Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
72ff2e93
Commit
72ff2e93
authored
Feb 03, 2020
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Move security routes under - scope
Signed-off-by:
Dmitriy Zaporozhets
<
dmitriy.zaporozhets@gmail.com
>
parent
1bb1ce57
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
29 additions
and
24 deletions
+29
-24
changelogs/unreleased/dz-scope-security-routes.yml
changelogs/unreleased/dz-scope-security-routes.yml
+5
-0
config/routes/project.rb
config/routes/project.rb
+2
-1
ee/config/routes/project.rb
ee/config/routes/project.rb
+13
-18
ee/spec/presenters/merge_request_presenter_spec.rb
ee/spec/presenters/merge_request_presenter_spec.rb
+1
-1
ee/spec/routing/project_routing_spec.rb
ee/spec/routing/project_routing_spec.rb
+7
-3
ee/spec/serializers/merge_request_widget_entity_spec.rb
ee/spec/serializers/merge_request_widget_entity_spec.rb
+1
-1
No files found.
changelogs/unreleased/dz-scope-security-routes.yml
0 → 100644
View file @
72ff2e93
---
title
:
Move security routes under - scope
merge_request
:
24287
author
:
type
:
changed
config/routes/project.rb
View file @
72ff2e93
...
...
@@ -468,7 +468,8 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
:forks
,
:group_links
,
:import
,
:avatar
,
:mirror
,
:cycle_analytics
,
:mattermost
,
:variables
,
:triggers
,
:environments
,
:protected_environments
,
:error_tracking
,
:serverless
,
:clusters
,
:audit_events
,
:wikis
,
:merge_requests
)
:serverless
,
:clusters
,
:audit_events
,
:wikis
,
:merge_requests
,
:vulnerability_feedback
,
:security
,
:dependencies
)
end
# rubocop: disable Cop/PutProjectRoutesUnderScope
...
...
ee/config/routes/project.rb
View file @
72ff2e93
...
...
@@ -56,8 +56,6 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
resources
:subscriptions
,
only:
[
:create
,
:destroy
]
resources
:licenses
,
only:
[
:index
,
:create
,
:update
]
resource
:threat_monitoring
,
only:
[
:show
],
controller: :threat_monitoring
resources
:logs
,
only:
[
:index
]
do
...
...
@@ -79,6 +77,16 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
resources
:waf_anomalies
,
only:
[]
do
get
:summary
,
on: :collection
end
resources
:dashboard
,
only:
[
:show
,
:index
],
controller: :dashboard
resource
:configuration
,
only:
[
:show
],
controller: :configuration
resource
:discover
,
only:
[
:show
],
controller: :discover
resources
:vulnerability_findings
,
only:
[
:index
]
do
collection
do
get
:summary
end
end
end
namespace
:analytics
do
...
...
@@ -88,6 +96,9 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
resources
:approvers
,
only: :destroy
resources
:approver_groups
,
only: :destroy
resources
:push_rules
,
constraints:
{
id:
/\d+/
},
only:
[
:update
]
resources
:vulnerability_feedback
,
only:
[
:index
,
:create
,
:update
,
:destroy
],
constraints:
{
id:
/\d+/
}
resources
:dependencies
,
only:
[
:index
]
resources
:licenses
,
only:
[
:index
,
:create
,
:update
]
end
# End of the /-/ scope.
...
...
@@ -146,22 +157,6 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
post
:query
end
end
namespace
:security
do
resources
:dashboard
,
only:
[
:show
,
:index
],
controller: :dashboard
resource
:configuration
,
only:
[
:show
],
controller: :configuration
resource
:discover
,
only:
[
:show
],
controller: :discover
resources
:vulnerability_findings
,
only:
[
:index
]
do
collection
do
get
:summary
end
end
end
resources
:vulnerability_feedback
,
only:
[
:index
,
:create
,
:update
,
:destroy
],
constraints:
{
id:
/\d+/
}
resources
:dependencies
,
only:
[
:index
]
# All new routes should go under /-/ scope.
# Look for scope '-' at the top of the file.
# rubocop: enable Cop/PutProjectRoutesUnderScope
...
...
ee/spec/presenters/merge_request_presenter_spec.rb
View file @
72ff2e93
...
...
@@ -105,7 +105,7 @@ describe MergeRequestPresenter do
with_them
do
subject
{
described_class
.
new
(
merge_request
,
current_user:
user
).
public_send
(
create_feedback_path
,
merge_request
.
project
)
}
it
{
is_expected
.
to
eq
(
"/
#{
merge_request
.
project
.
full_path
}
/vulnerability_feedback"
)
}
it
{
is_expected
.
to
eq
(
"/
#{
merge_request
.
project
.
full_path
}
/
-/
vulnerability_feedback"
)
}
context
'when not allowed to create vulnerability feedback'
do
let
(
:unauthorized_user
)
{
create
(
:user
)
}
...
...
ee/spec/routing/project_routing_spec.rb
View file @
72ff2e93
...
...
@@ -12,15 +12,19 @@ describe 'EE-specific project routing' do
# project_vulnerability_feedback DELETE /:project_id/vulnerability_feedback/:id(.:format) projects/vulnerability_feedback#destroy
describe
Projects
::
VulnerabilityFeedbackController
,
'routing'
,
type: :routing
do
it
"to #index"
do
expect
(
get
(
"/gitlab/gitlabhq/vulnerability_feedback"
)).
to
route_to
(
'projects/vulnerability_feedback#index'
,
namespace_id:
'gitlab'
,
project_id:
'gitlabhq'
)
expect
(
get
(
"/gitlab/gitlabhq/
-/
vulnerability_feedback"
)).
to
route_to
(
'projects/vulnerability_feedback#index'
,
namespace_id:
'gitlab'
,
project_id:
'gitlabhq'
)
end
it
"to #create"
do
expect
(
post
(
"/gitlab/gitlabhq/vulnerability_feedback"
)).
to
route_to
(
'projects/vulnerability_feedback#create'
,
namespace_id:
'gitlab'
,
project_id:
'gitlabhq'
)
expect
(
post
(
"/gitlab/gitlabhq/
-/
vulnerability_feedback"
)).
to
route_to
(
'projects/vulnerability_feedback#create'
,
namespace_id:
'gitlab'
,
project_id:
'gitlabhq'
)
end
it
"to #destroy"
do
expect
(
delete
(
"/gitlab/gitlabhq/vulnerability_feedback/1"
)).
to
route_to
(
'projects/vulnerability_feedback#destroy'
,
namespace_id:
'gitlab'
,
project_id:
'gitlabhq'
,
id:
'1'
)
expect
(
delete
(
"/gitlab/gitlabhq/-/vulnerability_feedback/1"
)).
to
route_to
(
'projects/vulnerability_feedback#destroy'
,
namespace_id:
'gitlab'
,
project_id:
'gitlabhq'
,
id:
'1'
)
end
describe
'legacy routing'
do
it_behaves_like
'redirecting a legacy project path'
,
"/gitlab/gitlabhq/vulnerability_feedback"
,
"/gitlab/gitlabhq/-/vulnerability_feedback"
end
end
...
...
ee/spec/serializers/merge_request_widget_entity_spec.rb
View file @
72ff2e93
...
...
@@ -208,7 +208,7 @@ describe MergeRequestWidgetEntity do
it
'has vulnerability feedback paths'
do
expect
(
subject
.
as_json
[
:vulnerability_feedback_path
]).
to
eq
(
"/
#{
merge_request
.
project
.
full_path
}
/vulnerability_feedback"
"/
#{
merge_request
.
project
.
full_path
}
/
-/
vulnerability_feedback"
)
expect
(
subject
.
as_json
).
to
include
(
:create_vulnerability_feedback_issue_path
)
expect
(
subject
.
as_json
).
to
include
(
:create_vulnerability_feedback_merge_request_path
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment