Adds the security dashboard link

app/helpers/groups_helper.rb

@@ -3,6 +3,15 @@
 module GroupsHelper
   prepend EE::GroupsHelper
 
+  def group_overview_nav_link_paths
+    %w[
+      groups#show
+      groups#activity
+      groups#subgroups
+      analytics#show
+    ]
+  end
+
   def group_nav_link_paths
     %w[groups#projects groups#edit badges#index ci_cd#show ldap_group_links#index hooks#index audit_events#index pipeline_quota#index]
   end

app/views/layouts/nav/sidebar/_group.html.haml

@@ -12,7 +12,7 @@
           = @group.name
     %ul.sidebar-top-level-items.qa-group-sidebar
       - if group_sidebar_link?(:overview)
-        = nav_link(path: ['groups#show', 'groups#activity', 'groups#subgroups', 'analytics#show'], html_options: { class: 'home' }) do
+        = nav_link(path: group_overview_nav_link_paths, html_options: { class: 'home' }) do
           = link_to group_path(@group) do
             .nav-icon-container
               = sprite_icon('home')
@@ -36,13 +36,15 @@
                   %span
                     = _('Activity')
 
+            = render_if_exists 'groups/sidebar/security_dashboard'
+
             - if group_sidebar_link?(:contribution_analytics)
               = nav_link(path: 'analytics#show') do
                 = link_to group_analytics_path(@group), title: 'Contribution Analytics', data: {placement: 'right'} do
                   %span
                     Contribution Analytics
 
-      = render "layouts/nav/ee/epic_link", group: @group
+      = render_if_exists "layouts/nav/ee/epic_link", group: @group
 
       - if group_sidebar_link?(:issues)
         = nav_link(path: issues_sub_menu_items) do
@@ -140,6 +142,6 @@
                 %span
                   = _('CI / CD')
 
-            = render "groups/ee/settings_nav"
+            = render_if_exists "groups/ee/settings_nav"
 
     = render 'shared/sidebar_toggle_button'

ee/app/controllers/groups/security/application_controller.rb

+# frozen_string_literal: true
+class Groups::Security::ApplicationController < Groups::ApplicationController
+  before_action :ensure_security_dashboard_feature_enabled
+  before_action :authorize_read_group_security_dashboard!
+
+  private
+
+  def ensure_security_dashboard_feature_enabled
+    render_404 unless @group.feature_available?(:security_dashboard)
+  end
+
+  def authorize_read_group_security_dashboard!
+    render_403 unless can?(current_user, :read_group_security_dashboard, group)
+  end
+end

ee/app/controllers/groups/security/dashboard_controller.rb

 # frozen_string_literal: true
-class Groups::Security::DashboardController < Groups::ApplicationController
-  before_action :group
-
+class Groups::Security::DashboardController < Groups::Security::ApplicationController
   layout 'group'
-
-  # Redirecting back to the group path till the page is ready
-  def show
-    redirect_to group_path(@group)
-  end
 end

ee/app/controllers/groups/security/vulnerabilities_controller.rb

 # frozen_string_literal: true
-class Groups::Security::VulnerabilitiesController < Groups::ApplicationController
-  before_action :ensure_security_dashboard_feature_enabled
-  before_action :authorize_read_group_security_dashboard!
-
+class Groups::Security::VulnerabilitiesController < Groups::Security::ApplicationController
   def index
     @vulnerabilities = group.all_vulnerabilities.ordered
       .page(params[:page])
@@ -24,14 +21,4 @@ class Groups::Security::VulnerabilitiesController < Groups::ApplicationControlle
       end
     end
   end
-
-  private
-
-  def ensure_security_dashboard_feature_enabled
-    render_404 unless @group.feature_available?(:security_dashboard)
-  end
-
-  def authorize_read_group_security_dashboard!
-    render_403 unless can?(current_user, :read_group_security_dashboard, group)
-  end
 end

ee/app/helpers/ee/groups_helper.rb

@@ -2,6 +2,11 @@ module EE
   module GroupsHelper
     extend ::Gitlab::Utils::Override
 
+    override :group_overview_nav_link_paths
+    def group_overview_nav_link_paths
+      super + %w(groups/security/dashboard#show)
+    end
+
     override :group_nav_link_paths
     def group_nav_link_paths
       if ::Gitlab::CurrentSettings.should_check_namespace_plan? && can?(current_user, :admin_group, @group)

ee/app/views/groups/sidebar/_security_dashboard.html.haml

+- if can?(current_user, :read_group_security_dashboard, @group)
+  = nav_link(path: 'groups/security/dashboard#show') do
+    = link_to group_security_dashboard_path(@group), title: _('Security Dashboard') do
+      %span= _('Security Dashboard')

ee/app/views/projects/sidebar/_security_dashboard.html.haml

-- return unless can?(current_user, :read_project_security_dashboard, @project)
-
-= nav_link(path: 'projects/security/dashboard#show') do
+- if can?(current_user, :read_project_security_dashboard, @project)
+  = nav_link(path: 'projects/security/dashboard#show') do
     = link_to project_security_dashboard_path(@project), title: _('Security Dashboard'), class: 'shortcuts-project-security-dashboard' do
       %span= _('Security Dashboard')

ee/changelogs/unreleased/add-security-dashboard-link.yml

+---
+title: Adds the security dashboard link
+merge_request: 7974
+author:
+type: other

ee/spec/views/layouts/nav/sidebar/_group.html.haml_spec.rb

@@ -64,4 +64,26 @@ describe 'layouts/nav/sidebar/_group' do
       end
     end
   end
+
+  describe 'security dashboard tab' do
+    it 'is visible when user has enough permission' do
+      allow(view).to receive(:can?)
+        .with(anything, :read_group_security_dashboard, anything)
+        .and_return(true)
+
+      render
+
+      expect(rendered).to have_text 'Security Dashboard'
+    end
+
+    it 'is not visible when user does not have enough permission' do
+      allow(view).to receive(:can?)
+        .with(anything, :read_group_security_dashboard, anything)
+        .and_return(false)
+
+      render
+
+      expect(rendered).not_to have_text 'Security Dashboard'
+    end
+  end
 end