Merge branch 'buyer-experience-211-bizable' into 'master'

Add Bizible script to sign up pages

See merge request gitlab-org/gitlab!76589

app/controllers/concerns/bizible_csp.rb

+# frozen_string_literal: true
+
+module BizibleCSP
+  extend ActiveSupport::Concern
+
+  included do
+    content_security_policy do |policy|
+      next unless helpers.bizible_enabled? || policy.directives.present?
+
+      default_script_src = policy.directives['script-src'] || policy.directives['default-src']
+      script_src_values = Array.wrap(default_script_src) | ["'unsafe-eval'", 'https://cdn.bizible.com/scripts/bizible.js']
+      policy.script_src(*script_src_values)
+    end
+  end
+end

app/controllers/registrations_controller.rb

@@ -6,6 +6,7 @@ class RegistrationsController < Devise::RegistrationsController
   include RecaptchaHelper
   include InvisibleCaptchaOnSignup
   include OneTrustCSP
+  include BizibleCSP
 
   layout 'devise'
 

app/controllers/sessions_controller.rb

@@ -10,6 +10,7 @@ class SessionsController < Devise::SessionsController
   include KnownSignIn
   include Gitlab::Utils::StrongMemoize
   include OneTrustCSP
+  include BizibleCSP
 
   skip_before_action :check_two_factor_requirement, only: [:destroy]
   skip_before_action :check_password_expiration, only: [:destroy]

app/helpers/bizible_helper.rb

+# frozen_string_literal: true
+
+module BizibleHelper
+  def bizible_enabled?
+    Feature.enabled?(:ecomm_instrumentation, type: :ops) &&
+      Gitlab.config.extra.has_key?('bizible') &&
+      Gitlab.config.extra.bizible.present? &&
+      Gitlab.config.extra.bizible == true
+  end
+end

app/views/devise/confirmations/almost_there.haml

@@ -4,6 +4,7 @@
 - content_for :page_specific_javascripts do
   = render "layouts/google_tag_manager_head"
   = render "layouts/one_trust"
+  = render "layouts/bizible"
 = render "layouts/google_tag_manager_body"
 
 .well-confirmation.gl-text-center.gl-mb-6

app/views/devise/registrations/new.html.haml

@@ -3,6 +3,7 @@
 - content_for :page_specific_javascripts do
   = render "layouts/google_tag_manager_head"
   = render "layouts/one_trust"
+  = render "layouts/bizible"
 = render "layouts/google_tag_manager_body"
 
 .signup-page

app/views/devise/sessions/new.html.haml

 - page_title _("Sign in")
 - content_for :page_specific_javascripts do
   = render "layouts/one_trust"
+  = render "layouts/bizible"
 
 #signin-container
   - if any_form_based_providers_enabled?

app/views/layouts/_bizible.html.haml

+- if bizible_enabled?
+  <!-- Bizible -->
+  = javascript_include_tag "https://cdn.bizible.com/scripts/bizible.js"
+  = javascript_tag nonce: content_security_policy_nonce do
+    :plain
+      const bizibleScript = document.createElement('script');
+      bizibleScript.src = 'https://cdn.bizible.com/scripts/bizible.js';
+      bizibleScript.nonce = '#{content_security_policy_nonce}'
+      bizibleScript.charset = 'UTF-8';
+      bizibleScript.defer = true;
+      document.head.appendChild(bizibleScript);
+
+      function OptanonWrapper() { }
+

app/views/registrations/welcome/show.html.haml

@@ -5,6 +5,7 @@
 - content_for :page_specific_javascripts do
   = render "layouts/google_tag_manager_head"
   = render "layouts/one_trust"
+  = render "layouts/bizible"
 = render "layouts/google_tag_manager_body"
 
 .row.gl-flex-grow-1

app/views/users/terms/index.html.haml

 - content_for :page_specific_javascripts do
   = render "layouts/google_tag_manager_head"
   = render "layouts/one_trust"
+  = render "layouts/bizible"
 = render "layouts/google_tag_manager_body"
 
 #js-terms-of-service{ data: { terms_data: terms_data(@term, @redirect) } }

config/gitlab.yml.example

@@ -1332,6 +1332,9 @@ production: &base
     ## OneTrust
     # one_trust_id: '_your_one_trust_id'
 
+    ## Bizible.
+    # bizible: true
+
     ## Matomo analytics.
     # matomo_url: '_your_matomo_url'
     # matomo_site_id: '_your_matomo_site_id'

ee/app/controllers/trial_registrations_controller.rb

@@ -4,6 +4,7 @@
 # TODO: namespace https://gitlab.com/gitlab-org/gitlab/-/issues/338394
 class TrialRegistrationsController < RegistrationsController
   include OneTrustCSP
+  include BizibleCSP
 
   layout 'minimal'
 

ee/app/views/trial_registrations/new.html.haml

@@ -3,6 +3,8 @@
 - content_for :page_specific_javascripts do
   = render "layouts/google_tag_manager_head"
   = render "layouts/one_trust"
+  = render "layouts/bizible"
+
 = render "layouts/google_tag_manager_body"
 
 .row

spec/features/users/bizible_csp_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'Bizible content security policy' do
+  before do
+    stub_config(extra: { one_trust_id: SecureRandom.uuid })
+  end
+
+  it 'has proper Content Security Policy headers' do
+    visit root_path
+
+    expect(response_headers['Content-Security-Policy']).to include('https://cdn.bizible.com/scripts/bizible.js')
+  end
+end

spec/helpers/bizible_helper_spec.rb

+# frozen_string_literal: true
+
+require "spec_helper"
+
+RSpec.describe BizibleHelper do
+  describe '#bizible_enabled?' do
+    before do
+      stub_config(extra: { bizible: SecureRandom.uuid })
+    end
+
+    context 'when bizible is disabled' do
+      before do
+        allow(helper).to receive(:bizible_enabled?).and_return(false)
+      end
+
+      it { is_expected.to be_falsey }
+    end
+
+    context 'when bizible is enabled' do
+      before do
+        allow(helper).to receive(:bizible_enabled?).and_return(true)
+      end
+
+      it { is_expected.to be_truthy }
+    end
+
+    subject(:bizible_enabled?) { helper.bizible_enabled? }
+
+    context 'with ecomm_instrumentation feature flag disabled' do
+      before do
+        stub_feature_flags(ecomm_instrumentation: false)
+      end
+
+      it { is_expected.to be_falsey }
+    end
+
+    context 'with ecomm_instrumentation feature flag enabled' do
+      context 'when no id is set' do
+        before do
+          stub_config(extra: {})
+        end
+
+        it { is_expected.to be_falsey }
+      end
+    end
+  end
+end