Commit e619143a authored by Fabien Catteau's avatar Fabien Catteau

Add Security dashboard to project quick links

Closes #6786
parent 8cb9f02e
# frozen_string_literal: true # frozen_string_literal: true
class ProjectPresenter < Gitlab::View::Presenter::Delegated class ProjectPresenter < Gitlab::View::Presenter::Delegated
prepend EE::ProjectPresenter
include ActionView::Helpers::NumberHelper include ActionView::Helpers::NumberHelper
include ActionView::Helpers::UrlHelper include ActionView::Helpers::UrlHelper
include GitlabRoutingHelper include GitlabRoutingHelper
......
...@@ -49,6 +49,9 @@ module EE ...@@ -49,6 +49,9 @@ module EE
@subject.feature_available?(:pod_logs, @user) @subject.feature_available?(:pod_logs, @user)
end end
with_scope :subject
condition(:security_reports_feature_available) { @subject.security_reports_feature_available? }
condition(:prometheus_alerts_enabled) do condition(:prometheus_alerts_enabled) do
@subject.feature_available?(:prometheus_alerts, @user) @subject.feature_available?(:prometheus_alerts, @user)
end end
...@@ -85,9 +88,10 @@ module EE ...@@ -85,9 +88,10 @@ module EE
rule { can?(:developer_access) }.policy do rule { can?(:developer_access) }.policy do
enable :admin_board enable :admin_board
enable :admin_vulnerability_feedback enable :admin_vulnerability_feedback
enable :read_project_security_dashboard
end end
rule { can?(:developer_access) & security_reports_feature_available }.enable :read_project_security_dashboard
rule { can?(:read_project) }.enable :read_vulnerability_feedback rule { can?(:read_project) }.enable :read_vulnerability_feedback
rule { repository_mirrors_enabled & ((mirror_available & can?(:admin_project)) | admin) }.enable :admin_mirror rule { repository_mirrors_enabled & ((mirror_available & can?(:admin_project)) | admin) }.enable :admin_mirror
......
# frozen_string_literal: true
module EE
module ProjectPresenter
extend ::Gitlab::Utils::Override
override :statistics_anchors
def statistics_anchors(show_auto_devops_callout:)
super + extra_statistics_anchors
end
def extra_statistics_anchors
anchors = []
if can?(current_user, :read_project_security_dashboard, project) &&
project.latest_pipeline_with_security_reports
anchors << security_dashboard_data
end
anchors
end
private
def security_dashboard_data
OpenStruct.new(enabled: true,
label: _('Security Dashboard'),
link: project_security_dashboard_path(project))
end
end
end
- return unless @project.security_reports_feature_available? && can?(current_user, :read_project_security_dashboard, @project) - return unless can?(current_user, :read_project_security_dashboard, @project)
= nav_link(path: 'projects/security/dashboard#show') do = nav_link(path: 'projects/security/dashboard#show') do
= link_to project_security_dashboard_path(@project), title: _('Security Dashboard'), class: 'shortcuts-project-security-dashboard' do = link_to project_security_dashboard_path(@project), title: _('Security Dashboard'), class: 'shortcuts-project-security-dashboard' do
......
---
title: Add Security Dashboard to project quick links
merge_request: 6652
author:
type: added
...@@ -305,6 +305,10 @@ describe ProjectPolicy do ...@@ -305,6 +305,10 @@ describe ProjectPolicy do
end end
describe 'read_project_security_dashboard' do describe 'read_project_security_dashboard' do
before do
allow(project).to receive(:security_reports_feature_available?).and_return(true)
end
subject { described_class.new(current_user, project) } subject { described_class.new(current_user, project) }
context 'with admin' do context 'with admin' do
...@@ -329,6 +333,14 @@ describe ProjectPolicy do ...@@ -329,6 +333,14 @@ describe ProjectPolicy do
let(:current_user) { developer } let(:current_user) { developer }
it { is_expected.to be_allowed(:read_project_security_dashboard) } it { is_expected.to be_allowed(:read_project_security_dashboard) }
context 'when security reports features are not available' do
before do
allow(project).to receive(:security_reports_feature_available?).and_return(false)
end
it { is_expected.to be_disallowed(:read_project_security_dashboard) }
end
end end
context 'with reporter' do context 'with reporter' do
......
# frozen_string_literal: true
require 'spec_helper'
describe ProjectPresenter do
let(:user) { create(:user) }
describe '#extra_statistics_anchors' do
let(:project) { create(:project) }
let(:pipeline) { create(:ci_pipeline, project: project) }
let(:presenter) { described_class.new(project, current_user: user) }
let(:security_dashboard_data) do
OpenStruct.new(enabled: true,
label: _('Security Dashboard'),
link: presenter.project_security_dashboard_path(project))
end
before do
allow(Ability).to receive(:allowed?).with(user, :read_project_security_dashboard, project).and_return(true)
allow(project).to receive(:latest_pipeline_with_security_reports).and_return(pipeline)
end
it 'contains security dasbhoard link' do
expect(presenter.extra_statistics_anchors).to include(security_dashboard_data)
end
context 'user not signed in' do
let(:user) { nil }
before do
allow(Ability).to receive(:allowed?).with(nil, :read_project_security_dashboard, project).and_return(false)
end
it 'has no security dasbhoard link' do
expect(presenter.extra_statistics_anchors).not_to include(security_dashboard_data)
end
end
context 'user is not allowed to read security dashboard' do
before do
allow(Ability).to receive(:allowed?).with(user, :read_project_security_dashboard, project).and_return(false)
end
it 'has no security dasbhoard link' do
expect(presenter.extra_statistics_anchors).not_to include(security_dashboard_data)
end
end
context 'no pipeline having security reports' do
before do
allow(project).to receive(:latest_pipeline_with_security_reports).and_return(nil)
end
it 'has no security dasbhoard link' do
expect(presenter.extra_statistics_anchors).not_to include(security_dashboard_data)
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment