diff --git a/app/models/namespace_setting.rb b/app/models/namespace_setting.rb index 51aad69842b983f846774144cc6034ed872dc87d..94c4f79595d22f8bb625fe70d828b7d307a8bcef 100644 --- a/app/models/namespace_setting.rb +++ b/app/models/namespace_setting.rb @@ -98,7 +98,6 @@ class NamespaceSetting < ApplicationRecord math_rendering_limits_enabled lock_math_rendering_limits_enabled jwt_ci_cd_job_token_enabled - allow_personal_snippets ].freeze # matches the size set in the database constraint diff --git a/doc/api/openapi/openapi_v2.yaml b/doc/api/openapi/openapi_v2.yaml index 2e67e92795de1860752ba9651f0f4e803a5b9e90..b6dc059c653ed41c8ecea355cef845ea507a8979 100644 --- a/doc/api/openapi/openapi_v2.yaml +++ b/doc/api/openapi/openapi_v2.yaml @@ -48139,6 +48139,8 @@ definitions: type: string web_based_commit_signing_enabled: type: string + allow_personal_snippets: + type: string description: API_Entities_Group model API_Entities_Namespace_RootStorageStatistics: type: object @@ -48858,6 +48860,10 @@ definitions: items: type: integer format: int32 + allow_personal_snippets: + type: boolean + description: Allow creation of personal snippets for enterprise users of this + group description: Update a group. Available only for users who can administrate groups. API_Entities_GroupDetail: type: object @@ -48980,6 +48986,8 @@ definitions: type: string web_based_commit_signing_enabled: type: string + allow_personal_snippets: + type: string shared_with_groups: type: string runners_token: diff --git a/ee/app/controllers/concerns/ee/groups/params.rb b/ee/app/controllers/concerns/ee/groups/params.rb index a41d50c3817f9169f09fc6827bd4bde07ba2adac..6dbb7dce436455366ef0bf14787db9e4d3497028 100644 --- a/ee/app/controllers/concerns/ee/groups/params.rb +++ b/ee/app/controllers/concerns/ee/groups/params.rb @@ -95,8 +95,7 @@ def group_params_ee params_ee << :hide_email_on_profile if current_group&.enterprise_user_settings_available?(current_user) - params_ee << :allow_personal_snippets if current_group&.enterprise_user_settings_available?(current_user) && - ::Feature.enabled?(:allow_personal_snippets_setting, current_group) + params_ee << :allow_personal_snippets if current_group&.allow_personal_snippets_available?(current_user) if enterprise_bypass_placeholders_allowed? params_ee << :allow_enterprise_bypass_placeholder_confirmation diff --git a/ee/app/models/ee/group.rb b/ee/app/models/ee/group.rb index ee1ccc80cf84d8017d63f142f3251232775ec578..3a71fbeb4b7105dbd18c6c1c41acd3166bdb3898 100644 --- a/ee/app/models/ee/group.rb +++ b/ee/app/models/ee/group.rb @@ -1064,6 +1064,7 @@ def disable_personal_access_tokens_available? def allow_personal_snippets_available?(user = nil) root? && + ::Feature.enabled?(:allow_personal_snippets_setting, self) && enterprise_user_settings_available?(user) && ::Gitlab::Saas.feature_available?(:allow_personal_snippets) && licensed_feature_available?(:allow_personal_snippets) diff --git a/ee/app/models/ee/namespace_setting.rb b/ee/app/models/ee/namespace_setting.rb index ea18f6cc544b1547ee78c44f810e29b3bea7f0c6..390854e9437931f5f9ab7571bc20b42be6d1dd45 100644 --- a/ee/app/models/ee/namespace_setting.rb +++ b/ee/app/models/ee/namespace_setting.rb @@ -316,6 +316,7 @@ def experiment_features_allowed lock_web_based_commit_signing_enabled duo_foundational_flows_enabled lock_duo_foundational_flows_enabled + allow_personal_snippets ].freeze override :allowed_namespace_settings_params diff --git a/ee/app/views/groups/settings/_allow_personal_snippets.html.haml b/ee/app/views/groups/settings/_allow_personal_snippets.html.haml index 5e8810534c69abba30df9619b941607ad660cee9..a1728740d3e7f43b200f929724966bb32aef6729 100644 --- a/ee/app/views/groups/settings/_allow_personal_snippets.html.haml +++ b/ee/app/views/groups/settings/_allow_personal_snippets.html.haml @@ -1,4 +1,4 @@ -- return unless group.allow_personal_snippets_available?(current_user) && Feature.enabled?(:allow_personal_snippets_setting, group) +- return unless group.allow_personal_snippets_available?(current_user) = f.gitlab_ui_checkbox_component :allow_personal_snippets, checkbox_options: { checked: group.namespace_settings.allow_personal_snippets } do |c| - c.with_label do diff --git a/ee/lib/ee/api/entities/group.rb b/ee/lib/ee/api/entities/group.rb index ae42a3890fb8ee5ce6b79c6d060c4eaf0221f7ba..c5b9df0779907459a2a212c21bea1b6b9a99faa0 100644 --- a/ee/lib/ee/api/entities/group.rb +++ b/ee/lib/ee/api/entities/group.rb @@ -64,6 +64,10 @@ module Group ::Gitlab::Saas.feature_available?(:repositories_web_based_commit_signing) && Ability.allowed?(options[:current_user], :admin_group, group) } + expose :allow_personal_snippets, + if: ->(group, options) { + group.allow_personal_snippets_available?(options[:current_user]) + } end end end diff --git a/ee/lib/ee/api/helpers/groups_helpers.rb b/ee/lib/ee/api/helpers/groups_helpers.rb index b6cc393bb641dfe6f34f5528c3ea5f7067eebba7..0038426c1a0f84ceb0da771e3863afedc1f3eb09 100644 --- a/ee/lib/ee/api/helpers/groups_helpers.rb +++ b/ee/lib/ee/api/helpers/groups_helpers.rb @@ -109,6 +109,9 @@ module GroupsHelpers desc: 'Only allow to merge if all threads are resolved' optional :enabled_foundational_flows, type: Array[Integer], desc: 'IDs of enabled foundational flows' + optional :allow_personal_snippets, + type: ::Grape::API::Boolean, + desc: 'Allow creation of personal snippets for enterprise users of this group' end params :optional_projects_params_ee do diff --git a/ee/spec/lib/ee/api/entities/group_spec.rb b/ee/spec/lib/ee/api/entities/group_spec.rb index 12052734a6bd285fc540217c2fedc03e295c05de..66f1f4098bc9de688ea77129273dbc1d2f29604b 100644 --- a/ee/spec/lib/ee/api/entities/group_spec.rb +++ b/ee/spec/lib/ee/api/entities/group_spec.rb @@ -24,7 +24,8 @@ :duo_core_features_enabled, :duo_features_enabled, :lock_duo_features_enabled, - :web_based_commit_signing_enabled + :web_based_commit_signing_enabled, + :allow_personal_snippets ) end @@ -118,4 +119,22 @@ end end end + + context 'when the group is an enterprise group', :saas do + let(:user) { create(:user, enterprise_group: group, owner_of: group) } + let(:options) { { current_user: user } } + + context 'and the allow_personal_snippets feature is available' do + before do + stub_licensed_features(domain_verification: true, allow_personal_snippets: true) + stub_saas_features(allow_personal_snippets: true) + end + + it 'returns expected data' do + expect(json.keys).to include( + :allow_personal_snippets + ) + end + end + end end diff --git a/ee/spec/requests/api/groups_spec.rb b/ee/spec/requests/api/groups_spec.rb index 6c766272b6345da75993715002f599b6cff9d4ab..180f6c9bbbe206a5ee4cf4e1c4729949d73a6a59 100644 --- a/ee/spec/requests/api/groups_spec.rb +++ b/ee/spec/requests/api/groups_spec.rb @@ -1298,6 +1298,36 @@ end end end + + context 'allow_personal_snippets' do + using RSpec::Parameterized::TableSyntax + context 'when authenticated as group owner' do + where(:feature_available, :feature_enabled, :result) do + true | false | false + true | true | true + false | true | nil + false | false | nil + end + + with_them do + let(:params) { { web_based_commit_signing_enabled: true } } + + before do + group.add_owner(user) + + stub_saas_features(domain_verification: true, allow_personal_snippets: feature_available) + stub_feature_flags(allow_personal_snippets_setting: feature_enabled) + end + + it 'updates the attribute as expected' do + subject + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['web_based_commit_signing_enabled']).to eq(result) + end + end + end + end end describe "POST /groups" do