Merge branch 'issue_323886' into 'master'

Allow to toggle requirements_access_level on REST API

See merge request gitlab-org/gitlab!79968

doc/api/projects.md

@@ -1255,7 +1255,7 @@ POST /projects
 | `repository_access_level`                                   | string  | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. |
 | `repository_storage`                                        | string  | **{dotted-circle}** No | Which storage shard the repository is on. _(administrator only)_ |
 | `request_access_enabled`                                    | boolean | **{dotted-circle}** No | Allow users to request member access. |
-| `requirements_access_level`                                 | string  | **{dotted-circle}** No | One of `disabled`, `private`, `enabled` or `public` |
+| `requirements_access_level`                                 | string  | **{dotted-circle}** No | One of `disabled`, `private` or `enabled` |
 | `resolve_outdated_diff_discussions`                         | boolean | **{dotted-circle}** No | Automatically resolve merge request diffs discussions on lines changed with a push. |
 | `shared_runners_enabled`                                    | boolean | **{dotted-circle}** No | Enable shared runners for this project. |
 | `snippets_access_level`                                     | string  | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. |

ee/lib/ee/api/entities/project.rb

@@ -28,9 +28,13 @@ module EE
           expose :marked_for_deletion_on, if: ->(project, _) { project.feature_available?(:adjourned_deletion_for_projects_and_groups) } do |project, _|
             project.marked_for_deletion_at
           end
+          # Expose old field names with the new permissions methods to keep API compatible
+          # TODO: remove in API v5, replaced by *_access_level
           expose :requirements_enabled do |project, options|
             project.feature_available?(:requirements, options[:current_user])
           end
+          expose(:requirements_access_level) { |project, _| project.project_feature.string_access_level(:requirements) }
+
           expose :security_and_compliance_enabled do |project, options|
             project.feature_available?(:security_and_compliance, options[:current_user])
           end

ee/lib/ee/api/helpers/projects_helpers.rb

@@ -20,6 +20,7 @@ module EE
             optional :mirror, type: Grape::API::Boolean, desc: 'Enables pull mirroring in a project'
             optional :mirror_trigger_builds, type: Grape::API::Boolean, desc: 'Pull mirroring triggers builds'
             optional :external_authorization_classification_label, type: String, desc: 'The classification label for the project'
+            optional :requirements_access_level, type: String, values: %w(disabled private enabled), desc: 'Requirements feature access level. One of `disabled`, `private` or `enabled`'
           end
 
           params :optional_filter_params_ee do
@@ -57,7 +58,8 @@ module EE
               :issues_template,
               :merge_requests_template,
               :merge_pipelines_enabled,
-              :merge_trains_enabled
+              :merge_trains_enabled,
+              :requirements_access_level
             ]
           end
         end

ee/spec/requests/api/projects_spec.rb

@@ -691,6 +691,21 @@ RSpec.describe API::Projects do
         end
       end
     end
+
+    context 'with requirements_access_level' do
+      let(:project_params) { { name: 'bar', requirements_access_level: 'disabled' } }
+
+      before do
+        stub_licensed_features(requirements: true)
+      end
+
+      it 'updates project with given value' do
+        post api('/projects', user), params: project_params
+
+        expect(response).to have_gitlab_http_status(:created)
+        expect(json_response['requirements_access_level']).to eq(project_params[:requirements_access_level])
+      end
+    end
   end
 
   describe 'GET projects/:id/audit_events' do
@@ -953,6 +968,21 @@ RSpec.describe API::Projects do
           expect(json_response['merge_requests_template']).to eq(project_params[:merge_requests_template])
         end
       end
+
+      context 'when updating requirements_access_level' do
+        let(:project_params) { { requirements_access_level: 'disabled' } }
+
+        before do
+          stub_licensed_features(requirements: true)
+        end
+
+        it 'updates project with given value' do
+          subject
+
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response['requirements_access_level']).to eq(project_params[:requirements_access_level])
+        end
+      end
     end
 
     context 'issuable default templates feature not available' do

spec/requests/api/project_attributes.yml

@@ -121,7 +121,6 @@ project_feature:
     - created_at
     - metrics_dashboard_access_level
     - project_id
-    - requirements_access_level
     - security_and_compliance_access_level
     - updated_at
   computed_attributes: