Changing the confidentiality of an issue now creates a new system note

Signed-off-by: Rémy Coutable <remy@rymai.me>

6 files changed, 57 insertions, 7 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 48e38899607..8b1752c30fb 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -10,6 +10,7 @@ v 8.8.0 (unreleased)
   - Escape HTML in commit titles in system note messages
   - Improve multiple branch push performance by memoizing permission checking
   - Log to application.log when an admin starts and stops impersonating a user
+  - Changing the confidentiality of an issue now creates a new system note (Alex Moore-Niemi)
   - Updated gitlab_git to 10.1.0
   - GitAccess#protected_tag? no longer loads all tags just to check if a single one exists
   - Reduce delay in destroying a project from 1-minute to immediately
diff --git a/app/services/issuable_base_service.rb b/app/services/issuable_base_service.rb
index 2b16089df1b..1f59281e271 100644
--- a/app/services/issuable_base_service.rb
+++ b/app/services/issuable_base_service.rb
@@ -36,6 +36,12 @@ class IssuableBaseService < BaseService
     end
   end
 
+  def create_confidentiality_note(issuable)
+    SystemNoteService.change_confidentiality(
+      issuable, issuable.project, current_user
+    )
+  end
+
   def filter_params(issuable_ability_name = :issue)
     filter_assignee
     filter_milestone
diff --git a/app/services/issues/update_service.rb b/app/services/issues/update_service.rb
index 3563cbaa997..3a9bbf8a78c 100644
--- a/app/services/issues/update_service.rb
+++ b/app/services/issues/update_service.rb
@@ -10,7 +10,7 @@ module Issues
       end
 
       if issue.previous_changes.include?('title') ||
-         issue.previous_changes.include?('description')
+          issue.previous_changes.include?('description')
         todo_service.update_issue(issue, current_user)
       end
 
@@ -24,6 +24,10 @@ module Issues
         todo_service.reassigned_issue(issue, current_user)
       end
 
+      if issue.previous_changes.include?('confidential')
+        create_confidentiality_note(issue)
+      end
+
       added_labels = issue.labels - old_labels
       if added_labels.present?
         notification_service.relabeled_issue(issue, added_labels, current_user)
diff --git a/app/services/system_note_service.rb b/app/services/system_note_service.rb
index 4bdb1b0c074..e9e3c472e6d 100644
--- a/app/services/system_note_service.rb
+++ b/app/services/system_note_service.rb
@@ -175,6 +175,25 @@ class SystemNoteService
     create_note(noteable: noteable, project: project, author: author, note: body)
   end
 
+  # Called when the confidentiality changes
+  #
+  # noteable    - Noteable object that responds to 'confidential'
+  # project     - Project owning noteable
+  # author      - User performing the change
+  #
+  # Example Note text:
+  #
+  # "Marked as confidential"
+  #
+  # Returns the created Note object
+  def self.change_confidentiality(noteable, project, author)
+    return unless noteable.respond_to?(:confidential)
+
+    confidentiality_status = noteable.confidential ? "confidential" : "not confidential"
+    body = "Marked as #{confidentiality_status}"
+    create_note(noteable: noteable, project: project, author: author, note: body)
+  end
+
   # Called when a branch in Noteable is changed
   #
   # noteable    - Noteable object
diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb
index 52f69306994..c9d8f1b382c 100644
--- a/spec/services/issues/update_service_spec.rb
+++ b/spec/services/issues/update_service_spec.rb
@@ -27,11 +27,6 @@ describe Issues::UpdateService, services: true do
       end
     end
 
-    def update_issue(opts)
-      @issue = Issues::UpdateService.new(project, user, opts).execute(issue)
-      @issue.reload
-    end
-
     context "valid params" do
       before do
         opts = {
@@ -39,7 +34,8 @@ describe Issues::UpdateService, services: true do
           description: 'Also please fix',
           assignee_id: user2.id,
           state_event: 'close',
-          label_ids: [label.id]
+          label_ids: [label.id],
+          confidential: true
         }
 
         perform_enqueued_jobs do
@@ -84,6 +80,18 @@ describe Issues::UpdateService, services: true do
         expect(note).not_to be_nil
         expect(note.note).to eq 'Title changed from **Old title** to **New title**'
       end
+
+      it 'creates system note about confidentiality change' do
+        note = find_note('Marked as confidential')
+
+        expect(note).not_to be_nil
+        expect(note.note).to eq 'Marked as confidential'
+      end
+    end
+
+    def update_issue(opts)
+      @issue = Issues::UpdateService.new(project, user, opts).execute(issue)
+      @issue.reload
     end
 
     context 'todos' do
diff --git a/spec/services/system_note_service_spec.rb b/spec/services/system_note_service_spec.rb
index 5fbf2ae5247..4fa60436155 100644
--- a/spec/services/system_note_service_spec.rb
+++ b/spec/services/system_note_service_spec.rb
@@ -254,6 +254,18 @@ describe SystemNoteService, services: true do
     end
   end
 
+  describe '.change_confidentiality' do
+    subject { described_class.change_confidentiality(noteable, project, author) }
+
+    context 'when noteable responds to `confidential`' do
+      it_behaves_like 'a system note'
+
+      it 'sets the note text' do
+        expect(subject.note).to eq "Marked as not confidential"
+      end
+    end
+  end
+
   describe '.change_branch' do
     subject { described_class.change_branch(noteable, project, author, 'target', old_branch, new_branch) }
     let(:old_branch) { 'old_branch'}