Commit cd81e4ba authored by mo khan's avatar mo khan

Combine dependencies controllers

This commit merges the projects/dependencies controller with the
projects/security/dependencies controller.
parent 8c3ea04a
# frozen_string_literal: true
module Projects
class DependenciesController < Projects::ApplicationController
before_action :authorize_read_dependency_list!
def authorize_read_dependency_list!
render_404 unless can?(current_user, :read_dependencies, project)
end
end
end
......@@ -7,6 +7,9 @@ module Projects
def index
respond_to do |format|
format.html do
render status: :ok
end
format.json do
::Gitlab::UsageCounters::DependencyList.increment(project.id)
......@@ -33,7 +36,16 @@ module Projects
end
def authorize_read_dependency_list!
render_403 unless can?(current_user, :read_dependencies, project)
return if can?(current_user, :read_dependencies, project)
respond_to do |format|
format.html do
render_404
end
format.json do
render_403
end
end
end
def dependencies
......
# frozen_string_literal: true
require 'spec_helper'
describe Projects::DependenciesController do
set(:project) { create(:project, :repository, :public, :repository_private) }
set(:user) { create(:user) }
subject { get :show, params: { namespace_id: project.namespace, project_id: project } }
describe 'GET show' do
context 'with authorized user' do
before do
project.add_reporter(user)
sign_in(user)
end
context 'when feature is available' do
render_views
before do
stub_licensed_features(dependency_scanning: true)
end
it 'renders the show template' do
subject
expect(response).to have_gitlab_http_status(200)
expect(response).to render_template(:show)
end
it 'renders the side navigation with the correct submenu set as active' do
subject
expect(response.body).to have_active_sub_navigation('Dependency List')
end
end
context 'when feature is not available' do
it 'returns 404' do
subject
expect(response).to have_gitlab_http_status(404)
end
end
end
context 'with unauthorized user' do
before do
sign_in(user)
end
context 'when feature is available' do
before do
stub_licensed_features(dependency_scanning: true)
end
it 'returns 404' do
subject
expect(response).to have_gitlab_http_status(404)
end
end
end
context 'with anonymous user and private project' do
let(:project) { create(:project, :repository, :private) }
it 'returns 302' do
subject
expect(response).to have_gitlab_http_status(302)
expect(response).to redirect_to(new_user_session_path)
end
end
end
end
......@@ -3,7 +3,7 @@
require 'spec_helper'
describe Projects::Security::DependenciesController do
describe 'GET index.json' do
describe 'GET #index' do
let_it_be(:developer) { create(:user) }
let_it_be(:guest) { create(:user) }
let(:params) { { namespace_id: project.namespace, project_id: project } }
......@@ -25,6 +25,21 @@ describe Projects::Security::DependenciesController do
stub_licensed_features(dependency_scanning: true, license_management: true, security_dashboard: true)
end
context 'when requesting HTML' do
render_views
let(:user) { developer }
before do
get :index, params: params, format: :html
end
it { expect(response).to have_http_status(:ok) }
it 'renders the side navigation with the correct submenu set as active' do
expect(response.body).to have_active_sub_navigation('Dependency List')
end
end
context 'when usage ping is collected' do
let(:user) { developer }
......@@ -213,13 +228,17 @@ describe Projects::Security::DependenciesController do
context 'when licensed feature is unavailable' do
let(:user) { developer }
before do
it 'returns 403 for a JSON request' do
get :index, params: params, format: :json
end
it 'returns 403' do
expect(response).to have_gitlab_http_status(403)
end
it 'returns a 404 for an HTML request' do
get :index, params: params, format: :html
expect(response).to have_gitlab_http_status(404)
end
end
end
......@@ -230,13 +249,19 @@ describe Projects::Security::DependenciesController do
before do
stub_licensed_features(dependency_scanning: true)
project.add_guest(user)
end
it 'returns 403 for a JSON request' do
get :index, params: params, format: :json
end
it 'returns 403' do
expect(response).to have_gitlab_http_status(403)
end
it 'returns a 404 for an HTML request' do
get :index, params: params, format: :html
expect(response).to have_gitlab_http_status(404)
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment