Merge branch '47145-quick-actions-confidential' into 'master'

Resolve "Add `/confidential` quick action for issues"

Closes #47145

See merge request gitlab-org/gitlab-ce!19615

5 files changed, 71 insertions, 0 deletions

diff --git a/app/services/quick_actions/interpret_service.rb b/app/services/quick_actions/interpret_service.rb
index 0215994b1a7..9ac8fdb4cff 100644
--- a/app/services/quick_actions/interpret_service.rb
+++ b/app/services/quick_actions/interpret_service.rb
@@ -561,6 +561,17 @@ module QuickActions
       end
     end
 
+    desc 'Make issue confidential.'
+    explanation do
+      'Makes this issue confidential'
+    end
+    condition do
+      issuable.is_a?(Issue) && current_user.can?(:"admin_#{issuable.to_ability_name}", issuable)
+    end
+    command :confidential do
+      @updates[:confidential] = true
+    end
+
     def extract_users(params)
       return [] if params.nil?
 
diff --git a/changelogs/unreleased/47145-quick-actions-confidential.yml b/changelogs/unreleased/47145-quick-actions-confidential.yml
new file mode 100644
index 00000000000..7ae4e2268af
--- /dev/null
+++ b/changelogs/unreleased/47145-quick-actions-confidential.yml
@@ -0,0 +1,5 @@
+---
+title: Add /confidential quick action
+merge_request:
+author: Jan Beckmann
+type: added
diff --git a/doc/user/project/quick_actions.md b/doc/user/project/quick_actions.md
index 2f4ed3493c2..0ef8eddad20 100644
--- a/doc/user/project/quick_actions.md
+++ b/doc/user/project/quick_actions.md
@@ -42,3 +42,4 @@ do.
 | `/tableflip`               | Append the comment with `(╯°□°)╯︵ ┻━┻` |
 | `/shrug`                   | Append the comment with `¯\＿(ツ)＿/¯` |
 | <code>/copy_metadata #issue &#124; !merge_request</code> | Copy labels and milestone from other issue or merge request |
+| `/confidential`            | Makes the issue confidential |
\ No newline at end of file
diff --git a/spec/features/issues/user_uses_slash_commands_spec.rb b/spec/features/issues/user_uses_slash_commands_spec.rb
index fd0aa6cf3a3..dacca494755 100644
--- a/spec/features/issues/user_uses_slash_commands_spec.rb
+++ b/spec/features/issues/user_uses_slash_commands_spec.rb
@@ -153,6 +153,42 @@ feature 'Issues > User uses quick actions', :js do
       end
     end
 
+    describe 'make issue confidential' do
+      let(:issue) { create(:issue, project: project) }
+      let(:original_issue) { create(:issue, project: project) }
+
+      context 'when the current user can update issues' do
+        it 'does not create a note, and marks the issue as confidential' do
+          add_note("/confidential")
+
+          expect(page).not_to have_content "/confidential"
+          expect(page).to have_content 'Commands applied'
+          expect(page).to have_content "made the issue confidential"
+
+          expect(issue.reload).to be_confidential
+        end
+      end
+
+      context 'when the current user cannot update the issue' do
+        let(:guest) { create(:user) }
+        before do
+          project.add_guest(guest)
+          gitlab_sign_out
+          sign_in(guest)
+          visit project_issue_path(project, issue)
+        end
+
+        it 'does not create a note, and does not mark the issue as confidential' do
+          add_note("/confidential")
+
+          expect(page).not_to have_content 'Commands applied'
+          expect(page).not_to have_content "made the issue confidential"
+
+          expect(issue.reload).not_to be_confidential
+        end
+      end
+    end
+
     describe 'move the issue to another project' do
       let(:issue) { create(:issue, project: project) }
 
diff --git a/spec/services/quick_actions/interpret_service_spec.rb b/spec/services/quick_actions/interpret_service_spec.rb
index bd835a1fca6..743e281183e 100644
--- a/spec/services/quick_actions/interpret_service_spec.rb
+++ b/spec/services/quick_actions/interpret_service_spec.rb
@@ -323,6 +323,14 @@ describe QuickActions::InterpretService do
       end
     end
 
+    shared_examples 'confidential command' do
+      it 'marks issue as confidential if content contains /confidential' do
+        _, updates = service.execute(content, issuable)
+
+        expect(updates).to eq(confidential: true)
+      end
+    end
+
     shared_examples 'shrug command' do
       it 'appends ¯\_(ツ)_/¯ to the comment' do
         new_content, _ = service.execute(content, issuable)
@@ -774,6 +782,11 @@ describe QuickActions::InterpretService do
       let(:issuable) { issue }
     end
 
+    it_behaves_like 'confidential command' do
+      let(:content) { '/confidential' }
+      let(:issuable) { issue }
+    end
+
     context '/copy_metadata command' do
       let(:todo_label) { create(:label, project: project, title: 'To Do') }
       let(:inreview_label) { create(:label, project: project, title: 'In Review') }
@@ -919,6 +932,11 @@ describe QuickActions::InterpretService do
       end
 
       it_behaves_like 'empty command' do
+        let(:content) { '/confidential' }
+        let(:issuable) { issue }
+      end
+
+      it_behaves_like 'empty command' do
         let(:content) { '/duplicate #{issue.to_reference}' }
         let(:issuable) { issue }
       end