Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
766aaaf3
Commit
766aaaf3
authored
Jan 22, 2021
by
Fernando Arias
Committed by
Mark Florian
Jan 22, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
First pass at bootstraping corpus management
Addresses
https://gitlab.com/gitlab-org/gitlab/-/issues/294425
.
parent
e35cc79a
Changes
12
Show whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
256 additions
and
0 deletions
+256
-0
ee/app/assets/javascripts/security_configuration/corpus_management/components/corpus_management.vue
...ration/corpus_management/components/corpus_management.vue
+14
-0
ee/app/assets/javascripts/security_configuration/corpus_management/corpus_management_bundle.js
...nfiguration/corpus_management/corpus_management_bundle.js
+27
-0
ee/app/controllers/projects/security/corpus_management_controller.rb
...rollers/projects/security/corpus_management_controller.rb
+17
-0
ee/app/policies/ee/project_policy.rb
ee/app/policies/ee/project_policy.rb
+9
-0
ee/app/views/projects/security/corpus_management/show.html.haml
.../views/projects/security/corpus_management/show.html.haml
+5
-0
ee/config/feature_flags/development/corpus_management.yml
ee/config/feature_flags/development/corpus_management.yml
+8
-0
ee/config/routes/project.rb
ee/config/routes/project.rb
+1
-0
ee/spec/frontend/security_configuration/corpus_management/corpus_management_spec.js
...configuration/corpus_management/corpus_management_spec.js
+31
-0
ee/spec/policies/project_policy_spec.rb
ee/spec/policies/project_policy_spec.rb
+62
-0
ee/spec/requests/projects/security/corpus_management_controller_spec.rb
...ts/projects/security/corpus_management_controller_spec.rb
+61
-0
ee/spec/views/projects/security/corpus_management/show.html.haml_spec.rb
...rojects/security/corpus_management/show.html.haml_spec.rb
+18
-0
locale/gitlab.pot
locale/gitlab.pot
+3
-0
No files found.
ee/app/assets/javascripts/security_configuration/corpus_management/components/corpus_management.vue
0 → 100644
View file @
766aaaf3
<
script
>
export
default
{
props
:
{
projectFullPath
:
{
type
:
String
,
required
:
true
,
},
},
};
</
script
>
<
template
>
<span></span>
</
template
>
ee/app/assets/javascripts/security_configuration/corpus_management/corpus_management_bundle.js
0 → 100644
View file @
766aaaf3
import
Vue
from
'
vue
'
;
import
CorpusManagement
from
'
./components/corpus_management.vue
'
;
export
default
()
=>
{
const
el
=
document
.
querySelector
(
'
.js-corpus-management
'
);
if
(
!
el
)
{
return
undefined
;
}
const
{
dataset
:
{
projectFullPath
},
}
=
el
;
const
props
=
{
projectFullPath
,
};
return
new
Vue
({
el
,
render
(
h
)
{
return
h
(
CorpusManagement
,
{
props
,
});
},
});
};
ee/app/controllers/projects/security/corpus_management_controller.rb
0 → 100644
View file @
766aaaf3
# frozen_string_literal: true
module
Projects
module
Security
class
CorpusManagementController
<
Projects
::
ApplicationController
before_action
do
render_404
unless
Feature
.
enabled?
(
:corpus_management
,
@project
,
default_enabled: :yaml
)
authorize_read_coverage_fuzzing!
end
feature_category
:fuzz_testing
def
show
end
end
end
end
ee/app/policies/ee/project_policy.rb
View file @
766aaaf3
...
@@ -116,6 +116,11 @@ module EE
...
@@ -116,6 +116,11 @@ module EE
@subject
.
feature_available?
(
:security_dashboard
)
@subject
.
feature_available?
(
:security_dashboard
)
end
end
with_scope
:subject
condition
(
:coverage_fuzzing_enabled
)
do
@subject
.
feature_available?
(
:coverage_fuzzing
)
end
with_scope
:subject
with_scope
:subject
condition
(
:on_demand_scans_enabled
)
do
condition
(
:on_demand_scans_enabled
)
do
@subject
.
feature_available?
(
:security_on_demand_scans
)
@subject
.
feature_available?
(
:security_on_demand_scans
)
...
@@ -214,6 +219,10 @@ module EE
...
@@ -214,6 +219,10 @@ module EE
enable
:read_vulnerability_scanner
enable
:read_vulnerability_scanner
end
end
rule
{
coverage_fuzzing_enabled
&
can?
(
:developer_access
)
}.
policy
do
enable
:read_coverage_fuzzing
end
rule
{
on_demand_scans_enabled
&
can?
(
:developer_access
)
}.
policy
do
rule
{
on_demand_scans_enabled
&
can?
(
:developer_access
)
}.
policy
do
enable
:read_on_demand_scans
enable
:read_on_demand_scans
enable
:create_on_demand_dast_scan
enable
:create_on_demand_dast_scan
...
...
ee/app/views/projects/security/corpus_management/show.html.haml
0 → 100644
View file @
766aaaf3
-
add_to_breadcrumbs
_
(
'Security Configuration'
),
project_security_configuration_path
(
@project
)
-
breadcrumb_title
s_
(
'CorpusManagement|Fuzz testing corpus management'
)
-
page_title
s_
(
'CorpusManagement|Fuzz testing corpus management'
)
.js-corpus-management
{
data:
{
project_full_path:
@project
.
full_path
}
}
ee/config/feature_flags/development/corpus_management.yml
0 → 100644
View file @
766aaaf3
---
name
:
corpus_management
introduced_by_url
:
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/51589
rollout_issue_url
:
milestone
:
'
13.9'
type
:
development
group
:
group::fuzz testing
default_enabled
:
false
ee/config/routes/project.rb
View file @
766aaaf3
...
@@ -65,6 +65,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
...
@@ -65,6 +65,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
resource
:configuration
,
only:
[
:show
],
controller: :configuration
do
resource
:configuration
,
only:
[
:show
],
controller: :configuration
do
post
:auto_fix
,
on: :collection
post
:auto_fix
,
on: :collection
resource
:corpus_management
,
only:
[
:show
],
controller: :corpus_management
resource
:sast
,
only:
[
:show
,
:create
],
controller: :sast_configuration
resource
:sast
,
only:
[
:show
,
:create
],
controller: :sast_configuration
resource
:dast_profiles
,
only:
[
:show
]
do
resource
:dast_profiles
,
only:
[
:show
]
do
resources
:dast_site_profiles
,
only:
[
:new
,
:edit
]
resources
:dast_site_profiles
,
only:
[
:new
,
:edit
]
...
...
ee/spec/frontend/security_configuration/corpus_management/corpus_management_spec.js
0 → 100644
View file @
766aaaf3
import
{
shallowMount
}
from
'
@vue/test-utils
'
;
import
CorpusManagement
from
'
ee/security_configuration/corpus_management/components/corpus_management.vue
'
;
const
TEST_PROJECT_FULL_PATH
=
'
/namespace/project
'
;
describe
(
'
EE - CorpusManagement
'
,
()
=>
{
let
wrapper
;
const
createComponentFactory
=
(
mountFn
=
shallowMount
)
=>
(
options
=
{})
=>
{
const
defaultProps
=
{
projectFullPath
:
TEST_PROJECT_FULL_PATH
,
};
wrapper
=
mountFn
(
CorpusManagement
,
{
propsData
:
defaultProps
,
...
options
,
});
};
const
createComponent
=
createComponentFactory
();
afterEach
(()
=>
{
wrapper
.
destroy
();
});
describe
(
'
corpus management
'
,
()
=>
{
it
(
'
bootstraps and renders the component
'
,
()
=>
{
createComponent
();
expect
(
wrapper
.
find
(
CorpusManagement
).
exists
()).
toBe
(
true
);
});
});
});
ee/spec/policies/project_policy_spec.rb
View file @
766aaaf3
...
@@ -673,6 +673,68 @@ RSpec.describe ProjectPolicy do
...
@@ -673,6 +673,68 @@ RSpec.describe ProjectPolicy do
end
end
end
end
describe
'read_corpus_management'
do
context
'when corpus_management feature is available'
do
before
do
stub_licensed_features
(
coverage_fuzzing:
true
)
end
context
'with developer or higher role'
do
where
(
role:
%w[owner maintainer developer]
)
with_them
do
let
(
:current_user
)
{
public_send
(
role
)
}
it
{
is_expected
.
to
be_allowed
(
:read_coverage_fuzzing
)
}
end
end
context
'with admin'
do
let
(
:current_user
)
{
admin
}
context
'when admin mode enabled'
,
:enable_admin_mode
do
it
{
is_expected
.
to
be_allowed
(
:read_coverage_fuzzing
)
}
end
context
'when admin mode disabled'
do
it
{
is_expected
.
to
be_disallowed
(
:read_coverage_fuzzing
)
}
end
end
context
'with less than developer role'
do
where
(
role:
%w[reporter guest]
)
with_them
do
let
(
:current_user
)
{
public_send
(
role
)
}
it
{
is_expected
.
to
be_disallowed
(
:read_coverage_fuzzing
)
}
end
end
context
'with non member'
do
let
(
:current_user
)
{
non_member
}
it
{
is_expected
.
to
be_disallowed
(
:read_coverage_fuzzing
)
}
end
context
'with anonymous'
do
let
(
:current_user
)
{
anonymous
}
it
{
is_expected
.
to
be_disallowed
(
:read_coverage_fuzzing
)
}
end
end
context
'when coverage fuzzing feature is not available'
do
let
(
:current_user
)
{
admin
}
before
do
stub_licensed_features
(
coverage_fuzzing:
true
)
end
it
{
is_expected
.
to
be_disallowed
(
:read_coverage_fuzzing
)
}
end
end
describe
'remove_project when default_project_deletion_protection is set to true'
do
describe
'remove_project when default_project_deletion_protection is set to true'
do
before
do
before
do
allow
(
Gitlab
::
CurrentSettings
.
current_application_settings
)
allow
(
Gitlab
::
CurrentSettings
.
current_application_settings
)
...
...
ee/spec/requests/projects/security/corpus_management_controller_spec.rb
0 → 100644
View file @
766aaaf3
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
Projects
::
Security
::
CorpusManagementController
,
type: :request
do
let
(
:project
)
{
create
(
:project
)
}
let
(
:user
)
{
create
(
:user
)
}
describe
'GET #show'
do
context
'feature available'
do
before
do
stub_licensed_features
(
coverage_fuzzing:
true
)
end
context
'user authorized'
do
before
do
project
.
add_developer
(
user
)
login_as
(
user
)
end
it
'can access page'
do
get
project_security_configuration_corpus_management_path
(
project
)
expect
(
response
).
to
have_gitlab_http_status
(
:ok
)
end
end
context
'user not authorized'
do
before
do
project
.
add_guest
(
user
)
login_as
(
user
)
end
it
'sees a 404 error'
do
get
project_security_configuration_corpus_management_path
(
project
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
end
end
end
context
'feature not available'
do
before
do
project
.
add_developer
(
user
)
login_as
(
user
)
end
context
'license doesnt\'t support the feature'
do
it
'sees a 404 error'
do
stub_licensed_features
(
coverage_fuzzing:
false
)
get
project_security_configuration_corpus_management_path
(
project
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
end
end
end
end
end
ee/spec/views/projects/security/corpus_management/show.html.haml_spec.rb
0 → 100644
View file @
766aaaf3
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
"projects/security/corpus_management/show"
,
type: :view
do
before
do
@project
=
create
(
:project
)
render
end
it
'renders Vue app root'
do
expect
(
rendered
).
to
have_selector
(
'.js-corpus-management'
)
end
it
'passes project\'s full path'
do
expect
(
rendered
).
to
include
@project
.
full_path
end
end
locale/gitlab.pot
View file @
766aaaf3
...
@@ -7989,6 +7989,9 @@ msgstr ""
...
@@ -7989,6 +7989,9 @@ msgstr ""
msgid "Copy value"
msgid "Copy value"
msgstr ""
msgstr ""
msgid "CorpusManagement|Fuzz testing corpus management"
msgstr ""
msgid "Could not add admins as members"
msgid "Could not add admins as members"
msgstr ""
msgstr ""
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment