Connect service with controller

Fix tests

Connect service with controller
Fix tests
84ca0047 · can eldem · b6527e94 · 84ca0047 · 84ca0047 · 84ca0047
Commit 84ca0047 authored Mar 04, 2021 by can eldem
8 changed files
--- a/ee/app/controllers/projects/security/policies_controller.rb
+++ b/ee/app/controllers/projects/security/policies_controller.rb
@@ -7,16 +7,37 @@ module Projects

      before_action do
        push_frontend_feature_flag(:security_orchestration_policies_configuration, project)
+        check_permissions!
      end

      feature_category :security_orchestration

      def show
-        render_404 unless Feature.enabled?(:security_orchestration_policies_configuration, project) && can?(current_user, :security_orchestration_policies, project)
+        @assigned_policy_id = project&.security_orchestration_policy_configuration&.security_policy_management_project_id
+
+        render :show
      end

      def assign
-        # TODO: Assign project once #321531 is complete
+        result = ::Security::Orchestration::AssignService.new(project, nil, policy_project_id: policy_project_params[:policy_project_id]).execute
+
+        if result.success?
+          flash[:notice] = _('Successfull')
+        else
+          flash[:alert] = result.message
+        end
+
+        redirect_to project_security_policy_url(project)
+      end
+
+      private
+
+      def check_permissions!
+        render_404 unless Feature.enabled?(:security_orchestration_policies_configuration, project) && can?(current_user, :security_orchestration_policies, project)
+      end
+
+      def policy_project_params
+        params.require(:orchestration).permit(:policy_project_id)
      end
    end
  end

--- a/ee/app/services/security/orchestration/assign_service.rb
+++ b/ee/app/services/security/orchestration/assign_service.rb
@@ -9,9 +9,9 @@ module Security
        return success if res

      rescue ActiveRecord::RecordNotFound => _
-        error('Policy project doesn\'t exists')
+        error(_('Policy project doesn\'t exists'))
      rescue ActiveRecord::RecordInvalid => _
-        error('Couldn\'t assign policy to project')
+        error(_('Couldn\'t assign policy to project'))
      end

      private

--- a/ee/app/views/projects/security/policies/show.html.haml
+++ b/ee/app/views/projects/security/policies/show.html.haml
@@ -6,8 +6,8 @@
  %h4
    = s_('SecurityOrchestration|Security policy project')
  %p
-    = project_select_tag('orchestration[management_project_id]', class: 'hidden-filter-value', toggle_class: 'js-project-search js-project-filter js-filter-submit', dropdown_class: 'dropdown-menu-selectable dropdown-menu-project js-filter-submit',
-        placeholder: _('Select project'), idAttribute: 'id', data: { order_by: 'last_activity_at', idattribute: 'id', simple_filter: true, allow_clear: true, include_groups: false, include_projects_in_subgroups: true, user_id: current_user.id }, value: 123)
+    = project_select_tag('orchestration[policy_project_id]', class: 'hidden-filter-value', toggle_class: 'js-project-search js-project-filter js-filter-submit', dropdown_class: 'dropdown-menu-selectable dropdown-menu-project js-filter-submit',
+        placeholder: _('Select project'), idAttribute: 'id', data: { order_by: 'last_activity_at', idattribute: 'id', simple_filter: true, allow_clear: true, include_groups: false, include_projects_in_subgroups: true, user_id: current_user.id }, value: @assigned_policy_id)
    .text-muted
      = html_escape(s_('SecurityOrchestration|A security policy project can be used enforce policies for a given project, group, or instance. It allows you to speficy security policies that are important to you  and enforce them with every commit.')) % { code_open: '<code>'.html_safe, code_close: '</code>'.html_safe }
      = link_to _('More information'), help_page_path('user/project/clusters/protect/container_network_security/quick_start_guide'), target: '_blank'

--- a/ee/spec/helpers/projects_helper_spec.rb
+++ b/ee/spec/helpers/projects_helper_spec.rb
@@ -229,6 +229,7 @@ RSpec.describe ProjectsHelper do
        projects/threat_monitoring#new
        projects/threat_monitoring#edit
        projects/threat_monitoring#alert_details
+        projects/security/policies#show
        projects/audit_events#index
      ]
    end

--- a/ee/spec/requests/projects/security/policies_controller_spec.rb
+++ b/ee/spec/requests/projects/security/policies_controller_spec.rb
@@ -36,4 +36,26 @@ RSpec.describe Projects::Security::PoliciesController, type: :request do
      end
    end
  end
+
+  context 'assign action' do
+    let_it_be(:policy_project, reload: true) { create(:project) }
+
+    before do
+      stub_feature_flags(security_orchestration_policies_configuration: true)
+      stub_licensed_features(security_orchestration_policies: true)
+    end
+
+    it 'assigns policy project to project' do
+      post assign_project_security_policy_url(project), params: { orchestration: { policy_project_id: policy_project.id } }
+
+      expect(response).to redirect_to(project_security_policy_url(project))
+      expect(project.security_orchestration_policy_configuration.security_policy_management_project_id).to eq(policy_project.id)
+    end
+
+    it 'returns error message for invalid input' do
+      post assign_project_security_policy_url(project), params: { orchestration: { policy_project_id: nil } }
+
+      expect(flash[:alert]).to eq 'Policy project doesn\'t exists'
+    end
+  end
 end
--- a/ee/spec/services/security/orchestration/assign_service_spec.rb
+++ b/ee/spec/services/security/orchestration/assign_service_spec.rb
@@ -29,7 +29,6 @@ RSpec.describe Security::Orchestration::AssignService do
      service

      repeated_service = described_class.new(another_project, nil, policy_project_id: policy_project.id).execute
-
      expect(repeated_service).to be_error
    end


--- a/ee/spec/views/projects/security/policies/show.html.haml_spec.rb
+++ b/ee/spec/views/projects/security/policies/show.html.haml_spec.rb
@@ -17,7 +17,7 @@ RSpec.describe "projects/security/policies/show", type: :view do
  it 'renders the default state' do
    expect(rendered).to have_selector('h2')
    expect(rendered).to have_selector('h4')
-    expect(response).to have_css('input[id=orchestration_management_project_id]', visible: false)
+    expect(response).to have_css('input[id=orchestration_policy_project_id]', visible: false)
    expect(rendered).to have_button('Save changes')
  end
 end
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -8530,6 +8530,9 @@ msgstr ""
 msgid "Could not upload your designs as one or more files uploaded are not supported."
 msgstr ""

+msgid "Couldn't assign policy to project"
+msgstr ""
+
 msgid "Country"
 msgstr ""

@@ -22658,6 +22661,9 @@ msgstr ""
 msgid "Point to any links you like: documentation, built binaries, or other related materials. These can be internal or external links from your GitLab instance. Duplicate URLs are not allowed."
 msgstr ""

+msgid "Policy project doesn't exists"
+msgstr ""
+
 msgid "Pre-defined push rules."
 msgstr ""

@@ -28854,6 +28860,9 @@ msgstr ""
 msgid "Successful purchase image"
 msgstr ""

+msgid "Successfull"
+msgstr ""
+
 msgid "Successfully activated"
 msgstr ""