Merge branch '235558-rename-navigation-item' into 'master'

Expose Project Security Dashboard under new Vulnerability Report route

See merge request gitlab-org/gitlab!44903

ee/app/assets/javascripts/pages/projects/security/vulnerability_report/index.js

+import initFirstClassSecurityDashboard from 'ee/security_dashboard/first_class_init';
+import { DASHBOARD_TYPES } from 'ee/security_dashboard/store/constants';
+
+initFirstClassSecurityDashboard(
+  document.getElementById('js-security-report-app'),
+  DASHBOARD_TYPES.PROJECT,
+);

ee/app/controllers/projects/security/vulnerability_report_controller.rb

+# frozen_string_literal: true
+
+module Projects
+  module Security
+    class VulnerabilityReportController < Projects::ApplicationController
+      include SecurityDashboardsPermissions
+
+      feature_category :vulnerability_management
+
+      alias_method :vulnerable, :project
+    end
+  end
+end

ee/app/views/projects/security/vulnerability_report/index.html.haml

+- breadcrumb_title _("Vulnerability Report")
+- page_title _("Vulnerability Report")
+
+#js-security-report-app{ data: project_security_dashboard_config(@project) }

ee/config/routes/project.rb

@@ -55,6 +55,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
           end
 
           resources :dashboard, only: [:index], controller: :dashboard
+          resources :vulnerability_report, only: [:index], controller: :vulnerability_report
 
           resource :configuration, only: [:show], controller: :configuration do
             post :auto_fix, on: :collection

ee/spec/controllers/projects/security/vulnerability_report_controller_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Projects::Security::VulnerabilityReportController do
+  let_it_be(:group)   { create(:group) }
+  let_it_be(:project) { create(:project, :repository, :public, namespace: group) }
+  let_it_be(:user)    { create(:user) }
+
+  it_behaves_like SecurityDashboardsPermissions do
+    let(:vulnerable) { project }
+
+    let(:security_dashboard_action) do
+      get :index, params: { namespace_id: project.namespace, project_id: project }
+    end
+  end
+
+  before do
+    group.add_developer(user)
+    stub_licensed_features(security_dashboard: true)
+  end
+
+  describe 'GET #index' do
+    let(:pipeline) { create(:ci_pipeline, sha: project.commit.id, project: project, user: user) }
+
+    render_views
+
+    def show_security_dashboard(current_user = user)
+      sign_in(current_user)
+      get :index, params: { namespace_id: project.namespace, project_id: project }
+    end
+
+    context 'when project has no vulnerabilities' do
+      it 'renders empty state' do
+        show_security_dashboard
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response).to render_template(:index)
+        expect(response.body).to have_css('div#js-security-report-app[data-has-vulnerabilities="false"]')
+      end
+    end
+
+    context 'when project has vulnerabilities' do
+      before do
+        create(:vulnerability, project: project)
+      end
+
+      it 'renders dashboard with vulnerability metadata' do
+        show_security_dashboard
+
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response).to render_template(:index)
+        expect(response.body).to have_css('div#js-security-report-app[data-has-vulnerabilities="true"]')
+      end
+    end
+  end
+end