Only grant access to Admin Audit Log when feature available

Only when the license allows Admin Audit Log, show the Audit Log button on the Admin page and make it possible to visit that page (return 404 otherwise).

Only grant access to Admin Audit Log when feature available
Only when the license allows Admin Audit Log, show the Audit Log button on the Admin page and make it possible to visit that page (return 404 otherwise).
4b6ac32f · Toon Claes · Toon Claes · e40addab · 4b6ac32f · 4b6ac32f
Commit 4b6ac32f authored Jul 03, 2017 by Toon Claes Committed by Toon Claes Jul 13, 2017
4 changed files
--- a/app/controllers/admin/audit_logs_controller.rb
+++ b/app/controllers/admin/audit_logs_controller.rb
 class Admin::AuditLogsController < Admin::ApplicationController
+  before_action :check_license_admin_audit_log_available!
+
  def index
    @events = LogFinder.new(audit_logs_params).execute
    @entity = case audit_logs_params[:event_type]
@@ -16,4 +18,8 @@ class Admin::AuditLogsController < Admin::ApplicationController
  def audit_logs_params
    params.permit(:page, :event_type, :user_id, :project_id, :group_id)
  end
+
+  def check_license_admin_audit_log_available!
+    render_404 unless License.feature_available?(:admin_audit_log)
+  end
 end
--- a/app/views/admin/monitoring/_head.html.haml
+++ b/app/views/admin/monitoring/_head.html.haml
@@ -27,7 +27,4 @@
          = link_to admin_requests_profiles_path, title: 'Requests Profiles' do
            %span
              Requests Profiles
-        = nav_link path: 'audit_logs#index' do
-          = link_to admin_audit_logs_path, title: 'Audit Log' do
-            %span
-              Audit Log
+        = render 'admin/monitoring/ee/nav'
--- a/app/views/admin/monitoring/ee/_nav.html.haml
+++ b/app/views/admin/monitoring/ee/_nav.html.haml
+- if License.feature_available?(:admin_audit_log)
+  = nav_link path: 'audit_logs#index' do
+    = link_to admin_audit_logs_path, title: 'Audit Log' do
+      %span
+        Audit Log
--- a/spec/features/admin/admin_audit_logs_spec.rb
+++ b/spec/features/admin/admin_audit_logs_spec.rb
@@ -9,6 +9,29 @@ describe 'Admin::AuditLogs', feature: true, js: true do
    sign_in(create(:admin))
  end

+  context 'unlicensed' do
+    before do
+      stub_licensed_features(admin_audit_log: false)
+    end
+
+    it 'returns 404' do
+      visit admin_audit_logs_path
+
+      expect(page.status_code).to eq(404)
+    end
+  end
+
+  context 'licensed' do
+    before do
+      stub_licensed_features(admin_audit_log: true)
+    end
+
+    it 'has Audit Log button in head nav bar' do
+      visit admin_audit_logs_path
+
+      expect(page).to have_link('Audit Log', href: admin_audit_logs_path)
+    end
+
    describe 'user events' do
      before do
        AuditEventService.new(user, user, with: :ldap)
@@ -80,6 +103,7 @@ describe 'Admin::AuditLogs', feature: true, js: true do
        expect(page).to have_content('Removed user access')
      end
    end
+  end

  def filter_by_type(type)
    click_button 'Events'