10.0.0.0/8', '255.255.255.224/27'] } before do
stub_application_setting(usage_ping_features_enabled: false)
end
it { is_expected.to be_falsey } it { is_expected.to be_truthy }
end end
end end
context 'feature is disabled' do context 'when usage ping is disabled' do
before do before do
stub_licensed_features(group_ip_restriction: false) stub_licensed_features(group_ip_restriction: false)
stub_application_setting(usage_ping_enabled: false)
end end
it { is_expected.to be_truthy } it { is_expected.to be_truthy }
......
...@@ -2363,7 +2363,7 @@ RSpec.describe Project do ...@@ -2363,7 +2363,7 @@ RSpec.describe Project do
stub_licensed_features(repository_size_limit: true) stub_licensed_features(repository_size_limit: true)
end end
it 'is enabled' do it 'size limit is enabled' do
expect(checker.enabled?).to be_truthy expect(checker.enabled?).to be_truthy
end end
end end
...@@ -2373,7 +2373,45 @@ RSpec.describe Project do ...@@ -2373,7 +2373,45 @@ RSpec.describe Project do
stub_licensed_features(repository_size_limit: false) stub_licensed_features(repository_size_limit: false)
end end
it 'is disabled' do it 'size limit is disabled' do
expect(checker.enabled?).to be_falsey
end
end
context 'when usage ping is enabled' do
before do
stub_licensed_features(repository_size_limit: false)
stub_application_setting(usage_ping_enabled: true)
end
context 'when usage_ping_features is activated' do
before do
stub_application_setting(usage_ping_features_enabled: true)
end
it 'size limit is enabled' do
expect(checker.enabled?).to be_truthy
end
end
context 'when usage_ping_features is disabled' do
before do
stub_application_setting(usage_ping_features_enabled: false)
end
it 'size limit is disabled' do
expect(checker.enabled?).to be_falsy
end
end
end
context 'when usage ping is disabled' do
before do
stub_licensed_features(repository_size_limit: false)
stub_application_setting(usage_ping_enabled: false)
end
it 'size limit is disabled' do
expect(checker.enabled?).to be_falsey expect(checker.enabled?).to be_falsey
end end
end end
......
...@@ -20352,6 +20352,9 @@ msgstr "" ...@@ -20352,6 +20352,9 @@ msgstr ""
msgid "Limit namespaces and projects that can be indexed" msgid "Limit namespaces and projects that can be indexed"
msgstr "" msgstr ""
msgid "Limit project size at a global, group and project level. %{link_start}Learn more%{link_end}."
msgstr ""
msgid "Limit sign in from multiple IP addresses" msgid "Limit sign in from multiple IP addresses"
msgstr "" msgstr ""
...@@ -28952,6 +28955,9 @@ msgstr "" ...@@ -28952,6 +28955,9 @@ msgstr ""
msgid "Restoring the project will prevent the project from being removed on this date and restore people's ability to make changes to it." msgid "Restoring the project will prevent the project from being removed on this date and restore people's ability to make changes to it."
msgstr "" msgstr ""
msgid "Restrict group access by IP address. %{link_start}Learn more%{link_end}."
msgstr ""
msgid "Restrict membership by email domain" msgid "Restrict membership by email domain"
msgstr "" msgstr ""
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment