Commit b52d983c authored by Sean McGivern's avatar Sean McGivern

Merge branch '295240-saved-scans-routes' into 'master'

Creates new on-demand scans routes

See merge request gitlab-org/gitlab!50469
parents 51fbe028 2ec2e0a2
import initOnDemanScans from 'ee/on_demand_scans';
initOnDemanScans();
import initOnDemanScans from 'ee/on_demand_scans';
initOnDemanScans();
...@@ -3,14 +3,25 @@ ...@@ -3,14 +3,25 @@
module Projects module Projects
class OnDemandScansController < Projects::ApplicationController class OnDemandScansController < Projects::ApplicationController
before_action do before_action do
authorize_read_on_demand_scans!
push_frontend_feature_flag(:security_on_demand_scans_site_validation, @project) push_frontend_feature_flag(:security_on_demand_scans_site_validation, @project)
push_frontend_feature_flag(:security_dast_site_profiles_additional_fields, @project, default_enabled: :yaml) push_frontend_feature_flag(:security_dast_site_profiles_additional_fields, @project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_saved_scans, @project, default_enabled: :yaml)
end end
before_action :authorize_read_on_demand_scans!, only: :index
before_action :authorize_create_on_demand_dast_scan!, only: [:new, :edit]
feature_category :dynamic_application_security_testing feature_category :dynamic_application_security_testing
def index def index
end end
def new
not_found unless Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml)
end
def edit
not_found unless Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml)
end
end end
end end
...@@ -166,6 +166,8 @@ module EE ...@@ -166,6 +166,8 @@ module EE
projects/security/vulnerability_report#index projects/security/vulnerability_report#index
projects/security/dashboard#index projects/security/dashboard#index
projects/on_demand_scans#index projects/on_demand_scans#index
projects/on_demand_scans#new
projects/on_demand_scans#edit
projects/security/dast_profiles#show projects/security/dast_profiles#show
projects/security/dast_site_profiles#new projects/security/dast_site_profiles#new
projects/security/dast_site_profiles#edit projects/security/dast_site_profiles#edit
...@@ -189,6 +191,8 @@ module EE ...@@ -189,6 +191,8 @@ module EE
def sidebar_on_demand_scans_paths def sidebar_on_demand_scans_paths
%w[ %w[
projects/on_demand_scans#index projects/on_demand_scans#index
projects/on_demand_scans#new
projects/on_demand_scans#edit
] ]
end end
......
- on_demand_scans_path = Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml) ? new_project_on_demand_scan_path(@project) : project_on_demand_scans_path(@project)
- if any_project_nav_tab?([:security, :dependencies, :licenses, :audit_events]) - if any_project_nav_tab?([:security, :dependencies, :licenses, :audit_events])
= nav_link(path: sidebar_security_paths) do = nav_link(path: sidebar_security_paths) do
= link_to top_level_link(@project), data: { qa_selector: top_level_qa_selector(@project) } do = link_to top_level_link(@project), data: { qa_selector: top_level_qa_selector(@project) } do
...@@ -24,7 +26,7 @@ ...@@ -24,7 +26,7 @@
- if project_nav_tab?(:on_demand_scans) - if project_nav_tab?(:on_demand_scans)
= nav_link(path: sidebar_on_demand_scans_paths) do = nav_link(path: sidebar_on_demand_scans_paths) do
= link_to project_on_demand_scans_path(@project), title: s_('OnDemandScans|On-demand Scans'), data: { qa_selector: 'on_demand_scans_link' } do = link_to on_demand_scans_path, title: s_('OnDemandScans|On-demand Scans'), data: { qa_selector: 'on_demand_scans_link' } do
%span= s_('OnDemandScans|On-demand Scans') %span= s_('OnDemandScans|On-demand Scans')
- if project_nav_tab?(:dependencies) - if project_nav_tab?(:dependencies)
......
- breadcrumb_title s_('OnDemandScans|Edit on-demand DAST scan')
- page_title s_('OnDemandScans|Edit on-demand DAST scan')
#js-on-demand-scans-app{ data: on_demand_scans_data(@project) }
- breadcrumb_title s_('OnDemandScans|New on-demand DAST scan')
- page_title s_('OnDemandScans|New on-demand DAST scan')
#js-on-demand-scans-app{ data: on_demand_scans_data(@project) }
---
name: dast_saved_scans
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/50469
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/295252
milestone: '13.8'
type: development
group: group::dynamic analysis
default_enabled: false
...@@ -105,9 +105,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do ...@@ -105,9 +105,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
resources :feature_flag_issues, only: [:index, :create, :destroy], as: 'issues', path: 'issues' resources :feature_flag_issues, only: [:index, :create, :destroy], as: 'issues', path: 'issues'
end end
scope :on_demand_scans do resources :on_demand_scans, only: [:index, :new, :edit]
root 'on_demand_scans#index', as: 'on_demand_scans'
end
namespace :integrations do namespace :integrations do
namespace :jira do namespace :jira do
......
...@@ -210,6 +210,8 @@ RSpec.describe ProjectsHelper do ...@@ -210,6 +210,8 @@ RSpec.describe ProjectsHelper do
projects/security/vulnerability_report#index projects/security/vulnerability_report#index
projects/security/dashboard#index projects/security/dashboard#index
projects/on_demand_scans#index projects/on_demand_scans#index
projects/on_demand_scans#new
projects/on_demand_scans#edit
projects/security/dast_profiles#show projects/security/dast_profiles#show
projects/security/dast_site_profiles#new projects/security/dast_site_profiles#new
projects/security/dast_site_profiles#edit projects/security/dast_site_profiles#edit
...@@ -233,6 +235,8 @@ RSpec.describe ProjectsHelper do ...@@ -233,6 +235,8 @@ RSpec.describe ProjectsHelper do
let(:expected_on_demand_scans_paths) do let(:expected_on_demand_scans_paths) do
%w[ %w[
projects/on_demand_scans#index projects/on_demand_scans#index
projects/on_demand_scans#new
projects/on_demand_scans#edit
] ]
end end
......
...@@ -3,10 +3,10 @@ ...@@ -3,10 +3,10 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe Projects::OnDemandScansController, type: :request do RSpec.describe Projects::OnDemandScansController, type: :request do
let(:project) { create(:project) } let_it_be(:project) { create(:project) }
let(:user) { create(:user) } let(:user) { create(:user) }
describe 'GET #index' do shared_examples 'on-demand scans page' do
context 'feature available' do context 'feature available' do
before do before do
stub_licensed_features(security_on_demand_scans: true) stub_licensed_features(security_on_demand_scans: true)
...@@ -20,7 +20,7 @@ RSpec.describe Projects::OnDemandScansController, type: :request do ...@@ -20,7 +20,7 @@ RSpec.describe Projects::OnDemandScansController, type: :request do
end end
it "can access page" do it "can access page" do
get project_on_demand_scans_path(project) get path
expect(response).to have_gitlab_http_status(:ok) expect(response).to have_gitlab_http_status(:ok)
end end
...@@ -34,7 +34,7 @@ RSpec.describe Projects::OnDemandScansController, type: :request do ...@@ -34,7 +34,7 @@ RSpec.describe Projects::OnDemandScansController, type: :request do
end end
it "sees a 404 error" do it "sees a 404 error" do
get project_on_demand_scans_path(project) get path
expect(response).to have_gitlab_http_status(:not_found) expect(response).to have_gitlab_http_status(:not_found)
end end
...@@ -50,10 +50,29 @@ RSpec.describe Projects::OnDemandScansController, type: :request do ...@@ -50,10 +50,29 @@ RSpec.describe Projects::OnDemandScansController, type: :request do
it "sees a 404 error if the license doesn't support the feature" do it "sees a 404 error if the license doesn't support the feature" do
stub_licensed_features(security_on_demand_scans: false) stub_licensed_features(security_on_demand_scans: false)
get project_on_demand_scans_path(project) get path
expect(response).to have_gitlab_http_status(:not_found) expect(response).to have_gitlab_http_status(:not_found)
end end
end end
end end
describe 'GET #index' do
it_behaves_like 'on-demand scans page' do
let(:path) { project_on_demand_scans_path(project) }
end
end
describe 'GET #new' do
it_behaves_like 'on-demand scans page' do
let(:path) { new_project_on_demand_scan_path(project) }
end
end
describe 'GET #edit' do
it_behaves_like 'on-demand scans page' do
# This should be improved as part of https://gitlab.com/gitlab-org/gitlab/-/issues/295242
let(:path) { edit_project_on_demand_scan_path(project, id: 1) }
end
end
end end
...@@ -19556,6 +19556,9 @@ msgstr "" ...@@ -19556,6 +19556,9 @@ msgstr ""
msgid "OnDemandScans|Create a new site profile" msgid "OnDemandScans|Create a new site profile"
msgstr "" msgstr ""
msgid "OnDemandScans|Edit on-demand DAST scan"
msgstr ""
msgid "OnDemandScans|Manage profiles" msgid "OnDemandScans|Manage profiles"
msgstr "" msgstr ""
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment