Fix Project Security Dasbhoard

aca3c900 · Olivier Gonzalez · Grzegorz Bizon · c5f8a7df · aca3c900 · aca3c900
Commit aca3c900 authored Oct 29, 2018 by Olivier Gonzalez Committed by Grzegorz Bizon Oct 29, 2018
6 changed files
--- a/ee/app/controllers/projects/security/dashboard_controller.rb
+++ b/ee/app/controllers/projects/security/dashboard_controller.rb
@@ -5,7 +5,8 @@ module Projects
      before_action :authorize_read_project_security_dashboard!
      def show
-        @pipeline = @project.latest_pipeline_with_security_reports
+        @pipeline = @project.latest_pipeline_with_legacy_security_reports
+          &.present(current_user: current_user)
      end
      private

--- a/ee/app/models/ee/ci/pipeline.rb
+++ b/ee/app/models/ee/ci/pipeline.rb
@@ -16,7 +16,7 @@ module EE
        has_many :vulnerabilities, source: :occurrence, through: :vulnerabilities_occurrence_pipelines, class_name: 'Vulnerabilities::Occurrence'
        # Legacy way to fetch security reports based on job name. This has been replaced by the reports feature.
-        scope :with_security_reports, -> {
+        scope :with_legacy_security_reports, -> {
          joins(:artifacts).where(ci_builds: { name: %w[sast dependency_scanning sast:container container_scanning dast] })
        }

--- a/ee/app/models/ee/project.rb
+++ b/ee/app/models/ee/project.rb
@@ -108,8 +108,8 @@ module EE
      end
    end
-    def latest_pipeline_with_security_reports
+    def latest_pipeline_with_legacy_security_reports
-      pipelines.newest_first(default_branch).with_security_reports.first
+      pipelines.newest_first(default_branch).with_legacy_security_reports.first
    end
    def environments_for_scope(scope)

--- a/ee/spec/controllers/projects/security/dashboard_controller_spec.rb
+++ b/ee/spec/controllers/projects/security/dashboard_controller_spec.rb
 require 'spec_helper'
 describe Projects::Security::DashboardController do
-  let(:group)   { create(:group) }
+  set(:group)   { create(:group) }
-  let(:project) { create(:project, :public, namespace: group) }
+  set(:project) { create(:project, :repository, :public, namespace: group) }
-  let(:user)    { create(:user) }
+  set(:user)    { create(:user) }
  before do
    group.add_developer(user)
  end
  describe 'GET #show' do
-    let(:pipeline_1) { create(:ci_pipeline_without_jobs, project: project) }
+    let(:pipeline) { create(:ci_pipeline_without_jobs, sha: project.commit.id, project: project, user: user) }
-    let(:pipeline_2) { create(:ci_pipeline_without_jobs, project: project) }
-    let(:pipeline_3) { create(:ci_pipeline_without_jobs, project: project) }
-    before do
+    render_views
-      create(
-        :ci_build,
-        :success,
-        :artifacts,
-        name: 'sast',
-        pipeline: pipeline_1,
-        options: {
-          artifacts: {
-            paths: [Ci::JobArtifact::DEFAULT_FILE_NAMES[:sast]]
-          }
-        }
-      )
-    end
    def show_security_dashboard(current_user = user)
      sign_in(current_user)
@@ -39,11 +24,42 @@ describe Projects::Security::DashboardController do
        stub_licensed_features(security_dashboard: true)
      end
+      context 'when uses legacy reports syntax' do
+        before do
+          create(:ci_build, :artifacts, pipeline: pipeline, name: 'sast')
+        end
        it 'returns the latest pipeline with security reports for project' do
          show_security_dashboard
          expect(response).to have_gitlab_http_status(200)
          expect(response).to render_template(:show)
+          expect(response.body).to have_css("div#js-security-report-app[data-has-pipeline-data=true]")
+        end
+      end
+      context 'when uses new reports syntax' do
+        before do
+          create(:ee_ci_build, :security_reports, pipeline: pipeline)
+        end
+        it 'renders empty state (not yet supported)' do
+          show_security_dashboard
+          expect(response).to have_gitlab_http_status(200)
+          expect(response).to render_template(:show)
+          expect(response.body).to have_css("div#js-security-report-app[data-has-pipeline-data=false]")
+        end
+      end
+      context 'when there is no matching pipeline' do
+        it 'renders empty state' do
+          show_security_dashboard
+          expect(response).to have_gitlab_http_status(200)
+          expect(response).to render_template(:show)
+          expect(response.body).to have_css("div#js-security-report-app[data-has-pipeline-data=false]")
+        end
      end
    end

--- a/ee/spec/models/ci/pipeline_spec.rb
+++ b/ee/spec/models/ci/pipeline_spec.rb
@@ -85,7 +85,7 @@ describe Ci::Pipeline do
    end
  end
-  describe '#with_security_reports scope' do
+  describe '#with_legacy_security_reports scope' do
    let(:pipeline_1) { create(:ci_pipeline_without_jobs, project: project) }
    let(:pipeline_2) { create(:ci_pipeline_without_jobs, project: project) }
    let(:pipeline_3) { create(:ci_pipeline_without_jobs, project: project) }
@@ -151,7 +151,7 @@ describe Ci::Pipeline do
    end
    it "returns pipeline with security reports" do
-      expect(described_class.with_security_reports).to eq([pipeline_1, pipeline_2, pipeline_3, pipeline_4])
+      expect(described_class.with_legacy_security_reports).to eq([pipeline_1, pipeline_2, pipeline_3, pipeline_4])
    end
  end

--- a/ee/spec/models/project_spec.rb
+++ b/ee/spec/models/project_spec.rb
@@ -1496,7 +1496,7 @@ describe Project do
    end
  end
-  describe '#latest_pipeline_with_security_reports' do
+  describe '#latest_pipeline_with_legacy_security_reports' do
    let(:project) { create(:project) }
    let(:pipeline_1) { create(:ci_pipeline_without_jobs, project: project) }
    let(:pipeline_2) { create(:ci_pipeline_without_jobs, project: project) }
@@ -1530,7 +1530,7 @@ describe Project do
    end
    it "returns the latest pipeline with security reports" do
-      expect(project.latest_pipeline_with_security_reports).to eq(pipeline_2)
+      expect(project.latest_pipeline_with_legacy_security_reports).to eq(pipeline_2)
    end
  end