CE port of "Move external authorization service API management to EE"if-12036-move_external_authorization_service_api_management_to_ee

EE MR: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14598

4 files changed, 6 insertions, 53 deletions

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 765819e6bf1..19648c5587d 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -294,7 +294,6 @@ module API
       expose :statistics, using: 'API::Entities::ProjectStatistics', if: -> (project, options) {
         options[:statistics] && Ability.allowed?(options[:current_user], :read_statistics, project)
       }
-      expose :external_authorization_classification_label
       expose :auto_devops_enabled?, as: :auto_devops_enabled
       expose :auto_devops_deploy_strategy do |project, options|
         project.auto_devops.nil? ? 'continuous' : project.auto_devops.deploy_strategy
diff --git a/lib/api/helpers/projects_helpers.rb b/lib/api/helpers/projects_helpers.rb
index 0e21a7a66fd..833e3b9ebaf 100644
--- a/lib/api/helpers/projects_helpers.rb
+++ b/lib/api/helpers/projects_helpers.rb
@@ -42,7 +42,6 @@ module API
         optional :printing_merge_request_link_enabled, type: Boolean, desc: 'Show link to create/view merge request when pushing from the command line'
         optional :merge_method, type: String, values: %w(ff rebase_merge merge), desc: 'The merge method used when merging merge requests'
         optional :initialize_with_readme, type: Boolean, desc: "Initialize a project with a README.md"
-        optional :external_authorization_classification_label, type: String, desc: 'The classification label for the project'
         optional :ci_default_git_depth, type: Integer, desc: 'Default number of revisions for shallow cloning'
         optional :auto_devops_enabled, type: Boolean, desc: 'Flag indication if Auto DevOps is enabled'
         optional :auto_devops_deploy_strategy, type: String, values: %w(continuous manual timed_incremental), desc: 'Auto Deploy strategy'
@@ -94,7 +93,6 @@ module API
           :visibility,
           :wiki_access_level,
           :avatar,
-          :external_authorization_classification_label,
 
           # TODO: remove in API v5, replaced by *_access_level
           :issues_enabled,
@@ -105,6 +103,9 @@ module API
           :snippets_enabled
         ]
       end
+
+      def filter_attributes_using_license!(attrs)
+      end
     end
   end
 end
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index a7d62014509..0923d31f5ff 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -145,6 +145,7 @@ module API
       post do
         attrs = declared_params(include_missing: false)
         attrs = translate_params_for_compatibility(attrs)
+        filter_attributes_using_license!(attrs)
         project = ::Projects::CreateService.new(current_user, attrs).execute
 
         if project.saved?
@@ -179,6 +180,7 @@ module API
 
         attrs = declared_params(include_missing: false)
         attrs = translate_params_for_compatibility(attrs)
+        filter_attributes_using_license!(attrs)
         project = ::Projects::CreateService.new(user, attrs).execute
 
         if project.saved?
@@ -292,7 +294,7 @@ module API
         authorize! :change_visibility_level, user_project if attrs[:visibility].present?
 
         attrs = translate_params_for_compatibility(attrs)
-
+        filter_attributes_using_license!(attrs)
         verify_update_project_attrs!(user_project, attrs)
 
         result = ::Projects::UpdateService.new(user_project, current_user, attrs).execute
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index a2aae257352..fee300e9d7a 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -46,8 +46,6 @@ shared_examples 'languages and percentages JSON response' do
 end
 
 describe API::Projects do
-  include ExternalAuthorizationServiceHelpers
-
   let(:user) { create(:user) }
   let(:user2) { create(:user) }
   let(:user3) { create(:user) }
@@ -1425,39 +1423,6 @@ describe API::Projects do
         end
       end
     end
-
-    context 'with external authorization' do
-      let(:project) do
-        create(:project,
-               namespace: user.namespace,
-               external_authorization_classification_label: 'the-label')
-      end
-
-      context 'when the user has access to the project' do
-        before do
-          external_service_allow_access(user, project)
-        end
-
-        it 'includes the label in the response' do
-          get api("/projects/#{project.id}", user)
-
-          expect(response).to have_gitlab_http_status(200)
-          expect(json_response['external_authorization_classification_label']).to eq('the-label')
-        end
-      end
-
-      context 'when the external service denies access' do
-        before do
-          external_service_deny_access(user, project)
-        end
-
-        it 'returns a 404' do
-          get api("/projects/#{project.id}", user)
-
-          expect(response).to have_gitlab_http_status(404)
-        end
-      end
-    end
   end
 
   describe 'GET /projects/:id/users' do
@@ -2061,20 +2026,6 @@ describe API::Projects do
         expect(response).to have_gitlab_http_status(403)
       end
     end
-
-    context 'when updating external classification' do
-      before do
-        enable_external_authorization_service_check
-      end
-
-      it 'updates the classification label' do
-        put(api("/projects/#{project.id}", user), params: { external_authorization_classification_label: 'new label' })
-
-        expect(response).to have_gitlab_http_status(200)
-
-        expect(project.reload.external_authorization_classification_label).to eq('new label')
-      end
-    end
   end
 
   describe 'POST /projects/:id/archive' do