Skip to content

G
gitlab-ce
Commit ffed5fe4 authored by Michael Kozono's avatar Michael Kozono
Browse files
Options

Merge branch '297417_show_discover_security_menu_item' into 'master' 

Render Discover link for `Security & Compliance`

See merge request gitlab-org/gitlab!62019
parents 78f78c1c 74fb4d54
Hide whitespace changes
Inline Side-by-side
Showing with 59 additions and 41 deletions
ee/lib/ee/sidebars/projects/menus/security_compliance_menu.rb
View file @ ffed5fe4
...@@ -11,6 +11,7 @@ module EE ...@@ -11,6 +11,7 @@ module EE
def configure_menu_items def configure_menu_items
return false unless can?(context.current_user, :access_security_and_compliance, context.project) return false unless can?(context.current_user, :access_security_and_compliance, context.project)
add_item(discover_project_security_menu_item)
add_item(security_dashboard_menu_item) add_item(security_dashboard_menu_item)
add_item(vulnerability_report_menu_item) add_item(vulnerability_report_menu_item)
add_item(on_demand_scans_menu_item) add_item(on_demand_scans_menu_item)
...@@ -26,17 +27,12 @@ module EE ...@@ -26,17 +27,12 @@ module EE
override :link override :link
def link def link
return project_security_discover_path(context.project) unless has_items? return discover_project_security_menu_item.link if discover_project_security_menu_item.render?
return security_dashboard_menu_item.link if security_dashboard_menu_item.render? return security_dashboard_menu_item.link if security_dashboard_menu_item.render?
return audit_events_menu_item.link if audit_events_menu_item.render? return audit_events_menu_item.link if audit_events_menu_item.render?
return dependencies_menu_item.link if dependencies_menu_item.render? return dependencies_menu_item.link if dependencies_menu_item.render?
renderable_items.first.link renderable_items.first&.link
end
override :render?
def render?
super || context.show_discover_project_security
end end
private private
...@@ -60,6 +56,21 @@ module EE ...@@ -60,6 +56,21 @@ module EE
(context.project.licensed_feature_available?(:security_dashboard) && can?(context.current_user, :read_project_security_dashboard, context.project)) (context.project.licensed_feature_available?(:security_dashboard) && can?(context.current_user, :read_project_security_dashboard, context.project))
end end
def discover_project_security_menu_item
strong_memoize(:discover_project_security_menu_item) do
unless context.show_discover_project_security
next ::Sidebars::NilMenuItem.new(item_id: :discover_project_security)
end
::Sidebars::MenuItem.new(
title: _('Discover'),
link: project_security_discover_path(context.project),
active_routes: { path: 'projects/security/discover#show' },
item_id: :discover_project_security
)
end
end
def security_dashboard_menu_item def security_dashboard_menu_item
strong_memoize(:security_dashboard_menu_item) do strong_memoize(:security_dashboard_menu_item) do
unless can?(context.current_user, :read_project_security_dashboard, context.project) unless can?(context.current_user, :read_project_security_dashboard, context.project)
......
ee/spec/lib/ee/sidebars/projects/menus/security_compliance_menu_spec.rb
View file @ ffed5fe4
...@@ -10,44 +10,44 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do ...@@ -10,44 +10,44 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do
let(:show_discover_project_security) { true } let(:show_discover_project_security) { true }
let(:context) { Sidebars::Projects::Context.new(current_user: user, container: project, show_promotions: show_promotions, show_discover_project_security: show_discover_project_security) } let(:context) { Sidebars::Projects::Context.new(current_user: user, container: project, show_promotions: show_promotions, show_discover_project_security: show_discover_project_security) }
subject { described_class.new(context) } subject(:menu) { described_class.new(context) }
describe 'render?' do describe 'render?' do
context 'when user can access security and compliance' do subject { menu.render? }
it 'returns true' do
expect(subject.render?).to eq true
end
end
context 'when user cannot access security and compliance' do context 'when user is not authenticated' do
let(:user) { nil } let(:user) { nil }
context 'when show discover project security is enabled' do it { is_expected.to be_falsey }
it 'returns true' do end
expect(subject.render?).to eq true
context 'when user is authenticated' do
context 'when the Security & Compliance is disabled' do
before do
allow(Ability).to receive(:allowed?).with(user, :access_security_and_compliance, project).and_return(false)
end end
end
context 'when show discover project security is disabled' do it { is_expected.to be_falsey }
let(:show_discover_project_security) { false } end
it 'returns false' do context 'when the Security & Compliance is not disabled' do
expect(subject.render?).to eq false it { is_expected.to be_truthy }
end
end end
end end
end end
describe '#link' do describe '#link' do
let(:show_promotions) { false } let(:show_promotions) { false }
let(:show_discover_project_security) { false }
using RSpec::Parameterized::TableSyntax using RSpec::Parameterized::TableSyntax
where(:security_dashboard_feature, :audit_events_feature, :dependency_scanning_feature, :expected_link) do where(:security_dashboard_feature, :audit_events_feature, :dependency_scanning_feature, :show_discover_project_security, :expected_link) do
true | true | true | "/-/security/dashboard" true | true | true | false | "/-/security/dashboard"
false | true | true | "/-/audit_events" false | true | true | false | "/-/audit_events"
false | false | true | "/-/dependencies" false | false | true | false | "/-/dependencies"
false | false | false | "/-/security/configuration" false | false | true | true | "/-/security/discover"
false | false | false | false | "/-/security/configuration"
end end
with_them do with_them do
...@@ -61,9 +61,9 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do ...@@ -61,9 +61,9 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do
context 'when no security menu item and show promotions' do context 'when no security menu item and show promotions' do
let(:user) { nil } let(:user) { nil }
it 'returns the link to the discover security path', :aggregate_failures do it 'returns nil', :aggregate_failures do
expect(subject.renderable_items).to be_empty expect(subject.renderable_items).to be_empty
expect(subject.link).to eq("/#{project.full_path}/-/security/discover") expect(subject.link).to be_nil
end end
end end
end end
...@@ -94,6 +94,20 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do ...@@ -94,6 +94,20 @@ RSpec.describe Sidebars::Projects::Menus::SecurityComplianceMenu do
end end
end end
describe 'Discover Security & Compliance' do
let(:item_id) { :discover_project_security }
context 'when show_discover_project_security is true' do
it { is_expected.not_to be_nil }
end
context 'when show_discover_project_security is not true' do
let(:show_discover_project_security) { false }
it { is_expected.to be_nil }
end
end
describe 'Security Dashboard' do describe 'Security Dashboard' do
let(:item_id) { :dashboard } let(:item_id) { :dashboard }
......
ee/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb
View file @ ffed5fe4
...@@ -181,7 +181,7 @@ RSpec.describe 'layouts/nav/sidebar/_project' do ...@@ -181,7 +181,7 @@ RSpec.describe 'layouts/nav/sidebar/_project' do
end end
describe 'Security and Compliance' do describe 'Security and Compliance' do
describe 'when user does not have permissions' do context 'when user does not have permissions' do
before do before do
allow(view).to receive(:current_user).and_return(nil) allow(view).to receive(:current_user).and_return(nil)
end end
...@@ -191,16 +191,6 @@ RSpec.describe 'layouts/nav/sidebar/_project' do ...@@ -191,16 +191,6 @@ RSpec.describe 'layouts/nav/sidebar/_project' do
expect(rendered).not_to have_link('Security & Compliance', href: project_security_dashboard_index_path(project)) expect(rendered).not_to have_link('Security & Compliance', href: project_security_dashboard_index_path(project))
end end
context 'when user can see discover project security' do
it 'top level navigation link is visible and pointing to that page' do
allow(view).to receive(:show_discover_project_security?).and_return(true)
render
expect(rendered).to have_link('Security & Compliance', href: project_security_discover_path(project))
end
end
end end
context 'when user has permissions' do context 'when user has permissions' do
......
locale/gitlab.pot
View file @ ffed5fe4
...@@ -11579,6 +11579,9 @@ msgstr "" ...@@ -11579,6 +11579,9 @@ msgstr ""
msgid "DiscordService|Send notifications about project events to a Discord channel." msgid "DiscordService|Send notifications about project events to a Discord channel."
msgstr "" msgstr ""
msgid "Discover"
msgstr ""
msgid "Discover GitLab Geo" msgid "Discover GitLab Geo"
msgstr "" msgstr ""
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7