From c45e37ff75795fae8e8758babbdbf73c97cfd2ad Mon Sep 17 00:00:00 2001 From: Jiovanni Castillo Date: Wed, 5 Apr 2023 16:56:40 +0000 Subject: [PATCH 1/8] Distinguish deploy keys in Protected branches API --- app/models/protected_branch/push_access_level.rb | 6 ++++++ lib/api/entities/protected_ref_access.rb | 1 + 2 files changed, 7 insertions(+) diff --git a/app/models/protected_branch/push_access_level.rb b/app/models/protected_branch/push_access_level.rb index 66fe57be25fda0..d4c683cbdde2c4 100644 --- a/app/models/protected_branch/push_access_level.rb +++ b/app/models/protected_branch/push_access_level.rb @@ -21,6 +21,12 @@ def type end end + def humanize + return "Deploy key" if self.deploy_key.present? + + super + end + def check_access(user) if user && deploy_key.present? return user.can?(:read_project, project) && enabled_deploy_key_for_user?(deploy_key, user) diff --git a/lib/api/entities/protected_ref_access.rb b/lib/api/entities/protected_ref_access.rb index ba28c724448671..c1d4ec1c823e4c 100644 --- a/lib/api/entities/protected_ref_access.rb +++ b/lib/api/entities/protected_ref_access.rb @@ -9,6 +9,7 @@ class ProtectedRefAccess < Grape::Entity documentation: { type: 'string', example: 'Maintainers' } do |protected_ref_access| protected_ref_access.humanize end + expose :deploy_key_id, if: ->(protected_ref_access) { protected_ref_access.has_attribute?(:deploy_key_id) && protected_ref_access.deploy_key_id } end end end -- GitLab From 7a9a427a152c3d03ec1d0df9f4ec371f7740c435 Mon Sep 17 00:00:00 2001 From: Jiovanni Castillo Date: Tue, 11 Apr 2023 18:08:28 +0000 Subject: [PATCH 2/8] Resolve rubocop offense --- lib/api/entities/protected_ref_access.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/api/entities/protected_ref_access.rb b/lib/api/entities/protected_ref_access.rb index c1d4ec1c823e4c..b07d82f997f91e 100644 --- a/lib/api/entities/protected_ref_access.rb +++ b/lib/api/entities/protected_ref_access.rb @@ -9,7 +9,8 @@ class ProtectedRefAccess < Grape::Entity documentation: { type: 'string', example: 'Maintainers' } do |protected_ref_access| protected_ref_access.humanize end - expose :deploy_key_id, if: ->(protected_ref_access) { protected_ref_access.has_attribute?(:deploy_key_id) && protected_ref_access.deploy_key_id } + expose :deploy_key_id, documentation: { type: 'integer', example: 1 }, + if: ->(access) { access.has_attribute?(:deploy_key_id) && access.deploy_key_id } end end end -- GitLab From c834777cbeb4623a983df1de5788c1c7584f0b1a Mon Sep 17 00:00:00 2001 From: Jiovanni Castillo Date: Tue, 11 Apr 2023 18:10:03 +0000 Subject: [PATCH 3/8] Fix indentation --- lib/api/entities/protected_ref_access.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/api/entities/protected_ref_access.rb b/lib/api/entities/protected_ref_access.rb index b07d82f997f91e..28e0ef540d5aaf 100644 --- a/lib/api/entities/protected_ref_access.rb +++ b/lib/api/entities/protected_ref_access.rb @@ -9,8 +9,8 @@ class ProtectedRefAccess < Grape::Entity documentation: { type: 'string', example: 'Maintainers' } do |protected_ref_access| protected_ref_access.humanize end - expose :deploy_key_id, documentation: { type: 'integer', example: 1 }, - if: ->(access) { access.has_attribute?(:deploy_key_id) && access.deploy_key_id } + expose :deploy_key_id, documentation: { type: 'integer', example: 1 }, + if: ->(access) { access.has_attribute?(:deploy_key_id) && access.deploy_key_id } end end end -- GitLab From e0762187299f91f29cc2a18896226e1837ec6f46 Mon Sep 17 00:00:00 2001 From: Jiovanni Castillo Date: Sat, 22 Apr 2023 01:00:16 +0000 Subject: [PATCH 4/8] Update access_level_description for protected tags --- app/models/protected_tag/create_access_level.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/models/protected_tag/create_access_level.rb b/app/models/protected_tag/create_access_level.rb index abb233d3800fd1..f5f392d19f5eba 100644 --- a/app/models/protected_tag/create_access_level.rb +++ b/app/models/protected_tag/create_access_level.rb @@ -19,6 +19,12 @@ def type end end + def humanize + return "Deploy key" if self.deploy_key.present? + + super + end + def check_access(user) return false if access_level == Gitlab::Access::NO_ACCESS -- GitLab From 39ebe41190ca1a00b2a7a714aadc07e6d536105b Mon Sep 17 00:00:00 2001 From: Jiovanni Castillo Date: Sat, 22 Apr 2023 01:49:41 +0000 Subject: [PATCH 5/8] Fix rubocop offenses --- app/models/protected_branch/push_access_level.rb | 2 +- app/models/protected_tag/create_access_level.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/models/protected_branch/push_access_level.rb b/app/models/protected_branch/push_access_level.rb index d4c683cbdde2c4..c86ca5723fa39f 100644 --- a/app/models/protected_branch/push_access_level.rb +++ b/app/models/protected_branch/push_access_level.rb @@ -22,7 +22,7 @@ def type end def humanize - return "Deploy key" if self.deploy_key.present? + return "Deploy key" if deploy_key.present? super end diff --git a/app/models/protected_tag/create_access_level.rb b/app/models/protected_tag/create_access_level.rb index f5f392d19f5eba..785e7559212bfb 100644 --- a/app/models/protected_tag/create_access_level.rb +++ b/app/models/protected_tag/create_access_level.rb @@ -20,7 +20,7 @@ def type end def humanize - return "Deploy key" if self.deploy_key.present? + return "Deploy key" if deploy_key.present? super end -- GitLab From 4e967039f74601b6f6122cb5ed305587895acf7d Mon Sep 17 00:00:00 2001 From: Jiovanni Castillo Date: Fri, 28 Apr 2023 02:02:53 +0000 Subject: [PATCH 6/8] Add rspec tests --- spec/requests/api/protected_branches_spec.rb | 12 ++++++++++++ spec/requests/api/protected_tags_spec.rb | 12 ++++++++++++ 2 files changed, 24 insertions(+) diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb index 622e57edf6a5ce..a6168eb9aefccd 100644 --- a/spec/requests/api/protected_branches_spec.rb +++ b/spec/requests/api/protected_branches_spec.rb @@ -110,6 +110,18 @@ it_behaves_like 'protected branch' end + + context 'when a deploy key is present' do + let(:deploy_key) { create(:deploy_key, deploy_keys_projects: [create(:deploy_keys_project, :write_access, project: project)]) } + + it 'returns deploy key information' do + create(:protected_branch_push_access_level, protected_branch: protected_branch, deploy_key: deploy_key) + get api(route, user) + + expect(json_response['push_access_levels'][1]['access_level_description']).to eq('Deploy key') + expect(json_response['push_access_levels'][1]['deploy_key_id']).to eq(deploy_key.id) + end + end end context 'when authenticated as a developer' do diff --git a/spec/requests/api/protected_tags_spec.rb b/spec/requests/api/protected_tags_spec.rb index 5b128d4ec9e48b..fdc37095044e61 100644 --- a/spec/requests/api/protected_tags_spec.rb +++ b/spec/requests/api/protected_tags_spec.rb @@ -84,6 +84,18 @@ it_behaves_like 'protected tag' end + + context 'when a deploy key is present' do + let(:deploy_key) { create(:deploy_key, deploy_keys_projects: [create(:deploy_keys_project, :write_access, project: project)]) } + + it 'returns deploy key information' do + create(:protected_tag_create_access_level, protected_tag: protected_tag, deploy_key: deploy_key) + get api(route, user) + + expect(json_response['create_access_levels'][1]['access_level_description']).to eq('Deploy key') + expect(json_response['create_access_levels'][1]['deploy_key_id']).to eq(deploy_key.id) + end + end end context 'when authenticated as a guest' do -- GitLab From f81e9620908d7c98b1bd842f5a4eb5ca2a45cc7f Mon Sep 17 00:00:00 2001 From: Jiovanni Castillo Date: Fri, 28 Apr 2023 02:53:00 +0000 Subject: [PATCH 7/8] Fix rubocop offenses --- spec/requests/api/protected_branches_spec.rb | 6 ++++-- spec/requests/api/protected_tags_spec.rb | 4 +++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb index a6168eb9aefccd..e311ee502701c9 100644 --- a/spec/requests/api/protected_branches_spec.rb +++ b/spec/requests/api/protected_branches_spec.rb @@ -112,8 +112,10 @@ end context 'when a deploy key is present' do - let(:deploy_key) { create(:deploy_key, deploy_keys_projects: [create(:deploy_keys_project, :write_access, project: project)]) } - + let(:deploy_key) do + create(:deploy_key, deploy_keys_projects: [create(:deploy_keys_project, :write_access, project: project)]) + end + it 'returns deploy key information' do create(:protected_branch_push_access_level, protected_branch: protected_branch, deploy_key: deploy_key) get api(route, user) diff --git a/spec/requests/api/protected_tags_spec.rb b/spec/requests/api/protected_tags_spec.rb index fdc37095044e61..84c641ac115925 100644 --- a/spec/requests/api/protected_tags_spec.rb +++ b/spec/requests/api/protected_tags_spec.rb @@ -86,7 +86,9 @@ end context 'when a deploy key is present' do - let(:deploy_key) { create(:deploy_key, deploy_keys_projects: [create(:deploy_keys_project, :write_access, project: project)]) } + let(:deploy_key) do + create(:deploy_key, deploy_keys_projects: [create(:deploy_keys_project, :write_access, project: project)]) + end it 'returns deploy key information' do create(:protected_tag_create_access_level, protected_tag: protected_tag, deploy_key: deploy_key) -- GitLab From 0a18e3f1995373b7649c1f003ac18a38ad760092 Mon Sep 17 00:00:00 2001 From: Jiovanni Castillo Date: Fri, 28 Apr 2023 14:45:49 +0000 Subject: [PATCH 8/8] Update tests to use a_hash_including --- spec/requests/api/protected_branches_spec.rb | 5 +++-- spec/requests/api/protected_tags_spec.rb | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb index e311ee502701c9..04d5f7ac20a92a 100644 --- a/spec/requests/api/protected_branches_spec.rb +++ b/spec/requests/api/protected_branches_spec.rb @@ -120,8 +120,9 @@ create(:protected_branch_push_access_level, protected_branch: protected_branch, deploy_key: deploy_key) get api(route, user) - expect(json_response['push_access_levels'][1]['access_level_description']).to eq('Deploy key') - expect(json_response['push_access_levels'][1]['deploy_key_id']).to eq(deploy_key.id) + expect(json_response['push_access_levels']).to include( + a_hash_including('access_level_description' => 'Deploy key', 'deploy_key_id' => deploy_key.id) + ) end end end diff --git a/spec/requests/api/protected_tags_spec.rb b/spec/requests/api/protected_tags_spec.rb index 84c641ac115925..c6398e624f8024 100644 --- a/spec/requests/api/protected_tags_spec.rb +++ b/spec/requests/api/protected_tags_spec.rb @@ -94,8 +94,9 @@ create(:protected_tag_create_access_level, protected_tag: protected_tag, deploy_key: deploy_key) get api(route, user) - expect(json_response['create_access_levels'][1]['access_level_description']).to eq('Deploy key') - expect(json_response['create_access_levels'][1]['deploy_key_id']).to eq(deploy_key.id) + expect(json_response['create_access_levels']).to include( + a_hash_including('access_level_description' => 'Deploy key', 'deploy_key_id' => deploy_key.id) + ) end end end -- GitLab