Commit 1abcc9de authored by Mark Florian's avatar Mark Florian Committed by Shinya Maeda

Add placeholder SAST Configration page

Part of [New SAST Config UI Page - Basic SAST Wide Settings][1].

Behind feature flag `sast_configuration_ui` (disabled by default).

[1]: https://gitlab.com/gitlab-org/gitlab/-/issues/220577
parent 501b56ec
# frozen_string_literal: true
module Projects
module Security
class SastConfigurationController < Projects::ApplicationController
include SecurityDashboardsPermissions
alias_method :vulnerable, :project
before_action :ensure_sast_configuration_enabled!
def show
end
private
def ensure_sast_configuration_enabled!
not_found unless ::Feature.enabled?(:sast_configuration_ui, project)
end
end
end
end
......@@ -145,6 +145,7 @@ module EE
def sidebar_security_paths
%w[
projects/security/configuration#show
projects/security/sast_configuration#show
projects/security/vulnerabilities#show
projects/security/dashboard#index
projects/on_demand_scans#index
......
......@@ -42,7 +42,7 @@
%span= _('Threat Monitoring')
- if project_nav_tab?(:security_configuration)
= nav_link(path: 'projects/security/configuration#show') do
= nav_link(path: ['projects/security/configuration#show', 'projects/security/sast_configuration#show']) do
= link_to project_security_configuration_path(@project), title: _('Configuration'), data: { qa_selector: 'security_configuration_link'} do
%span= _('Configuration')
......
- add_to_breadcrumbs _("Security Configuration"), project_security_configuration_path(@project)
- breadcrumb_title _("SAST Configuration")
- page_title _("SAST Configuration")
.js-sast-configuration
......@@ -67,6 +67,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
resource :configuration, only: [:show], controller: :configuration do
post :auto_fix, on: :collection
resource :sast, only: [:show], controller: :sast_configuration
end
resource :discover, only: [:show], controller: :discover
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Projects::Security::SastConfigurationController do
let_it_be(:group) { create(:group) }
let_it_be(:project) { create(:project, namespace: group) }
let_it_be(:developer) { create(:user) }
let_it_be(:guest) { create(:user) }
before_all do
group.add_developer(developer)
group.add_guest(guest)
end
describe 'GET #show' do
subject(:request) { get :show, params: { namespace_id: project.namespace, project_id: project } }
render_views
it_behaves_like SecurityDashboardsPermissions do
let(:vulnerable) { project }
let(:security_dashboard_action) { request }
end
context 'with authorized user' do
before do
stub_licensed_features(security_dashboard: true)
sign_in(developer)
end
it 'renders the show template' do
request
expect(response).to have_gitlab_http_status(:ok)
expect(response).to render_template(:show)
end
it 'renders the side navigation with the correct submenu set as active' do
request
expect(response.body).to have_active_sub_navigation('Configuration')
end
context 'with feature flag disabled' do
before do
stub_feature_flags(sast_configuration_ui: false)
end
it 'returns a 404 for an HTML request' do
request
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'with unauthorized user' do
before do
stub_licensed_features(security_dashboard: true)
sign_in(guest)
end
it 'returns a 403' do
request
expect(response).to have_gitlab_http_status(:forbidden)
end
end
end
end
......@@ -142,6 +142,7 @@ RSpec.describe ProjectsHelper do
let(:expected_security_paths) do
%w[
projects/security/configuration#show
projects/security/sast_configuration#show
projects/security/vulnerabilities#show
projects/security/dashboard#index
projects/on_demand_scans#index
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe "projects/security/sast_configuration/show", type: :view do
before do
@project = create(:project)
render
end
it 'renders Vue app root' do
expect(rendered).to have_selector('.js-sast-configuration')
end
end
......@@ -19859,6 +19859,9 @@ msgstr ""
msgid "SAML for %{group_name}"
msgstr ""
msgid "SAST Configuration"
msgstr ""
msgid "SHA256"
msgstr ""
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment