Create Administration menu for group admins

Move "SAML SSO", "Usage Quotas", and "Billing" from "Settings" menu to "Administration" menu

Create Administration menu for group admins
Move "SAML SSO", "Usage Quotas", and "Billing" from "Settings" menu to "Administration" menu
3a8e081e · peterhegman · 980ae4af · 3a8e081e · 3a8e081e · 3a8e081e
Commit 3a8e081e authored Mar 25, 2020 by peterhegman
8 changed files
--- a/app/views/layouts/nav/sidebar/_group.html.haml
+++ b/app/views/layouts/nav/sidebar/_group.html.haml
@@ -161,5 +161,6 @@
                  = _('CI / CD')
            = render_if_exists "groups/ee/settings_nav"
+        = render_if_exists "groups/ee/administration_nav"
    = render 'shared/sidebar_toggle_button'
--- a/ee/app/helpers/ee/groups_helper.rb
+++ b/ee/app/helpers/ee/groups_helper.rb
@@ -11,13 +11,8 @@ module EE
        .count
    end
-    override :group_nav_link_paths
+    def group_administration_nav_link_paths
-    def group_nav_link_paths
+      %w[saml_providers#show usage_quotas#index billings#index]
-      if ::Gitlab::CurrentSettings.should_check_namespace_plan? && can?(current_user, :admin_group, @group)
-        super + %w[billings#index saml_providers#show]
-      else
-        super
-      end
    end
    def size_limit_message_for_group(group)
@@ -86,6 +81,32 @@ module EE
      can?(current_user, :read_group_activity_analytics, @group)
    end
+    def show_usage_quotas_in_sidebar?
+      License.feature_available?(:usage_quotas)
+    end
+    def show_billing_in_sidebar?
+      ::Gitlab::CurrentSettings.should_check_namespace_plan?
+    end
+    def show_administration_nav?(group)
+      group_sidebar_link?(:administration) &&
+      group.parent.nil? &&
+      (
+        show_saml_in_sidebar?(group) ||
+        show_usage_quotas_in_sidebar? ||
+        show_billing_in_sidebar?
+      )
+    end
+    def administration_nav_path(group)
+      return group_saml_providers_path(group) if show_saml_in_sidebar?(group)
+      return group_usage_quotas_path(group) if show_usage_quotas_in_sidebar?
+      group_billings_path(group) if show_billing_in_sidebar?
+    end
    private
    def get_group_sidebar_links
@@ -103,6 +124,10 @@ module EE
        links << :epics
      end
+      if can?(current_user, :admin_group, @group)
+        links << :administration
+      end
      if @group.feature_available?(:issues_analytics)
        links << :analytics
      end

--- a/ee/app/views/groups/ee/_administration_nav.html.haml
+++ b/ee/app/views/groups/ee/_administration_nav.html.haml
+- return unless show_administration_nav?(@group)
+= nav_link(path: group_administration_nav_link_paths) do
+  = link_to administration_nav_path(@group) do
+    .nav-icon-container
+      = sprite_icon('admin')
+    %span.nav-item-name.qa-group-settings-item
+      = _('Administration')
+  %ul.sidebar-sub-level-items.qa-group-sidebar-submenu
+    = nav_link(path: group_administration_nav_link_paths, html_options: { class: "fly-out-top-item" } ) do
+      = link_to administration_nav_path(@group) do
+        %strong.fly-out-top-item-name
+          = _('Administration')
+    %li.divider.fly-out-top-item
+    - if show_saml_in_sidebar?(@group)
+      = nav_link(path: 'saml_providers#show') do
+        = link_to group_saml_providers_path(@group), title: _('SAML SSO'), class: 'qa-group-saml-sso-link' do
+          %span
+            = _('SAML SSO')
+    - if show_usage_quotas_in_sidebar?
+      = nav_link(path: 'usage_quotas#index') do
+        = link_to group_usage_quotas_path(@group), title: s_('UsageQuota|Usage Quotas') do
+          %span
+            = s_('UsageQuota|Usage Quotas')
+    - if show_billing_in_sidebar?
+      = nav_link(path: 'billings#index') do
+        = link_to group_billings_path(@group), title: _('Billing') do
+          %span
+            = _('Billing')
--- a/ee/app/views/groups/ee/_settings_nav.html.haml
+++ b/ee/app/views/groups/ee/_settings_nav.html.haml
@@ -4,12 +4,6 @@
      %span
        LDAP Synchronization
- if show_saml_in_sidebar?(@group)
-  = nav_link(path: 'saml_providers#show') do
-    = link_to group_saml_providers_path(@group), title: 'SAML SSO', class: 'qa-group-saml-sso-link' do
-      %span
-        SAML SSO
 - if @group.feature_available?(:group_webhooks) || show_promotions?
  = nav_link(path: 'hooks#index') do
    = link_to group_hooks_path(@group), title: 'Webhooks' do
@@ -21,16 +15,3 @@
    = link_to group_audit_events_path(@group), title: 'Audit Events', data: { qa_selector: 'audit_events_settings_link' } do
      %span
        Audit Events
-# Check if this is not a sub group
- if License.feature_available?(:usage_quotas) && @group.parent.nil?
-  = nav_link(path: 'usage_quota#index') do
-    = link_to group_usage_quotas_path(@group), title: s_('UsageQuota|Usage Quotas') do
-      %span
-        = s_('UsageQuota|Usage Quotas')
- if Gitlab::CurrentSettings.should_check_namespace_plan?
-  = nav_link(path: 'billings#index') do
-    = link_to group_billings_path(@group), title: 'Billing' do
-      %span
-        Billing
--- a/ee/spec/features/groups/navbar_spec.rb
+++ b/ee/spec/features/groups/navbar_spec.rb
@@ -73,6 +73,31 @@ describe 'Group navbar' do
      group.add_owner(user)
      insert_after_nav_item(_('Members'), new_nav_item: settings_nav_item)
+      insert_after_nav_item(_('Settings'), new_nav_item: administration_nav_item)
+      visit group_path(group)
+    end
+    it_behaves_like 'verified navigation bar'
+  end
+  context 'when SAML SSO is available' do
+    before do
+      stub_licensed_features(group_saml: true)
+      group.add_owner(user)
+      insert_after_nav_item(_('Members'), new_nav_item: settings_nav_item)
+      insert_after_nav_item(
+        _('Settings'),
+        new_nav_item: {
+          nav_item: _('Administration'),
+          nav_sub_items: [
+            _('SAML SSO'),
+            s_('UsageQuota|Usage Quotas')
+          ]
+        }
+      )
      visit group_path(group)
    end
@@ -98,6 +123,7 @@ describe 'Group navbar' do
      )
      insert_after_nav_item(_('Members'), new_nav_item: settings_nav_item)
+      insert_after_nav_item(_('Settings'), new_nav_item: administration_nav_item)
      visit group_path(group)
    end

--- a/ee/spec/helpers/ee/groups_helper_spec.rb
+++ b/ee/spec/helpers/ee/groups_helper_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'
 describe GroupsHelper do
+  using RSpec::Parameterized::TableSyntax
  let(:owner) { create(:user, group_view: :security_dashboard) }
  let(:current_user) { owner }
  let(:group) { create(:group, :private) }
@@ -171,4 +173,110 @@ describe GroupsHelper do
      end
    end
  end
+  describe '#show_usage_quotas_in_sidebar?' do
+    where(:usage_quotas_feature_available?, :expected) do
+      true  | true
+      false | false
+    end
+    with_them do
+      it do
+        stub_licensed_features(usage_quotas: usage_quotas_feature_available?)
+        expect(helper.show_usage_quotas_in_sidebar?).to eq(expected)
+      end
+    end
+  end
+  describe '#show_billing_in_sidebar?' do
+    where(:should_check_namespace_plan_return_value, :expected) do
+      true  | true
+      false | false
+    end
+    with_them do
+      it do
+        allow(::Gitlab::CurrentSettings).to receive(:should_check_namespace_plan?).and_return(should_check_namespace_plan_return_value)
+        expect(helper.show_billing_in_sidebar?).to eq(expected)
+      end
+    end
+  end
+  describe '#show_administration_nav?' do
+    context 'when user does not have admin_group permissions' do
+      before do
+        allow(helper).to receive(:can?).and_return(true)
+        allow(helper).to receive(:can?).with(current_user, :admin_group, group).and_return(false)
+      end
+      it 'returns false' do
+        expect(helper.show_administration_nav?(group)).to be false
+      end
+    end
+    context 'when user has admin_group permissions' do
+      before do
+        allow(helper).to receive(:can?).and_return(false)
+        allow(helper).to receive(:can?).with(current_user, :admin_group, group).and_return(true)
+      end
+      it 'returns true' do
+        allow(helper).to receive(:show_saml_in_sidebar?).with(group).and_return(true)
+        expect(helper.show_administration_nav?(group)).to be true
+      end
+      it 'returns false for a subgroup' do
+        subgroup = create(:group, :private, parent: group)
+        expect(helper.show_administration_nav?(subgroup)).to be false
+      end
+    end
+  end
+  describe '#administration_nav_path' do
+    context 'when SAML providers feature is available' do
+      before do
+        allow(helper).to receive(:show_saml_in_sidebar?).with(group).and_return(true)
+      end
+      it 'returns path to SAML providers' do
+        expect(helper.administration_nav_path(group)).to eq(group_saml_providers_path(group))
+      end
+    end
+    context 'when SAML providers feature is not available' do
+      before do
+        allow(helper).to receive(:show_saml_in_sidebar?).with(group).and_return(false)
+      end
+      context 'and usage quotas feature is available' do
+        before do
+          allow(helper).to receive(:show_usage_quotas_in_sidebar?).and_return(true)
+        end
+        it 'returns path to usage quotas' do
+          expect(helper.administration_nav_path(group)).to eq(group_usage_quotas_path(group))
+        end
+      end
+      context 'and usage quotas feature is not available' do
+        before do
+          allow(helper).to receive(:show_usage_quotas_in_sidebar?).and_return(false)
+        end
+        context 'and billing feature is available' do
+          before do
+            allow(helper).to receive(:show_billing_in_sidebar?).and_return(true)
+          end
+          it 'returns path to billing' do
+            expect(helper.administration_nav_path(group)).to eq(group_billings_path(group))
+          end
+        end
+      end
+    end
+  end
 end
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -1564,6 +1564,9 @@ msgstr ""
 msgid "AdminUsers|You are about to permanently delete the user %{username}. This will delete all of the issues, merge requests, and groups linked to them. To avoid data loss, consider using the %{strong_start}block user%{strong_end} feature instead. Once you %{strong_start}Delete user%{strong_end}, it cannot be undone or recovered."
 msgstr ""
+msgid "Administration"
+msgstr ""
 msgid "Advanced"
 msgstr ""
@@ -7347,9 +7350,6 @@ msgstr ""
 msgid "Email display name"
 msgstr ""
-msgid "Email domain is not editable in subgroups. Value inherited from top-level parent group."
-msgstr ""
 msgid "Email not verified. Please verify your email in Salesforce."
 msgstr ""
@@ -10637,9 +10637,6 @@ msgstr ""
 msgid "IP Address"
 msgstr ""
-msgid "IP address restriction is not editable in subgroups. Value inherited from top-level parent group."
-msgstr ""
 msgid "IP subnet restriction only allowed for top-level groups"
 msgstr ""
@@ -13429,9 +13426,6 @@ msgstr ""
 msgid "No thanks, don't show this again"
 msgstr ""
-msgid "No value set by top-level parent group."
-msgstr ""
 msgid "No vulnerabilities found for this group"
 msgstr ""

--- a/spec/support/shared_contexts/navbar_structure_context.rb
+++ b/spec/support/shared_contexts/navbar_structure_context.rb
@@ -121,8 +121,16 @@ RSpec.shared_context 'group navbar structure' do
        _('Projects'),
        _('CI / CD'),
        _('Webhooks'),
-        _('Audit Events'),
+        _('Audit Events')
-        _('Usage Quotas')
+      ]
+    }
+  end
+  let(:administration_nav_item) do
+    {
+      nav_item: _('Administration'),
+      nav_sub_items: [
+        s_('UsageQuota|Usage Quotas')
      ]
    }
  end