Merge branch 'fix-restricted-visibility' into 'master'

Restricted visibility levels - bug fix and new feature

This allows admin users to override restricted visibility settings when creating and updating projects and snippets, and moves the restricted visibility configuration from gitlab.yml to the web UI.  See #1903.

## Move configuration location

I added a new section to the application settings page for restricted visibility levels.  Each level has a checkbox, styled with Bootstrap to look like a toggle button.  A checked box means that the level is restricted.  I added a glowing text shadow and changed the background color for checked buttons because the default styles made it hard to distinguish between checked and unchecked.  This image shows the new section with the "Public" box checked:

![restricted_visibility_settings](https://dev.gitlab.org/Okada/gitlabhq/uploads/629562e4313f89b795e81c3bb0f95893/restricted_visibility_settings.png)

## Allow admins to override

To allow admin users to override the restricted visibility levels, I had to remove the `visibility_level` validation from the `Project` class.  The model doesn't know about the `current_user`, which should determine whether the restrictions can be overridden.  We could use the creator in the validation, but that wouldn't work correctly for projects where a non-admin user is the creator and an admin tries to change the project to a restricted visibility level.

The `Project::UpdateService` and `Project::CreateService` classes already had code to determine whether the current user is allowed to use a given visibility level; now all visibility level validation is done in those classes.  Currently, when a non-admin tries to create or update a project using a restricted level, these classes silently set the visibility level to the global default (create) or the project's existing value (update).  I changed this behavior to be more like an Active Model validation, where using a restricted level causes the entire request to be rejected.

Project and personal snippets didn't have service classes, and restricted visibility levels weren't being enforced in the model or the controllers.  The UI disabled radio buttons for restricted levels, but that wouldn't be difficult to circumvent.  I created the `CreateSnippetService` and `UpdateSnippetService` classes to do the same restricted visibility check that the project classes do.  And since I was dealing with snippet visibility levels, I updated the API endpoints for project snippets to allow users to set and update the visibility level.

## TODO

* [x] Add more tests for restricted visibility functionality

cc @sytse @dzaporozhets

See merge request !1655

6 files changed, 35 insertions, 29 deletions

diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index ee678d84c84..a6e77002a01 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -207,7 +207,7 @@ module API
     end
 
     def render_validation_error!(model)
-      unless model.valid?
+      if model.errors.any?
         render_api_error!(model.errors.messages || '400 Bad Request', 400)
       end
     end
diff --git a/lib/api/project_snippets.rb b/lib/api/project_snippets.rb
index 0c2d282f785..54f2555903f 100644
--- a/lib/api/project_snippets.rb
+++ b/lib/api/project_snippets.rb
@@ -42,21 +42,22 @@ module API
       #   title (required) - The title of a snippet
       #   file_name (required) - The name of a snippet file
       #   code (required) - The content of a snippet
+      #   visibility_level (required) - The snippet's visibility
       # Example Request:
       #   POST /projects/:id/snippets
       post ":id/snippets" do
         authorize! :write_project_snippet, user_project
-        required_attributes! [:title, :file_name, :code]
+        required_attributes! [:title, :file_name, :code, :visibility_level]
 
-        attrs = attributes_for_keys [:title, :file_name]
+        attrs = attributes_for_keys [:title, :file_name, :visibility_level]
         attrs[:content] = params[:code] if params[:code].present?
-        @snippet = user_project.snippets.new attrs
-        @snippet.author = current_user
+        @snippet = CreateSnippetService.new(user_project, current_user,
+                                            attrs).execute
 
-        if @snippet.save
-          present @snippet, with: Entities::ProjectSnippet
-        else
+        if @snippet.errors.any?
           render_validation_error!(@snippet)
+        else
+          present @snippet, with: Entities::ProjectSnippet
         end
       end
 
@@ -68,19 +69,22 @@ module API
       #   title (optional) - The title of a snippet
       #   file_name (optional) - The name of a snippet file
       #   code (optional) - The content of a snippet
+      #   visibility_level (optional) - The snippet's visibility
       # Example Request:
       #   PUT /projects/:id/snippets/:snippet_id
       put ":id/snippets/:snippet_id" do
         @snippet = user_project.snippets.find(params[:snippet_id])
         authorize! :modify_project_snippet, @snippet
 
-        attrs = attributes_for_keys [:title, :file_name]
+        attrs = attributes_for_keys [:title, :file_name, :visibility_level]
         attrs[:content] = params[:code] if params[:code].present?
 
-        if @snippet.update_attributes attrs
-          present @snippet, with: Entities::ProjectSnippet
-        else
+        UpdateSnippetService.new(user_project, current_user, @snippet,
+                                 attrs).execute
+        if @snippet.errors.any?
           render_validation_error!(@snippet)
+        else
+          present @snippet, with: Entities::ProjectSnippet
         end
       end
 
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 0677e85beab..83f65eec6cc 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -233,10 +233,10 @@ module API
         ::Projects::UpdateService.new(user_project,
                                       current_user, attrs).execute
 
-        if user_project.valid?
-          present user_project, with: Entities::Project
-        else
+        if user_project.errors.any?
           render_validation_error!(user_project)
+        else
+          present user_project, with: Entities::Project
         end
       end
 
diff --git a/lib/gitlab/current_settings.rb b/lib/gitlab/current_settings.rb
index 1a25eebe7d1..0ebebfa09c4 100644
--- a/lib/gitlab/current_settings.rb
+++ b/lib/gitlab/current_settings.rb
@@ -5,8 +5,7 @@ module Gitlab
 
       RequestStore.store[key] ||= begin
         if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('application_settings')
-          RequestStore.store[:current_application_settings] =
-            (ApplicationSetting.current || ApplicationSetting.create_from_defaults)
+          ApplicationSetting.current || ApplicationSetting.create_from_defaults
         else
           fake_application_settings
         end
@@ -21,6 +20,7 @@ module Gitlab
         signin_enabled: Settings.gitlab['signin_enabled'],
         gravatar_enabled: Settings.gravatar['enabled'],
         sign_in_text: Settings.extra['sign_in_text'],
+        restricted_visibility_levels: Settings.gitlab['restricted_visibility_levels']
       )
     end
   end
diff --git a/lib/gitlab/url_builder.rb b/lib/gitlab/url_builder.rb
index 6830d15875a..11b0d44f340 100644
--- a/lib/gitlab/url_builder.rb
+++ b/lib/gitlab/url_builder.rb
@@ -51,9 +51,9 @@ module Gitlab
                           anchor: "note_#{note.id}")
       elsif note.for_project_snippet?
         snippet = Snippet.find(note.noteable_id)
-        snippet_url(snippet,
-                    host: Gitlab.config.gitlab['url'],
-                    anchor: "note_#{note.id}")
+        project_snippet_url(snippet,
+                            host: Gitlab.config.gitlab['url'],
+                            anchor: "note_#{note.id}")
       end
     end
   end
diff --git a/lib/gitlab/visibility_level.rb b/lib/gitlab/visibility_level.rb
index d0b6cde3c7e..1851e76067c 100644
--- a/lib/gitlab/visibility_level.rb
+++ b/lib/gitlab/visibility_level.rb
@@ -5,6 +5,8 @@
 #
 module Gitlab
   module VisibilityLevel
+    extend CurrentSettings
+
     PRIVATE  = 0 unless const_defined?(:PRIVATE)
     INTERNAL = 10 unless const_defined?(:INTERNAL)
     PUBLIC   = 20 unless const_defined?(:PUBLIC)
@@ -23,21 +25,21 @@ module Gitlab
       end
 
       def allowed_for?(user, level)
-        user.is_admin? || allowed_level?(level)
+        user.is_admin? || allowed_level?(level.to_i)
       end
 
-      # Level can be a string `"public"` or a value `20`, first check if valid,
-      # then check if the corresponding string appears in the config
+      # Return true if the specified level is allowed for the current user.
+      # Level should be a numeric value, e.g. `20`.
       def allowed_level?(level)
-        if options.has_key?(level.to_s)
-          non_restricted_level?(level)
-        elsif options.has_value?(level.to_i)
-          non_restricted_level?(options.key(level.to_i).downcase)
-        end
+        valid_level?(level) && non_restricted_level?(level)
       end
 
       def non_restricted_level?(level)
-        ! Gitlab.config.gitlab.restricted_visibility_levels.include?(level)
+        ! current_application_settings.restricted_visibility_levels.include?(level)
+      end
+
+      def valid_level?(level)
+        options.has_value?(level)
       end
     end