Commit b81e64d9 authored by Jose Ivan Vargas's avatar Jose Ivan Vargas

Merge branch 'tt_842-security-newsletter-prompt' into 'master'

Admin Dash - Security Newsletter Callout

See merge request gitlab-org/gitlab!71317
parents adad4d20 d956cf62
......@@ -9,6 +9,7 @@ const PERSISTENT_USER_CALLOUTS = [
'.js-registration-enabled-callout',
'.js-new-user-signups-cap-reached',
'.js-eoa-bronze-plan-banner',
'.js-security-newsletter-callout',
];
const initCallouts = () => {
......
......@@ -10,6 +10,7 @@ module UserCalloutsHelper
REGISTRATION_ENABLED_CALLOUT = 'registration_enabled_callout'
UNFINISHED_TAG_CLEANUP_CALLOUT = 'unfinished_tag_cleanup_callout'
INVITE_MEMBERS_BANNER = 'invite_members_banner'
SECURITY_NEWSLETTER_CALLOUT = 'security_newsletter_callout'
def show_gke_cluster_integration_callout?(project)
active_nav_link?(controller: sidebar_operations_paths) &&
......@@ -64,6 +65,11 @@ module UserCalloutsHelper
!multiple_members?(group)
end
def show_security_newsletter_user_callout?
current_user&.admin? &&
!user_dismissed?(SECURITY_NEWSLETTER_CALLOUT)
end
private
def user_dismissed?(feature_name, ignore_dismissal_earlier_than = nil)
......
......@@ -36,7 +36,8 @@ class UserCallout < ApplicationRecord
trial_status_reminder_d3: 35, # EE-only
security_configuration_devops_alert: 36, # EE-only
profile_personal_access_token_expiry: 37, # EE-only
terraform_notification_dismissed: 38
terraform_notification_dismissed: 38,
security_newsletter_callout: 39
}
validates :feature_name,
......
- return unless show_security_newsletter_user_callout?
= render 'shared/global_alert',
title: s_('AdminArea|Get security updates from GitLab and stay up to date'),
variant: :tip,
alert_class: 'js-security-newsletter-callout',
is_contained: true,
alert_data: { feature_id: UserCalloutsHelper::SECURITY_NEWSLETTER_CALLOUT, dismiss_endpoint: user_callouts_path, defer_links: 'true' },
close_button_data: { testid: 'close-security-newsletter-callout' } do
.gl-alert-body
= s_('AdminArea|Sign up for the GitLab Security Newsletter to get notified for security updates.')
.gl-alert-actions
= link_to 'https://about.gitlab.com/company/preference-center/', target: '_blank', rel: 'noreferrer noopener', class: 'deferred-link gl-alert-action btn-confirm btn-md gl-button' do
= s_('AdminArea|Sign up for the GitLab newsletter')
......@@ -4,6 +4,7 @@
- billable_users_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer nofollow">'.html_safe % { url: billable_users_url }
= render_if_exists 'shared/qrtly_reconciliation_alert'
= render 'admin/dashboard/security_newsletter_callout'
- if @notices
- @notices.each do |notice|
......
......@@ -16493,6 +16493,7 @@ Name of the feature that the callout is for.
| <a id="usercalloutfeaturenameenumregistration_enabled_callout"></a>`REGISTRATION_ENABLED_CALLOUT` | Callout feature name for registration_enabled_callout. |
| <a id="usercalloutfeaturenameenumsecurity_configuration_devops_alert"></a>`SECURITY_CONFIGURATION_DEVOPS_ALERT` | Callout feature name for security_configuration_devops_alert. |
| <a id="usercalloutfeaturenameenumsecurity_configuration_upgrade_banner"></a>`SECURITY_CONFIGURATION_UPGRADE_BANNER` | Callout feature name for security_configuration_upgrade_banner. |
| <a id="usercalloutfeaturenameenumsecurity_newsletter_callout"></a>`SECURITY_NEWSLETTER_CALLOUT` | Callout feature name for security_newsletter_callout. |
| <a id="usercalloutfeaturenameenumsuggest_pipeline"></a>`SUGGEST_PIPELINE` | Callout feature name for suggest_pipeline. |
| <a id="usercalloutfeaturenameenumsuggest_popover_dismissed"></a>`SUGGEST_POPOVER_DISMISSED` | Callout feature name for suggest_popover_dismissed. |
| <a id="usercalloutfeaturenameenumtabs_position_highlight"></a>`TABS_POSITION_HIGHLIGHT` | Callout feature name for tabs_position_highlight. |
......
......@@ -2285,6 +2285,9 @@ msgstr ""
msgid "AdminArea|Features"
msgstr ""
msgid "AdminArea|Get security updates from GitLab and stay up to date"
msgstr ""
msgid "AdminArea|Groups"
msgstr ""
......@@ -2324,6 +2327,12 @@ msgstr ""
msgid "AdminArea|Reporter"
msgstr ""
msgid "AdminArea|Sign up for the GitLab Security Newsletter to get notified for security updates."
msgstr ""
msgid "AdminArea|Sign up for the GitLab newsletter"
msgstr ""
msgid "AdminArea|Stop all jobs"
msgstr ""
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Security newsletter callout', :js do
let_it_be(:admin) { create(:admin) }
let_it_be(:non_admin) { create(:user) }
shared_examples 'hidden callout' do
it 'does not display callout' do
expect(page).not_to have_content 'Sign up for the GitLab Security Newsletter to get notified for security updates.'
end
end
context 'when an admin is logged in' do
before do
sign_in(admin)
gitlab_enable_admin_mode_sign_in(admin)
visit admin_root_path
end
it 'displays callout' do
expect(page).to have_content 'Sign up for the GitLab Security Newsletter to get notified for security updates.'
expect(page).to have_link 'Sign up for the GitLab newsletter', href: 'https://about.gitlab.com/company/preference-center/'
end
context 'when link is clicked' do
before do
find_link('Sign up for the GitLab newsletter').click
visit admin_root_path
end
it_behaves_like 'hidden callout'
end
context 'when callout is dismissed' do
before do
find('[data-testid="close-security-newsletter-callout"]').click
visit admin_root_path
end
it_behaves_like 'hidden callout'
end
end
context 'when a non-admin is logged in' do
before do
sign_in(non_admin)
visit admin_root_path
end
it_behaves_like 'hidden callout'
end
end
......@@ -293,4 +293,37 @@ RSpec.describe UserCalloutsHelper do
it { is_expected.to eq(false) }
end
end
describe '.show_security_newsletter_user_callout?' do
let_it_be(:admin) { create(:user, :admin) }
subject { helper.show_security_newsletter_user_callout? }
context 'when `current_user` is not an admin' do
before do
allow(helper).to receive(:current_user).and_return(user)
allow(helper).to receive(:user_dismissed?).with(described_class::SECURITY_NEWSLETTER_CALLOUT) { false }
end
it { is_expected.to be false }
end
context 'when user has dismissed callout' do
before do
allow(helper).to receive(:current_user).and_return(admin)
allow(helper).to receive(:user_dismissed?).with(described_class::SECURITY_NEWSLETTER_CALLOUT) { true }
end
it { is_expected.to be false }
end
context 'when `current_user` is an admin and user has not dismissed callout' do
before do
allow(helper).to receive(:current_user).and_return(admin)
allow(helper).to receive(:user_dismissed?).with(described_class::SECURITY_NEWSLETTER_CALLOUT) { false }
end
it { is_expected.to be true }
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment