Allow to reset PagerDuty token

Add ability to reset a PagerDuty token

app/controllers/projects/settings/operations_controller.rb

@@ -5,7 +5,12 @@ module Projects
     class OperationsController < Projects::ApplicationController
       before_action :authorize_admin_operations!
       before_action :authorize_read_prometheus_alerts!, only: [:reset_alerting_token]
-      respond_to :json, only: [:reset_alerting_token]
+
+      before_action do
+        push_frontend_feature_flag(:pagerduty_webhook, project)
+      end
+
+      respond_to :json, only: [:reset_alerting_token, :reset_pagerduty_token]
 
       helper_method :error_tracking_setting
 
@@ -37,12 +42,31 @@ module Projects
         end
       end
 
+      def reset_pagerduty_token
+        result = ::Projects::Operations::UpdateService
+          .new(project, current_user, pagerduty_token_params)
+          .execute
+
+        pagerduty_token = project.incident_management_setting&.pagerduty_token
+        webhook_url = project_incidents_pager_duty_url(project, token: pagerduty_token)
+
+        if result[:status] == :success
+          render json: { pagerduty_webhook_url: webhook_url, pagerduty_token: pagerduty_token }
+        else
+          render json: {}, status: :unprocessable_entity
+        end
+      end
+
       private
 
       def alerting_params
         { alerting_setting_attributes: { regenerate_token: true } }
       end
 
+      def pagerduty_token_params
+        { incident_management_setting_attributes: { regenerate_token: true } }
+      end
+
       def render_update_response(result)
         respond_to do |format|
           format.html do

app/services/projects/operations/update_service.rb

@@ -108,7 +108,18 @@ module Projects
       end
 
       def incident_management_setting_params
-        params.slice(:incident_management_setting_attributes)
+        attrs = params[:incident_management_setting_attributes]
+        return {} unless attrs
+
+        regenerate_token = attrs.delete(:regenerate_token)
+
+        if regenerate_token
+          attrs[:pagerduty_token] = nil
+        else
+          attrs = attrs.except(:pagerduty_token)
+        end
+
+        { incident_management_setting_attributes: attrs }
       end
     end
   end

config/routes/project.rb

@@ -82,6 +82,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
           resource :operations, only: [:show, :update] do
             member do
               post :reset_alerting_token
+              post :reset_pagerduty_token
             end
           end
 

ee/app/services/ee/projects/operations/update_service.rb

@@ -11,7 +11,6 @@ module EE
         def project_update_params
           super
             .merge(tracing_setting_params)
-            .merge(incident_management_setting_params)
             .merge(status_page_setting_params)
         end
 
@@ -26,10 +25,6 @@ module EE
           { tracing_setting_attributes: attr.merge(_destroy: destroy) }
         end
 
-        def incident_management_setting_params
-          params.slice(:incident_management_setting_attributes)
-        end
-
         def status_page_setting_params
           return {} unless attrs = params[:status_page_setting_attributes]
 

spec/controllers/projects/settings/operations_controller_spec.rb

@@ -187,6 +187,98 @@ RSpec.describe Projects::Settings::OperationsController do
         it_behaves_like 'a gitlab tracking event', { send_email: '0' }, 'disabled_sending_emails'
       end
     end
+
+    describe 'POST #reset_pagerduty_token' do
+      let(:project) { create(:project) }
+
+      before do
+        project.add_maintainer(user)
+      end
+
+      context 'with existing incident management setting has active PagerDuty webhook' do
+        let!(:incident_management_setting) do
+          create(:project_incident_management_setting, project: project, pagerduty_active: true)
+        end
+
+        let!(:old_token) { incident_management_setting.pagerduty_token }
+
+        it 'returns newly reset token' do
+          reset_pagerduty_token
+
+          new_token = incident_management_setting.reload.pagerduty_token
+          new_webhook_url = project_incidents_pager_duty_url(project, token: new_token)
+
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response['pagerduty_webhook_url']).to eq(new_webhook_url)
+          expect(json_response['pagerduty_token']).to eq(new_token)
+          expect(old_token).not_to eq(new_token)
+        end
+      end
+
+      context 'without existing incident management setting' do
+        it 'does not reset a token' do
+          reset_pagerduty_token
+
+          new_webhook_url = project_incidents_pager_duty_url(project, token: nil)
+
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response['pagerduty_webhook_url']).to eq(new_webhook_url)
+          expect(project.incident_management_setting.pagerduty_token).to be_nil
+        end
+      end
+
+      context 'when update fails' do
+        let(:operations_update_service) { spy(:operations_update_service) }
+        let(:pagerduty_token_params) do
+          { incident_management_setting_attributes: { regenerate_token: true } }
+        end
+
+        before do
+          expect(::Projects::Operations::UpdateService)
+            .to receive(:new).with(project, user, pagerduty_token_params)
+            .and_return(operations_update_service)
+          expect(operations_update_service).to receive(:execute)
+            .and_return(status: :error)
+        end
+
+        it 'returns unprocessable_entity' do
+          reset_pagerduty_token
+
+          expect(response).to have_gitlab_http_status(:unprocessable_entity)
+          expect(json_response).to be_empty
+        end
+      end
+
+      context 'with insufficient permissions' do
+        before do
+          project.add_reporter(user)
+        end
+
+        it 'returns 404' do
+          reset_pagerduty_token
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
+
+      context 'as an anonymous user' do
+        before do
+          sign_out(user)
+        end
+
+        it 'returns a redirect' do
+          reset_pagerduty_token
+
+          expect(response).to have_gitlab_http_status(:redirect)
+        end
+      end
+
+      private
+
+      def reset_pagerduty_token
+        post :reset_pagerduty_token, params: project_params(project), format: :json
+      end
+    end
   end
 
   context 'error tracking' do