Merge branch '235558-rename-navigation-item' into 'master'

Expose Project Security Dashboard under new Vulnerability Report route See merge request gitlab-org/gitlab!44903

Merge branch '235558-rename-navigation-item' into 'master'
Expose Project Security Dashboard under new Vulnerability Report route See merge request gitlab-org/gitlab!44903
1e00b47b · Mark Florian · 441ea69a · 10b4d6a9 · 1e00b47b · 1e00b47b
Commit 1e00b47b authored Oct 26, 2020 by Mark Florian
5 changed files
--- a/ee/app/assets/javascripts/pages/projects/security/vulnerability_report/index.js
+++ b/ee/app/assets/javascripts/pages/projects/security/vulnerability_report/index.js
+import initFirstClassSecurityDashboard from 'ee/security_dashboard/first_class_init';
+import { DASHBOARD_TYPES } from 'ee/security_dashboard/store/constants';
+initFirstClassSecurityDashboard(
+  document.getElementById('js-security-report-app'),
+  DASHBOARD_TYPES.PROJECT,
+);
--- a/ee/app/controllers/projects/security/vulnerability_report_controller.rb
+++ b/ee/app/controllers/projects/security/vulnerability_report_controller.rb
+# frozen_string_literal: true
+module Projects
+  module Security
+    class VulnerabilityReportController < Projects::ApplicationController
+      include SecurityDashboardsPermissions
+      feature_category :vulnerability_management
+      alias_method :vulnerable, :project
+    end
+  end
+end
--- a/ee/app/views/projects/security/vulnerability_report/index.html.haml
+++ b/ee/app/views/projects/security/vulnerability_report/index.html.haml
+- breadcrumb_title _("Vulnerability Report")
+- page_title _("Vulnerability Report")
+#js-security-report-app{ data: project_security_dashboard_config(@project) }
--- a/ee/config/routes/project.rb
+++ b/ee/config/routes/project.rb
@@ -55,6 +55,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
          end
          resources :dashboard, only: [:index], controller: :dashboard
+          resources :vulnerability_report, only: [:index], controller: :vulnerability_report
          resource :configuration, only: [:show], controller: :configuration do
            post :auto_fix, on: :collection

--- a/ee/spec/controllers/projects/security/vulnerability_report_controller_spec.rb
+++ b/ee/spec/controllers/projects/security/vulnerability_report_controller_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+RSpec.describe Projects::Security::VulnerabilityReportController do
+  let_it_be(:group)   { create(:group) }
+  let_it_be(:project) { create(:project, :repository, :public, namespace: group) }
+  let_it_be(:user)    { create(:user) }
+  it_behaves_like SecurityDashboardsPermissions do
+    let(:vulnerable) { project }
+    let(:security_dashboard_action) do
+      get :index, params: { namespace_id: project.namespace, project_id: project }
+    end
+  end
+  before do
+    group.add_developer(user)
+    stub_licensed_features(security_dashboard: true)
+  end
+  describe 'GET #index' do
+    let(:pipeline) { create(:ci_pipeline, sha: project.commit.id, project: project, user: user) }
+    render_views
+    def show_security_dashboard(current_user = user)
+      sign_in(current_user)
+      get :index, params: { namespace_id: project.namespace, project_id: project }
+    end
+    context 'when project has no vulnerabilities' do
+      it 'renders empty state' do
+        show_security_dashboard
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response).to render_template(:index)
+        expect(response.body).to have_css('div#js-security-report-app[data-has-vulnerabilities="false"]')
+      end
+    end
+    context 'when project has vulnerabilities' do
+      before do
+        create(:vulnerability, project: project)
+      end
+      it 'renders dashboard with vulnerability metadata' do
+        show_security_dashboard
+        expect(response).to have_gitlab_http_status(:ok)
+        expect(response).to render_template(:index)
+        expect(response.body).to have_css('div#js-security-report-app[data-has-vulnerabilities="true"]')
+      end
+    end
+  end
+end