Commit b6d32b0c authored by Michael Kozono's avatar Michael Kozono

Merge branch 'display-security-approvals-backend' into 'master'

Extend configuration end point to return json when format is given

See merge request gitlab-org/gitlab!37217
parents 58ce453f d936f769
...@@ -20,6 +20,12 @@ module Projects ...@@ -20,6 +20,12 @@ module Projects
@configuration = ConfigurationPresenter.new(project, @configuration = ConfigurationPresenter.new(project,
auto_fix_permission: auto_fix_authorized?, auto_fix_permission: auto_fix_authorized?,
current_user: current_user) current_user: current_user)
respond_to do |format|
format.html
format.json do
render status: :ok, json: @configuration.to_h
end
end
end end
def auto_fix def auto_fix
......
...@@ -53,21 +53,33 @@ module Projects ...@@ -53,21 +53,33 @@ module Projects
create_sast_merge_request_path: project_security_configuration_sast_path(project), create_sast_merge_request_path: project_security_configuration_sast_path(project),
auto_devops_path: auto_devops_settings_path(project), auto_devops_path: auto_devops_settings_path(project),
can_enable_auto_devops: can_enable_auto_devops?, can_enable_auto_devops: can_enable_auto_devops?,
features: features.to_json, features: features,
help_page_path: help_page_path('user/application_security/index'), help_page_path: help_page_path('user/application_security/index'),
latest_pipeline_path: latest_pipeline_path, latest_pipeline_path: latest_pipeline_path,
auto_fix_enabled: { auto_fix_enabled: autofix_enabled,
dependency_scanning: project_settings.auto_fix_dependency_scanning,
container_scanning: project_settings.auto_fix_container_scanning
}.to_json,
can_toggle_auto_fix_settings: auto_fix_permission, can_toggle_auto_fix_settings: auto_fix_permission,
gitlab_ci_present: gitlab_ci_present?, gitlab_ci_present: gitlab_ci_present?,
auto_fix_user_path: '/' # TODO: real link will be updated with https://gitlab.com/gitlab-org/gitlab/-/issues/215669 auto_fix_user_path: '/' # TODO: real link will be updated with https://gitlab.com/gitlab-org/gitlab/-/issues/215669
} }
end end
def to_html_data_attribute
data = to_h
data[:features] = data[:features].to_json
data[:auto_fix_enabled] = data[:auto_fix_enabled].to_json
data
end
private private
def autofix_enabled
{
dependency_scanning: project_settings.auto_fix_dependency_scanning,
container_scanning: project_settings.auto_fix_container_scanning
}
end
def can_enable_auto_devops? def can_enable_auto_devops?
feature_available?(:builds, current_user) && feature_available?(:builds, current_user) &&
can?(current_user, :admin_project, self) && can?(current_user, :admin_project, self) &&
......
- breadcrumb_title _("Security Configuration") - breadcrumb_title _("Security Configuration")
- page_title _("Security Configuration") - page_title _("Security Configuration")
#js-security-configuration{ data: { **@configuration.to_h, #js-security-configuration{ data: { **@configuration.to_html_data_attribute,
auto_fix_help_path: '/', auto_fix_help_path: '/',
toggle_autofix_setting_endpoint: 'configuration/auto_fix', toggle_autofix_setting_endpoint: 'configuration/auto_fix',
container_scanning_help_path: help_page_path('user/application_security/container_scanning/index'), container_scanning_help_path: help_page_path('user/application_security/container_scanning/index'),
......
---
title: Extend configuration end point to return json when format is given
merge_request: 37217
author:
type: added
...@@ -26,6 +26,16 @@ RSpec.describe Projects::Security::ConfigurationController do ...@@ -26,6 +26,16 @@ RSpec.describe Projects::Security::ConfigurationController do
sign_in(user) sign_in(user)
end end
it 'responds in json format when requested' do
get :show, params: { namespace_id: project.namespace, project_id: project, format: :json }
types = %w(sast dast dependency_scanning container_scanning secret_detection coverage_fuzzing license_scanning)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['features'].map { |f| f['type'] }).to match_array(types)
expect(json_response['auto_fix_enabled']).to include({ 'dependency_scanning' => true, 'container_scanning' => true })
end
it "renders data on the project's security configuration" do it "renders data on the project's security configuration" do
request request
...@@ -99,6 +109,13 @@ RSpec.describe Projects::Security::ConfigurationController do ...@@ -99,6 +109,13 @@ RSpec.describe Projects::Security::ConfigurationController do
let(:user) { maintainer } let(:user) { maintainer }
let(:setting) { project.security_setting } let(:setting) { project.security_setting }
it 'shows auto fix disable for dependency scanning for json format' do
get :show, params: { namespace_id: project.namespace, project_id: project, format: :json }
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['auto_fix_enabled']).to include({ 'dependency_scanning' => false })
end
context 'with setup feature param' do context 'with setup feature param' do
let(:feature) { :dependency_scanning } let(:feature) { :dependency_scanning }
......
...@@ -19,7 +19,7 @@ RSpec.describe Projects::Security::ConfigurationPresenter do ...@@ -19,7 +19,7 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
end end
describe '#to_h' do describe '#to_h' do
subject { described_class.new(project, auto_fix_permission: true, current_user: current_user).to_h } subject { described_class.new(project, auto_fix_permission: true, current_user: current_user).to_html_data_attribute }
it 'includes links to auto devops and secure product docs' do it 'includes links to auto devops and secure product docs' do
expect(subject[:auto_devops_help_page_path]).to eq(help_page_path('topics/autodevops/index')) expect(subject[:auto_devops_help_page_path]).to eq(help_page_path('topics/autodevops/index'))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment