Merge branch '10242-vuln-findings-api-with-fcv-feature-flag' into 'master'

Remove obsolete vulnerability_findings_api feature flag See merge request gitlab-org/gitlab!19935

Merge branch '10242-vuln-findings-api-with-fcv-feature-flag' into 'master'
Remove obsolete vulnerability_findings_api feature flag See merge request gitlab-org/gitlab!19935
1b47c8a6 · Dmitriy Zaporozhets · d3da41b3 · 43e07b91 · 1b47c8a6 · 1b47c8a6
Commit 1b47c8a6 authored Nov 14, 2019 by Dmitriy Zaporozhets
8 changed files
--- a/ee/app/controllers/groups/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/groups/security/vulnerabilities_controller.rb
@@ -10,7 +10,19 @@ class Groups::Security::VulnerabilitiesController < Groups::ApplicationControlle

  private

+  # See the table below to understand the relation between first_class_vulnerabilities feature state and
+  # Group Security Dashboard controller being used:
+  #
+  # | first_class_vulnerabilities | controller to use                     |
+  # |---------------------------- | ------------------------------------- |
+  # | enabled                     | groups/security/vulnerability_findings |
+  # | disabled                    | groups/security/vulnerabilities        |
+  #
+  # The reason is that when first_class_vulnerabilities is enabled, Vulnerabilities name is reserved for
+  # Standalone Vulnerabilities https://gitlab.com/gitlab-org/gitlab/issues/13561, and the entity that
+  # was previously returned by Vulnerabilities-named endpoints get the name of Vulnerability Findings.
+  # See also: https://gitlab.com/gitlab-org/gitlab/merge_requests/19029
  def vulnerabilities_action_enabled?
-    Feature.disabled?(:vulnerability_findings_api)
+    Feature.disabled?(:first_class_vulnerabilities)
  end
 end
--- a/ee/app/controllers/groups/security/vulnerability_findings_controller.rb
+++ b/ee/app/controllers/groups/security/vulnerability_findings_controller.rb
@@ -10,7 +10,19 @@ class Groups::Security::VulnerabilityFindingsController < Groups::ApplicationCon

  private

+  # See the table below to understand the relation between first_class_vulnerabilities feature state and
+  # Group Security Dashboard controller being used:
+  #
+  # | first_class_vulnerabilities | controller to use                     |
+  # |---------------------------- | ------------------------------------- |
+  # | enabled                     | groups/security/vulnerability_findings |
+  # | disabled                    | groups/security/vulnerabilities        |
+  #
+  # The reason is that when first_class_vulnerabilities is enabled, Vulnerabilities name is reserved for
+  # Standalone Vulnerabilities https://gitlab.com/gitlab-org/gitlab/issues/13561, and the entity that
+  # was previously returned by Vulnerabilities-named endpoints get the name of Vulnerability Findings.
+  # See also: https://gitlab.com/gitlab-org/gitlab/merge_requests/19029
  def vulnerabilities_action_enabled?
-    Feature.enabled?(:vulnerability_findings_api)
+    Feature.enabled?(:first_class_vulnerabilities)
  end
 end
--- a/ee/app/controllers/projects/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/projects/security/vulnerabilities_controller.rb
@@ -9,6 +9,18 @@ class Projects::Security::VulnerabilitiesController < Projects::ApplicationContr

  private

+  # See the table below to understand the relation between first_class_vulnerabilities feature state and
+  # Group Security Dashboard controller being used:
+  #
+  # | first_class_vulnerabilities | controller to use                        |
+  # |---------------------------- | ---------------------------------------- |
+  # | enabled                     | projects/security/vulnerability_findings |
+  # | disabled                    | projects/security/vulnerabilities        |
+  #
+  # The reason is that when first_class_vulnerabilities is enabled, Vulnerabilities name is reserved for
+  # Standalone Vulnerabilities https://gitlab.com/gitlab-org/gitlab/issues/13561, and the entity that
+  # was previously returned by Vulnerabilities-named endpoints get the name of Vulnerability Findings.
+  # See also: https://gitlab.com/gitlab-org/gitlab/merge_requests/19029
  def vulnerabilities_action_enabled?
    Feature.disabled?(:first_class_vulnerabilities)
  end

--- a/ee/app/controllers/projects/security/vulnerability_findings_controller.rb
+++ b/ee/app/controllers/projects/security/vulnerability_findings_controller.rb
@@ -9,6 +9,18 @@ class Projects::Security::VulnerabilityFindingsController < Projects::Applicatio

  private

+  # See the table below to understand the relation between first_class_vulnerabilities feature state and
+  # Group Security Dashboard controller being used:
+  #
+  # | first_class_vulnerabilities | controller to use                        |
+  # |---------------------------- | ---------------------------------------- |
+  # | enabled                     | projects/security/vulnerability_findings |
+  # | disabled                    | projects/security/vulnerabilities        |
+  #
+  # The reason is that when first_class_vulnerabilities is enabled, Vulnerabilities name is reserved for
+  # Standalone Vulnerabilities https://gitlab.com/gitlab-org/gitlab/issues/13561, and the entity that
+  # was previously returned by Vulnerabilities-named endpoints get the name of Vulnerability Findings.
+  # See also: https://gitlab.com/gitlab-org/gitlab/merge_requests/19029
  def vulnerabilities_action_enabled?
    Feature.enabled?(:first_class_vulnerabilities)
  end

--- a/ee/app/helpers/ee/groups_helper.rb
+++ b/ee/app/helpers/ee/groups_helper.rb
@@ -62,7 +62,7 @@ module EE

    def group_vulnerabilities_endpoint_path(group)
      params = group_path_params(group)
-      if ::Feature.enabled?(:vulnerability_findings_api)
+      if ::Feature.enabled?(:first_class_vulnerabilities)
        group_security_vulnerability_findings_path(params)
      else
        group_security_vulnerabilities_path(params)
@@ -71,7 +71,7 @@ module EE

    def group_vulnerabilities_summary_endpoint_path(group)
      params = group_path_params(group)
-      if ::Feature.enabled?(:vulnerability_findings_api)
+      if ::Feature.enabled?(:first_class_vulnerabilities)
        summary_group_security_vulnerability_findings_path(params)
      else
        summary_group_security_vulnerabilities_path(params)
@@ -80,7 +80,7 @@ module EE

    def group_vulnerabilities_history_endpoint_path(group)
      params = group_path_params(group)
-      if ::Feature.enabled?(:vulnerability_findings_api)
+      if ::Feature.enabled?(:first_class_vulnerabilities)
        history_group_security_vulnerability_findings_path(params)
      else
        history_group_security_vulnerabilities_path(params)

--- a/ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
+++ b/ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
@@ -24,7 +24,7 @@ describe Groups::Security::VulnerabilitiesController do

  context 'when new Vulnerability Findings API is disabled' do
    before do
-      stub_feature_flags(vulnerability_findings_api: false)
+      stub_feature_flags(first_class_vulnerabilities: false)
    end

    # when new Vulnerability Findings API is disabled, we fall back to this controller

--- a/ee/spec/controllers/groups/security/vulnerability_findings_controller_spec.rb
+++ b/ee/spec/controllers/groups/security/vulnerability_findings_controller_spec.rb
@@ -23,7 +23,7 @@ describe Groups::Security::VulnerabilityFindingsController do

  context 'when new Vulnerability Findings API is disabled' do
    before do
-      stub_feature_flags(vulnerability_findings_api: false)
+      stub_feature_flags(first_class_vulnerabilities: false)
    end

    # when new Vulnerability Findings API is disabled, this controller is disabled as well

--- a/ee/spec/helpers/ee/groups_helper_spec.rb
+++ b/ee/spec/helpers/ee/groups_helper_spec.rb
@@ -61,7 +61,7 @@ describe GroupsHelper do

  context 'when new Vulnerability Findings API disabled' do
    before do
-      stub_feature_flags(vulnerability_findings_api: false)
+      stub_feature_flags(first_class_vulnerabilities: false)
    end

    it 'returns legacy "vulnerabilities" endpoint paths' do