Commit 06debdcf authored by Miguel Rincon's avatar Miguel Rincon

Merge branch '247935-update-dast-profiles-routes-create-routes' into 'master'

Create new DAST profiles routes

Closes #247935

See merge request gitlab-org/gitlab!42600
parents 5ee505e4 b7c2645a
import initDastProfiles from 'ee/dast_profiles/dast_profiles_bundle';
document.addEventListener('DOMContentLoaded', initDastProfiles);
import initDastScannerProfileForm from 'ee/dast_scanner_profiles/dast_scanner_profiles_bundle';
document.addEventListener('DOMContentLoaded', initDastScannerProfileForm);
import initDastScannerProfileForm from 'ee/dast_scanner_profiles/dast_scanner_profiles_bundle';
document.addEventListener('DOMContentLoaded', initDastScannerProfileForm);
import initDastSiteProfileForm from 'ee/dast_site_profiles_form';
document.addEventListener('DOMContentLoaded', initDastSiteProfileForm);
import initDastSiteProfileForm from 'ee/dast_site_profiles_form';
document.addEventListener('DOMContentLoaded', initDastSiteProfileForm);
...@@ -7,7 +7,7 @@ module Projects ...@@ -7,7 +7,7 @@ module Projects
push_frontend_feature_flag(:security_on_demand_scans_scanner_profiles, project, default_enabled: true) push_frontend_feature_flag(:security_on_demand_scans_scanner_profiles, project, default_enabled: true)
end end
def index def show
end end
end end
end end
# frozen_string_literal: true
module Projects
module Security
class DastProfilesController < Projects::ApplicationController
before_action :authorize_read_on_demand_scans!
before_action do
push_frontend_feature_flag(:security_on_demand_scans_scanner_profiles, project, default_enabled: true)
end
def show
end
end
end
end
# frozen_string_literal: true
module Projects
module Security
class DastScannerProfilesController < Projects::ApplicationController
before_action :authorize_read_on_demand_scans!
def new
end
def edit
@scanner_profile = @project
.dast_scanner_profiles
.find(params[:id])
end
end
end
end
# frozen_string_literal: true
module Projects
module Security
class DastSiteProfilesController < Projects::ApplicationController
before_action do
authorize_read_on_demand_scans!
push_frontend_feature_flag(:security_on_demand_scans_site_validation, @project)
end
def new
end
def edit
@site_profile = DastSiteProfilesFinder.new(project_id: @project.id, id: params[:id]).execute.first! # rubocop: disable CodeReuse/ActiveRecord
end
end
end
end
- add_to_breadcrumbs _('Security Configuration'), project_security_configuration_path(@project)
- breadcrumb_title s_('DastProfiles|Manage profiles')
- page_title s_('DastProfiles|Manage profiles')
.js-dast-profiles{ data: { new_dast_site_profile_path: new_project_security_configuration_dast_profiles_dast_site_profile_path(@project),
new_dast_scanner_profile_path: new_project_security_configuration_dast_profiles_dast_scanner_profile_path(@project),
project_full_path: @project.path_with_namespace } }
- add_to_breadcrumbs _('Security Configuration'), project_security_configuration_path(@project)
- add_to_breadcrumbs s_('DastProfiles|Manage profiles'), project_security_configuration_dast_profiles_path(@project, anchor: 'scanner-profiles')
- breadcrumb_title s_('DastProfiles|Edit scanner profile')
- page_title s_('DastProfiles|Edit scanner profile')
.js-dast-scanner-profile-form{ data: { project_full_path: @project.path_with_namespace,
profiles_library_path: project_security_configuration_dast_profiles_path(@project, anchor: 'scanner-profiles'),
scanner_profile: { id: @scanner_profile.to_global_id.to_s, name: @scanner_profile.name, spider_timeout: @scanner_profile.spider_timeout, target_timeout: @scanner_profile.target_timeout }.to_json } }
- add_to_breadcrumbs _('Security Configuration'), project_security_configuration_path(@project)
- add_to_breadcrumbs s_('DastProfiles|Manage profiles'), project_security_configuration_dast_profiles_path(@project, anchor: 'scanner-profiles')
- breadcrumb_title s_('DastProfiles|New scanner profile')
- page_title s_('DastProfiles|New scanner profile')
.js-dast-scanner-profile-form{ data: { project_full_path: @project.path_with_namespace,
profiles_library_path: project_security_configuration_dast_profiles_path(@project, anchor: 'scanner-profiles') } }
- add_to_breadcrumbs _('Security Configuration'), project_security_configuration_path(@project)
- add_to_breadcrumbs s_('DastProfiles|Manage profiles'), project_security_configuration_dast_profiles_path(@project, anchor: 'site-profiles')
- breadcrumb_title s_('DastProfiles|Edit site profile')
- page_title s_('DastProfiles|Edit site profile')
.js-dast-site-profile-form{ data: { full_path: @project.path_with_namespace,
profiles_library_path: project_security_configuration_dast_profiles_path(@project, anchor: 'site-profiles'),
site_profile: { id: @site_profile.to_global_id.to_s, name: @site_profile.name, target_url: @site_profile.dast_site.url }.to_json } }
- add_to_breadcrumbs _('Security Configuration'), project_security_configuration_path(@project)
- add_to_breadcrumbs s_('DastProfiles|Manage profiles'), project_security_configuration_dast_profiles_path(@project, anchor: 'site-profiles')
- breadcrumb_title s_('DastProfiles|New site profile')
- page_title s_('DastProfiles|New site profile')
.js-dast-site-profile-form{ data: { full_path: @project.path_with_namespace,
profiles_library_path: project_security_configuration_dast_profiles_path(@project, anchor: 'site-profiles') } }
...@@ -59,6 +59,10 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do ...@@ -59,6 +59,10 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
resource :configuration, only: [:show], controller: :configuration do resource :configuration, only: [:show], controller: :configuration do
post :auto_fix, on: :collection post :auto_fix, on: :collection
resource :sast, only: [:show, :create], controller: :sast_configuration resource :sast, only: [:show, :create], controller: :sast_configuration
resource :dast_profiles, only: [:show], controller: :dast_profiles do
resources :dast_site_profiles, only: [:new, :edit]
resources :dast_scanner_profiles, only: [:new, :edit]
end
end end
resource :discover, only: [:show], controller: :discover resource :discover, only: [:show], controller: :discover
...@@ -93,7 +97,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do ...@@ -93,7 +97,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
scope :on_demand_scans do scope :on_demand_scans do
root 'on_demand_scans#index', as: 'on_demand_scans' root 'on_demand_scans#index', as: 'on_demand_scans'
scope :profiles do scope :profiles do
root 'dast_profiles#index', as: 'profiles' root 'dast_profiles#show', as: 'profiles'
resources :dast_site_profiles, only: [:new, :edit] resources :dast_site_profiles, only: [:new, :edit]
resources :dast_scanner_profiles, only: [:new, :edit] resources :dast_scanner_profiles, only: [:new, :edit]
end end
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Projects::Security::DastProfilesController, type: :request do
let(:project) { create(:project) }
let(:user) { create(:user) }
describe 'GET #index' do
context 'feature available' do
before do
stub_feature_flags(security_on_demand_scans_feature_flag: true)
stub_licensed_features(security_on_demand_scans: true)
end
context 'user authorized' do
before do
project.add_developer(user)
login_as(user)
end
it 'can access page' do
get project_security_configuration_dast_profiles_path(project)
expect(response).to have_gitlab_http_status(:ok)
end
end
context 'user not authorized' do
before do
project.add_guest(user)
login_as(user)
end
it 'sees a 404 error' do
get project_security_configuration_dast_profiles_path(project)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'feature not available' do
before do
project.add_developer(user)
login_as(user)
end
context 'feature flag is disabled' do
it 'sees a 404 error' do
stub_feature_flags(security_on_demand_scans_feature_flag: false)
stub_licensed_features(security_on_demand_scans: true)
get project_security_configuration_dast_profiles_path(project)
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'license doesnt\'t support the feature' do
it 'sees a 404 error' do
stub_feature_flags(security_on_demand_scans_feature_flag: true)
stub_licensed_features(security_on_demand_scans: false)
get project_security_configuration_dast_profiles_path(project)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Projects::Security::DastScannerProfilesController, type: :request do
let_it_be(:project) { create(:project) }
let_it_be(:user) { create(:user) }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
shared_context 'on-demand scans feature available' do
before do
stub_feature_flags(security_on_demand_scans_feature_flag: true)
stub_licensed_features(security_on_demand_scans: true)
end
end
shared_context 'user authorized' do
before(:all) do
project.add_developer(user)
end
before do
login_as(user)
end
end
shared_examples 'a GET request' do
context 'feature available' do
include_context 'on-demand scans feature available'
context 'user authorized' do
include_context 'user authorized'
it 'can access page' do
get path
expect(response).to have_gitlab_http_status(:ok)
end
end
context 'user not authorized' do
before do
project.add_guest(user)
login_as(user)
end
it 'sees a 404 error' do
get path
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'feature not available' do
using RSpec::Parameterized::TableSyntax
include_context 'user authorized'
where(:feature_flag_enabled, :license_support) do
false | true
true | false
end
with_them do
it 'sees a 404 error' do
stub_feature_flags(security_on_demand_scans_feature_flag: feature_flag_enabled)
stub_licensed_features(security_on_demand_scans: license_support)
get path
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
end
describe 'GET #new' do
it_behaves_like 'a GET request' do
let(:path) { new_project_security_configuration_dast_profiles_dast_scanner_profile_path(project) }
end
end
describe 'GET #edit' do
include_context 'user authorized'
include_context 'on-demand scans feature available'
let(:edit_path) { edit_project_security_configuration_dast_profiles_dast_scanner_profile_path(project, dast_scanner_profile) }
it_behaves_like 'a GET request' do
let(:path) { edit_path }
end
it 'sets scanner_profile' do
get edit_path
expect(assigns(:scanner_profile)).to eq(dast_scanner_profile)
end
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Projects::Security::DastSiteProfilesController, type: :request do
let(:project) { create(:project) }
let(:user) { create(:user) }
let(:dast_site_profile) { create(:dast_site_profile, project: project) }
def with_feature_available
stub_feature_flags(security_on_demand_scans_feature_flag: true)
stub_licensed_features(security_on_demand_scans: true)
end
def with_user_authorized
project.add_developer(user)
login_as(user)
end
shared_examples 'a GET request' do
context 'feature available' do
before do
with_feature_available
end
context 'user authorized' do
before do
with_user_authorized
end
it 'can access page' do
get path
expect(response).to have_gitlab_http_status(:ok)
end
end
context 'user not authorized' do
before do
project.add_guest(user)
login_as(user)
end
it 'sees a 404 error' do
get path
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'feature not available' do
before do
with_user_authorized
end
context 'feature flag is disabled' do
it 'sees a 404 error' do
stub_feature_flags(security_on_demand_scans_feature_flag: false)
stub_licensed_features(security_on_demand_scans: true)
get path
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'license doesnt\'t support the feature' do
it 'sees a 404 error' do
stub_feature_flags(security_on_demand_scans_feature_flag: true)
stub_licensed_features(security_on_demand_scans: false)
get path
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
end
describe 'GET #new' do
it_behaves_like 'a GET request' do
let(:path) { new_project_security_configuration_dast_profiles_dast_site_profile_path(project) }
end
end
describe 'GET #edit' do
let(:edit_path) { edit_project_security_configuration_dast_profiles_dast_site_profile_path(project, dast_site_profile) }
it_behaves_like 'a GET request' do
let(:path) { edit_path }
end
end
end
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe "projects/dast_profiles/index", type: :view do RSpec.describe "projects/dast_profiles/show", type: :view do
before do before do
@project = create(:project) @project = create(:project)
render render
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe "projects/security/dast_profiles/show", type: :view do
before do
@project = create(:project)
render
end
it 'renders Vue app root' do
expect(rendered).to have_selector('.js-dast-profiles')
end
it 'passes new dast site profile path' do
expect(rendered).to include '/security/configuration/dast_profiles/dast_site_profiles/new'
end
it 'passes new dast scanner profile path' do
expect(rendered).to include '/security/configuration/dast_profiles/dast_scanner_profiles/new'
end
it 'passes project\'s full path' do
expect(rendered).to include @project.path_with_namespace
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe "projects/security/dast_scanner_profiles/edit", type: :view do
let_it_be(:scanner_profile) { create(:dast_scanner_profile) }
let_it_be(:scanner_profile_gid) { ::URI::GID.parse("gid://gitlab/DastScannerProfile/#{scanner_profile.id}") }
before do
assign(:project, scanner_profile.project)
assign(:scanner_profile, scanner_profile)
assign(:scanner_profile_gid, scanner_profile_gid)
render
end
it 'renders Vue app root' do
expect(rendered).to have_selector('.js-dast-scanner-profile-form')
end
it 'passes project\'s full path' do
expect(rendered).to include scanner_profile.project.path_with_namespace
end
it 'passes DAST profiles library URL' do
expect(rendered).to include '/security/configuration/dast_profiles'
end
it 'passes DAST scanner profile\'s data' do
expect(rendered).to include scanner_profile_gid.to_s
expect(rendered).to include scanner_profile.name
expect(rendered).to include scanner_profile.spider_timeout.to_s
expect(rendered).to include scanner_profile.target_timeout.to_s
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe "projects/security/dast_scanner_profiles/new", type: :view do
before do
@project = create(:project)
render
end
it 'renders Vue app root' do
expect(rendered).to have_selector('.js-dast-scanner-profile-form')
end
it 'passes project\'s full path' do
expect(rendered).to include @project.path_with_namespace
end
it 'passes DAST profiles library URL' do
expect(rendered).to include '/security/configuration/dast_profiles#scanner-profiles'
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe "projects/security/dast_site_profiles/edit", type: :view do
let_it_be(:site_profile) { create(:dast_site_profile) }
let_it_be(:site_profile_gid) { ::URI::GID.parse("gid://gitlab/DastSiteProfile/#{site_profile.id}") }
before do
assign(:project, site_profile.project)
assign(:site_profile, site_profile)
assign(:site_profile_gid, site_profile_gid)
render
end
it 'renders Vue app root' do
expect(rendered).to have_selector('.js-dast-site-profile-form')
end
it 'passes project\'s full path' do
expect(rendered).to include site_profile.project.path_with_namespace
end
it 'passes DAST profiles library URL' do
expect(rendered).to include '/security/configuration/dast_profiles#site-profiles'
end
it 'passes DAST site profile\'s data' do
expect(rendered).to include site_profile_gid.to_s
expect(rendered).to include site_profile.name
expect(rendered).to include site_profile.dast_site.url
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe "projects/security/dast_site_profiles/new", type: :view do
before do
@project = create(:project)
render
end
it 'renders Vue app root' do
expect(rendered).to have_selector('.js-dast-site-profile-form')
end
it 'passes project\'s full path' do
expect(rendered).to include @project.path_with_namespace
end
it 'passes DAST profiles library URL' do
expect(rendered).to include '/security/configuration/dast_profiles#site-profiles'
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment