Merge branch '297417_show_discover_security_menu_item' into 'master'

Render Discover link for `Security & Compliance` See merge request gitlab-org/gitlab!62019

Merge branch '297417_show_discover_security_menu_item' into 'master'
Render Discover link for `Security & Compliance` See merge request gitlab-org/gitlab!62019
ffed5fe4 · Michael Kozono · 78f78c1c · 74fb4d54 · ffed5fe4 · ffed5fe4
Commit ffed5fe4 authored May 22, 2021 by Michael Kozono
4 changed files
--- a/ee/lib/ee/sidebars/projects/menus/security_compliance_menu.rb
+++ b/ee/lib/ee/sidebars/projects/menus/security_compliance_menu.rb
@@ -11,6 +11,7 @@ module EE
          def configure_menu_items
            return false unless can?(context.current_user, :access_security_and_compliance, context.project)

+            add_item(discover_project_security_menu_item)
            add_item(security_dashboard_menu_item)
            add_item(vulnerability_report_menu_item)
            add_item(on_demand_scans_menu_item)
@@ -26,17 +27,12 @@ module EE

          override :link
          def link
-            return project_security_discover_path(context.project) unless has_items?
+            return discover_project_security_menu_item.link if discover_project_security_menu_item.render?
            return security_dashboard_menu_item.link if security_dashboard_menu_item.render?
            return audit_events_menu_item.link if audit_events_menu_item.render?
            return dependencies_menu_item.link if dependencies_menu_item.render?

-            renderable_items.first.link
-          end
-
-          override :render?
-          def render?
-            super || context.show_discover_project_security
+            renderable_items.first&.link
          end

          private
@@ -60,6 +56,21 @@ module EE
              (context.project.licensed_feature_available?(:security_dashboard) && can?(context.current_user, :read_project_security_dashboard, context.project))
          end

+          def discover_project_security_menu_item
+            strong_memoize(:discover_project_security_menu_item) do
+              unless context.show_discover_project_security
+                next ::Sidebars::NilMenuItem.new(item_id: :discover_project_security)
+              end
+
+              ::Sidebars::MenuItem.new(
+                title: _('Discover'),
+                link: project_security_discover_path(context.project),
+                active_routes: { path: 'projects/security/discover#show' },
+                item_id: :discover_project_security
+              )
+            end
+          end
+
          def security_dashboard_menu_item
            strong_memoize(:security_dashboard_menu_item) do
              unless can?(context.current_user, :read_project_security_dashboard, context.project)

--- a/ee/spec/lib/ee/sidebars/projects/menus/security_compliance_menu_spec.rb
+++ b/ee/spec/lib/ee/sidebars/projects/menus/security_compliance_menu_spec.rb
@@ -10,44 +10,44 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do
  let(:show_discover_project_security) { true }
  let(:context) { Sidebars::Projects::Context.new(current_user: user, container: project, show_promotions: show_promotions, show_discover_project_security: show_discover_project_security) }

-  subject { described_class.new(context) }
+  subject(:menu) { described_class.new(context) }

  describe 'render?' do
-    context 'when user can access security and compliance' do
-      it 'returns true' do
-        expect(subject.render?).to eq true
-      end
-    end
+    subject { menu.render? }

-    context 'when user cannot access security and compliance' do
+    context 'when user is not authenticated' do
      let(:user) { nil }

-      context 'when show discover project security is enabled' do
-        it 'returns true' do
-          expect(subject.render?).to eq true
+      it { is_expected.to be_falsey }
+    end
+
+    context 'when user is authenticated' do
+      context 'when the Security & Compliance is disabled' do
+        before do
+          allow(Ability).to receive(:allowed?).with(user, :access_security_and_compliance, project).and_return(false)
        end
-      end

-      context 'when show discover project security is disabled' do
-        let(:show_discover_project_security) { false }
+        it { is_expected.to be_falsey }
+      end

-        it 'returns false' do
-          expect(subject.render?).to eq false
-        end
+      context 'when the Security & Compliance is not disabled' do
+        it { is_expected.to be_truthy }
      end
    end
  end

  describe '#link' do
    let(:show_promotions) { false }
+    let(:show_discover_project_security) { false }

    using RSpec::Parameterized::TableSyntax

-    where(:security_dashboard_feature, :audit_events_feature, :dependency_scanning_feature, :expected_link) do
-      true  | true  | true  | "/-/security/dashboard"
-      false | true  | true  | "/-/audit_events"
-      false | false | true  | "/-/dependencies"
-      false | false | false | "/-/security/configuration"
+    where(:security_dashboard_feature, :audit_events_feature, :dependency_scanning_feature, :show_discover_project_security, :expected_link) do
+      true  | true  | true  | false | "/-/security/dashboard"
+      false | true  | true  | false | "/-/audit_events"
+      false | false | true  | false | "/-/dependencies"
+      false | false | true  | true  | "/-/security/discover"
+      false | false | false | false | "/-/security/configuration"
    end

    with_them do
@@ -61,9 +61,9 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do
    context 'when no security menu item and show promotions' do
      let(:user) { nil }

-      it 'returns the link to the discover security path', :aggregate_failures do
+      it 'returns nil', :aggregate_failures do
        expect(subject.renderable_items).to be_empty
-        expect(subject.link).to eq("/#{project.full_path}/-/security/discover")
+        expect(subject.link).to be_nil
      end
    end
  end
@@ -94,6 +94,20 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do
      end
    end

+    describe 'Discover Security & Compliance' do
+      let(:item_id) { :discover_project_security }
+
+      context 'when show_discover_project_security is true' do
+        it { is_expected.not_to be_nil }
+      end
+
+      context 'when show_discover_project_security is not true' do
+        let(:show_discover_project_security) { false }
+
+        it { is_expected.to be_nil }
+      end
+    end
+
    describe 'Security Dashboard' do
      let(:item_id) { :dashboard }


--- a/ee/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb
+++ b/ee/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb
@@ -181,7 +181,7 @@ RSpec.describe 'layouts/nav/sidebar/_project' do
  end

  describe 'Security and Compliance' do
-    describe 'when user does not have permissions' do
+    context 'when user does not have permissions' do
      before do
        allow(view).to receive(:current_user).and_return(nil)
      end
@@ -191,16 +191,6 @@ RSpec.describe 'layouts/nav/sidebar/_project' do

        expect(rendered).not_to have_link('Security & Compliance', href: project_security_dashboard_index_path(project))
      end
-
-      context 'when user can see discover project security' do
-        it 'top level navigation link is visible and pointing to that page' do
-          allow(view).to receive(:show_discover_project_security?).and_return(true)
-
-          render
-
-          expect(rendered).to have_link('Security & Compliance', href: project_security_discover_path(project))
-        end
-      end
    end

    context 'when user has permissions' do

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -11579,6 +11579,9 @@ msgstr ""
 msgid "DiscordService|Send notifications about project events to a Discord channel."
 msgstr ""

+msgid "Discover"
+msgstr ""
+
 msgid "Discover GitLab Geo"
 msgstr ""