Fix feature flag check for security policy project

This change fixes a bug due to checking feature flag for the newly created security policy project rather than the target project. EE: true Changelog: fixed

Fix feature flag check for security policy project
This change fixes a bug due to checking feature flag for the newly created security policy project rather than the target project. EE: true Changelog: fixed
4b5da3c2 · Sashi Kumar Kumaresan · Alex Kalderimis · ea72d0ff · 4b5da3c2 · 4b5da3c2
Commit 4b5da3c2 authored Aug 09, 2021 by Sashi Kumar Kumaresan Committed by Alex Kalderimis Aug 09, 2021
Showing with 17 additions and 7 deletions

ee/app/services/ee/projects/create_service.rb ee/app/services/ee/projects/create_service.rb +5 -5

ee/spec/services/projects/create_service_spec.rb ee/spec/services/projects/create_service_spec.rb +12 -2

No files found.
--- a/ee/app/services/ee/projects/create_service.rb
+++ b/ee/app/services/ee/projects/create_service.rb
@@ -55,18 +55,18 @@ module EE
      override :after_create_actions
      def after_create_actions
        super do
-          create_security_policy_configuration if security_policy_target_project?
+          create_security_policy_configuration_if_exists
        end

        create_predefined_push_rule
      end

-      def security_policy_target_project?
-        security_policy_target_project_id && ::Feature.enabled?(:security_orchestration_policies_configuration, project)
-      end
+      def create_security_policy_configuration_if_exists
+        return unless security_policy_target_project_id.present?

-      def create_security_policy_configuration
        if (security_policy_target_project = ::Project.find(security_policy_target_project_id))
+          return unless ::Feature.enabled?(:security_orchestration_policies_configuration, security_policy_target_project)
+
          ::Security::Orchestration::AssignService
            .new(security_policy_target_project, current_user, policy_project_id: project.id)
            .execute

--- a/ee/spec/services/projects/create_service_spec.rb
+++ b/ee/spec/services/projects/create_service_spec.rb
@@ -367,7 +367,7 @@ RSpec.describe Projects::CreateService, '#execute' do
      stub_feature_flags(security_orchestration_policies_configuration: feature_enabled)
    end

-    context 'when feature flag is enabled' do
+    context 'when feature flag is enabled globally' do
      let_it_be(:feature_enabled) { true }

      it 'creates security policy configuration for the project' do
@@ -377,7 +377,7 @@ RSpec.describe Projects::CreateService, '#execute' do
      end
    end

-    context 'when feature flag is disabled' do
+    context 'when feature flag is disabled globally' do
      let_it_be(:feature_enabled) { false }

      it 'does not create security policy configuration' do
@@ -386,6 +386,16 @@ RSpec.describe Projects::CreateService, '#execute' do
        create_project(user, opts)
      end
    end
+
+    context 'when feature flag is enabled only for target project' do
+      let_it_be(:feature_enabled) { security_policy_target_project }
+
+      it 'creates security policy configuration' do
+        expect(::Security::Orchestration::AssignService).to receive_message_chain(:new, :execute)
+
+        create_project(user, opts)
+      end
+    end
  end

  def create_project(user, opts)