Select default Service Desk ticket visibility

Marc Saleikorequested to merge
ms/service-desk/tickets-confidentiality into master

What does this MR do and why?

Contributes to #33091 (closed)

We received feedback that the first action agents perform on a Service Desk ticket is to mark it as non-confidential. This is the first of three MRs that aim to add a setting that allows to set the default confidentiality of Service Desk tickets. The default will stay confidential. Maintainers can set this setting to non-confidential|public but only if the project is either private or internal so we don't expose newly created tickets to the public.

Planned MRs

  1. 🎯 Add DB field and logic
  2. Add field to API controller
  3. Add field to frontend Service Desk settings

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

🚫 backend only

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. If you haven't set up incoming_email or service_desk_email for email ingestion, please add this to your gitlab.yml file in the development: section. Please restart GDK with gdk restart: 
    incoming_email:
  enabled: true
  address: "incoming+%{key}@example.com"
    This will allow you to see the Service Desk section in the settings and generate project-specific email addresses. You won't be able to ingest real emails, but we don't need that here.
  2. Select a project and enable the feature flag for issue_email_participants. 
    project = Project.find(5) # Use a PRIVATE project please
puts "project #{project.name} is public? #{project.public?} should be false."

Feature.enable(:service_desk_tickets_confidentiality, project)
  3. Ingest a sample email which will create an issue in the selected project. 
    service_desk_address = project.service_desk_incoming_address

email_raw = <<~EMAIL
To: #{service_desk_address}
From: user@example.com
Subject: Confidential SD issue

This should create a new confidential issue.
EMAIL

EmailReceiverWorker.new.perform(email_raw)
  4. Because the setting tickets_confidential_by_default is set to true by default, all new Service Desk tickets will be confidential. The ingested email from step 2 created an issue. Let's fetch this and check whether it's confidential (current behavior). 
    issue = Issue.last
puts "#{issue.title}: confidential? #{issue.confidential?} should be true"
  5. Now set the setting to false, so new tickets will be public for non-public projects. 
    ServiceDeskSettings::UpdateService.new(project, User.first, tickets_confidential_by_default: false).execute
  6. Repeat steps 3) and 4) or use this modified snippet. This time the new issue shouldn't be confidential. 
    email_raw = <<~EMAIL
To: #{service_desk_address}
From: user@example.com
Subject: Non-confidential SD issue

This should create a new public issue.
EMAIL

EmailReceiverWorker.new.perform(email_raw)

issue = Issue.last
puts "#{issue.title}: confidential? #{issue.confidential?} should be false"
  7. Now select a project that is public. You can use this modified snippet or the steps above. Tickets in public projects should always be confidential. 
    public_project = Project.find(7) # Use a PUBLIC project please
puts "project #{public_project.name} is public? #{public_project.public?} should be true."

Feature.enable(:service_desk_tickets_confidentiality, public_project)

ServiceDeskSettings::UpdateService.new(public_project, User.first, tickets_confidential_by_default: false).execute

service_desk_address = public_project.service_desk_incoming_address

email_raw = <<~EMAIL
To: #{service_desk_address}
From: user@example.com
Subject: Confidential SD issue

This should create a new confidential issue although the setting says it should not be confidential.
EMAIL

EmailReceiverWorker.new.perform(email_raw)

issue = Issue.last
puts "#{issue.title}: confidential? #{issue.confidential?} should be true"
  8. (Optional) Rollback project and FF changes: 
    ServiceDeskSettings::UpdateService.new(project, User.first, tickets_confidential_by_default: true).execute
ServiceDeskSettings::UpdateService.new(public_project, User.first, tickets_confidential_by_default: true).execute

Feature.disable(:service_desk_tickets_confidentiality, project)
Feature.disable(:service_desk_tickets_confidentiality, public_project)
Edited by Marc Saleiko

Merge request reports