Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
8e5f23df
Commit
8e5f23df
authored
Oct 28, 2020
by
Philip Cunningham
Committed by
Mayra Cabrera
Oct 28, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Remove redundant DAST on-demand scan feature flag
Removes feature flag that was previously enabled by default.
parent
a05759d0
Changes
32
Show whitespace changes
Inline
Side-by-side
Showing
32 changed files
with
4 additions
and
320 deletions
+4
-320
doc/user/application_security/dast/index.md
doc/user/application_security/dast/index.md
+0
-33
ee/app/graphql/ee/types/project_type.rb
ee/app/graphql/ee/types/project_type.rb
+0
-2
ee/app/policies/ee/project_policy.rb
ee/app/policies/ee/project_policy.rb
+0
-1
ee/config/feature_flags/development/security_on_demand_scans_feature_flag.yml
...ags/development/security_on_demand_scans_feature_flag.yml
+0
-7
ee/spec/graphql/mutations/dast_on_demand_scans/create_spec.rb
...pec/graphql/mutations/dast_on_demand_scans/create_spec.rb
+0
-8
ee/spec/graphql/mutations/dast_scanner_profiles/create_spec.rb
...ec/graphql/mutations/dast_scanner_profiles/create_spec.rb
+0
-10
ee/spec/graphql/mutations/dast_scanner_profiles/delete_spec.rb
...ec/graphql/mutations/dast_scanner_profiles/delete_spec.rb
+0
-8
ee/spec/graphql/mutations/dast_scanner_profiles/update_spec.rb
...ec/graphql/mutations/dast_scanner_profiles/update_spec.rb
+0
-8
ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
+0
-8
ee/spec/graphql/mutations/dast_site_profiles/delete_spec.rb
ee/spec/graphql/mutations/dast_site_profiles/delete_spec.rb
+0
-8
ee/spec/graphql/mutations/dast_site_profiles/update_spec.rb
ee/spec/graphql/mutations/dast_site_profiles/update_spec.rb
+0
-8
ee/spec/graphql/mutations/dast_site_tokens/create_spec.rb
ee/spec/graphql/mutations/dast_site_tokens/create_spec.rb
+0
-8
ee/spec/graphql/mutations/dast_site_validations/create_spec.rb
...ec/graphql/mutations/dast_site_validations/create_spec.rb
+0
-8
ee/spec/graphql/mutations/pipelines/run_dast_scan_spec.rb
ee/spec/graphql/mutations/pipelines/run_dast_scan_spec.rb
+0
-4
ee/spec/policies/dast_site_profile_policy_spec.rb
ee/spec/policies/dast_site_profile_policy_spec.rb
+0
-8
ee/spec/policies/dast_site_validation_policy_spec.rb
ee/spec/policies/dast_site_validation_policy_spec.rb
+0
-8
ee/spec/requests/api/graphql/mutations/pipelines/run_dast_scan_spec.rb
...sts/api/graphql/mutations/pipelines/run_dast_scan_spec.rb
+0
-4
ee/spec/requests/api/graphql/project/dast_scanner_profiles_spec.rb
...equests/api/graphql/project/dast_scanner_profiles_spec.rb
+0
-12
ee/spec/requests/api/graphql/project/dast_site_profile_spec.rb
...ec/requests/api/graphql/project/dast_site_profile_spec.rb
+0
-8
ee/spec/requests/api/graphql/project/dast_site_profiles_spec.rb
...c/requests/api/graphql/project/dast_site_profiles_spec.rb
+0
-8
ee/spec/requests/projects/on_demand_scans_controller_spec.rb
ee/spec/requests/projects/on_demand_scans_controller_spec.rb
+0
-10
ee/spec/requests/projects/security/dast_profiles_controller_spec.rb
...quests/projects/security/dast_profiles_controller_spec.rb
+0
-12
ee/spec/requests/projects/security/dast_scanner_profiles_controller_spec.rb
...rojects/security/dast_scanner_profiles_controller_spec.rb
+4
-15
ee/spec/requests/projects/security/dast_site_profiles_controller_spec.rb
...s/projects/security/dast_site_profiles_controller_spec.rb
+0
-12
ee/spec/services/ci/run_dast_scan_service_spec.rb
ee/spec/services/ci/run_dast_scan_service_spec.rb
+0
-14
ee/spec/services/dast_scanner_profiles/create_service_spec.rb
...pec/services/dast_scanner_profiles/create_service_spec.rb
+0
-14
ee/spec/services/dast_scanner_profiles/destroy_service_spec.rb
...ec/services/dast_scanner_profiles/destroy_service_spec.rb
+0
-14
ee/spec/services/dast_scanner_profiles/update_service_spec.rb
...pec/services/dast_scanner_profiles/update_service_spec.rb
+0
-14
ee/spec/services/dast_site_profiles/create_service_spec.rb
ee/spec/services/dast_site_profiles/create_service_spec.rb
+0
-14
ee/spec/services/dast_site_profiles/update_service_spec.rb
ee/spec/services/dast_site_profiles/update_service_spec.rb
+0
-14
ee/spec/services/dast_sites/find_or_create_service_spec.rb
ee/spec/services/dast_sites/find_or_create_service_spec.rb
+0
-10
ee/spec/support/shared_examples/graphql/mutations/on_demand_scan_with_user_abilities_shared_examples.rb
...ons/on_demand_scan_with_user_abilities_shared_examples.rb
+0
-8
No files found.
doc/user/application_security/dast/index.md
View file @
8e5f23df
...
@@ -714,10 +714,6 @@ To delete a scanner profile:
...
@@ -714,10 +714,6 @@ To delete a scanner profile:
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218465) in GitLab 13.2.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218465) in GitLab 13.2.
> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/218465) in GitLab 13.3.
> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/218465) in GitLab 13.3.
> - It's deployed behind a feature flag, enabled by default.
> - It's enabled on GitLab.com.
> - It's able to be enabled or disabled per-project.
> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-on-demand-scans).
An on-demand DAST scan runs outside the DevOps life cycle. Changes in your repository don't trigger
An on-demand DAST scan runs outside the DevOps life cycle. Changes in your repository don't trigger
the scan. You must start it manually.
the scan. You must start it manually.
...
@@ -748,35 +744,6 @@ To run an on-demand DAST scan, you need:
...
@@ -748,35 +744,6 @@ To run an on-demand DAST scan, you need:
The on-demand DAST scan runs and the project's dashboard shows the results.
The on-demand DAST scan runs and the project's dashboard shows the results.
### Enable or disable On-demand Scans
The On-demand DAST Scans feature is enabled by default. You can disable on-demand scans
instance-wide, or disable it for specific projects if you prefer.
To run on-demand DAST scans, an administrator must enable the
`security_on_demand_scans_feature_flag`
feature flag.
[
GitLab administrators with access to the GitLab Rails console
](
../../../administration/feature_flags.md
)
can disable or enable the feature flags.
To disable On-demand DAST Scans:
```
ruby
# Instance-wide
Feature
.
disable
(
:security_on_demand_scans_feature_flag
)
# or by project
Feature
.
disable
(
:security_on_demand_scans_feature_flag
,
Project
.
find
(
<
project
id
>
))
```
To enable On-demand DAST Scans:
```
ruby
# Instance-wide
Feature
.
enable
(
:security_on_demand_scans_feature_flag
)
# or by project
Feature
.
enable
(
:security_on_demand_scans_feature_flag
,
Project
.
find
(
<
project
ID
>
))
```
## Reports
## Reports
The DAST tool outputs a report file in JSON format by default. However, this tool can also generate reports in
The DAST tool outputs a report file in JSON format by default. However, this tool can also generate reports in
...
...
ee/app/graphql/ee/types/project_type.rb
View file @
8e5f23df
...
@@ -17,8 +17,6 @@ module EE
...
@@ -17,8 +17,6 @@ module EE
null:
true
,
null:
true
,
description:
'The DAST scanner profiles associated with the project'
,
description:
'The DAST scanner profiles associated with the project'
,
resolve:
->
(
project
,
_args
,
_ctx
)
do
resolve:
->
(
project
,
_args
,
_ctx
)
do
return
DastScannerProfile
.
none
unless
::
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
DastScannerProfilesFinder
.
new
(
project_ids:
[
project
.
id
]).
execute
DastScannerProfilesFinder
.
new
(
project_ids:
[
project
.
id
]).
execute
end
end
...
...
ee/app/policies/ee/project_policy.rb
View file @
8e5f23df
...
@@ -101,7 +101,6 @@ module EE
...
@@ -101,7 +101,6 @@ module EE
with_scope
:subject
with_scope
:subject
condition
(
:on_demand_scans_enabled
)
do
condition
(
:on_demand_scans_enabled
)
do
::
Feature
.
enabled?
(
:security_on_demand_scans_feature_flag
,
project
,
default_enabled:
true
)
&&
@subject
.
feature_available?
(
:security_on_demand_scans
)
@subject
.
feature_available?
(
:security_on_demand_scans
)
end
end
...
...
ee/config/feature_flags/development/security_on_demand_scans_feature_flag.yml
deleted
100644 → 0
View file @
a05759d0
---
name
:
security_on_demand_scans_feature_flag
introduced_by_url
:
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/32994
rollout_issue_url
:
https://gitlab.com/gitlab-org/gitlab/-/issues/237796
group
:
group::dynamic analysis
type
:
development
default_enabled
:
true
ee/spec/graphql/mutations/dast_on_demand_scans/create_spec.rb
View file @
8e5f23df
...
@@ -135,14 +135,6 @@ RSpec.describe Mutations::DastOnDemandScans::Create do
...
@@ -135,14 +135,6 @@ RSpec.describe Mutations::DastOnDemandScans::Create do
end
end
end
end
context
'when on demand scan feature is not enabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/graphql/mutations/dast_scanner_profiles/create_spec.rb
View file @
8e5f23df
...
@@ -84,16 +84,6 @@ RSpec.describe Mutations::DastScannerProfiles::Create do
...
@@ -84,16 +84,6 @@ RSpec.describe Mutations::DastScannerProfiles::Create do
end
end
end
end
context
'when security_on_demand_scans_feature_flag is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/graphql/mutations/dast_scanner_profiles/delete_spec.rb
View file @
8e5f23df
...
@@ -54,14 +54,6 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
...
@@ -54,14 +54,6 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
end
end
end
end
context
'when security_on_demand_scans_feature_flag is disabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/graphql/mutations/dast_scanner_profiles/update_spec.rb
View file @
8e5f23df
...
@@ -109,14 +109,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
...
@@ -109,14 +109,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
end
end
end
end
context
'when on demand scan feature is not enabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
View file @
8e5f23df
...
@@ -90,14 +90,6 @@ RSpec.describe Mutations::DastSiteProfiles::Create do
...
@@ -90,14 +90,6 @@ RSpec.describe Mutations::DastSiteProfiles::Create do
end
end
end
end
context
'when on demand scan feature is not enabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/graphql/mutations/dast_site_profiles/delete_spec.rb
View file @
8e5f23df
...
@@ -97,14 +97,6 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
...
@@ -97,14 +97,6 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
end
end
end
end
context
'when on demand scan feature is not enabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/graphql/mutations/dast_site_profiles/update_spec.rb
View file @
8e5f23df
...
@@ -97,14 +97,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
...
@@ -97,14 +97,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
end
end
end
end
context
'when on demand scan feature is not enabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/graphql/mutations/dast_site_tokens/create_spec.rb
View file @
8e5f23df
...
@@ -87,14 +87,6 @@ RSpec.describe Mutations::DastSiteTokens::Create do
...
@@ -87,14 +87,6 @@ RSpec.describe Mutations::DastSiteTokens::Create do
end
end
end
end
context
'when on demand scan feature is not enabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan site validations feature is not enabled'
do
context
'when on demand scan site validations feature is not enabled'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_site_validation:
false
)
stub_feature_flags
(
security_on_demand_scans_site_validation:
false
)
...
...
ee/spec/graphql/mutations/dast_site_validations/create_spec.rb
View file @
8e5f23df
...
@@ -71,14 +71,6 @@ RSpec.describe Mutations::DastSiteValidations::Create do
...
@@ -71,14 +71,6 @@ RSpec.describe Mutations::DastSiteValidations::Create do
expect
(
subject
[
:status
]).
to
eq
(
dast_site_validation
.
state
)
expect
(
subject
[
:status
]).
to
eq
(
dast_site_validation
.
state
)
end
end
context
'when on demand scan feature is not enabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan site validations feature is not enabled'
do
context
'when on demand scan site validations feature is not enabled'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_site_validation:
false
)
stub_feature_flags
(
security_on_demand_scans_site_validation:
false
)
...
...
ee/spec/graphql/mutations/pipelines/run_dast_scan_spec.rb
View file @
8e5f23df
...
@@ -34,10 +34,6 @@ RSpec.describe Mutations::Pipelines::RunDastScan do
...
@@ -34,10 +34,6 @@ RSpec.describe Mutations::Pipelines::RunDastScan do
end
end
context
'when on demand scan feature is enabled'
do
context
'when on demand scan feature is enabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
end
context
'when the project does not exist'
do
context
'when the project does not exist'
do
let
(
:project_path
)
{
SecureRandom
.
hex
}
let
(
:project_path
)
{
SecureRandom
.
hex
}
...
...
ee/spec/policies/dast_site_profile_policy_spec.rb
View file @
8e5f23df
...
@@ -33,14 +33,6 @@ RSpec.describe DastSiteProfilePolicy do
...
@@ -33,14 +33,6 @@ RSpec.describe DastSiteProfilePolicy do
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
context
'when on demand scan feature flag is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/policies/dast_site_validation_policy_spec.rb
View file @
8e5f23df
...
@@ -33,14 +33,6 @@ RSpec.describe DastSiteValidationPolicy do
...
@@ -33,14 +33,6 @@ RSpec.describe DastSiteValidationPolicy do
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
context
'when on demand scan feature flag is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/requests/api/graphql/mutations/pipelines/run_dast_scan_spec.rb
View file @
8e5f23df
...
@@ -37,10 +37,6 @@ RSpec.describe 'Running a DAST Scan' do
...
@@ -37,10 +37,6 @@ RSpec.describe 'Running a DAST Scan' do
end
end
context
'when on demand scan feature is enabled'
do
context
'when on demand scan feature is enabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
end
context
'when the user does not have permission to run a dast scan'
do
context
'when the user does not have permission to run a dast scan'
do
it_behaves_like
'a mutation that returns top-level errors'
,
it_behaves_like
'a mutation that returns top-level errors'
,
errors:
[
'The resource that you are attempting to access does not '
\
errors:
[
'The resource that you are attempting to access does not '
\
...
...
ee/spec/requests/api/graphql/project/dast_scanner_profiles_spec.rb
View file @
8e5f23df
...
@@ -93,17 +93,5 @@ RSpec.describe 'Query.project(fullPath).dastScannerProfiles' do
...
@@ -93,17 +93,5 @@ RSpec.describe 'Query.project(fullPath).dastScannerProfiles' do
it
{
is_expected
.
to
eq
(
dast_scanner_profile
.
to_global_id
.
to_s
)
}
it
{
is_expected
.
to
eq
(
dast_scanner_profile
.
to_global_id
.
to_s
)
}
end
end
context
'when on demand scan feature flag is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
describe
'dast scanner profiles'
do
subject
{
response_data
.
dig
(
'project'
,
'dastScannerProfiles'
,
'nodes'
)
}
it
{
is_expected
.
to
be_empty
}
end
end
end
end
end
end
ee/spec/requests/api/graphql/project/dast_site_profile_spec.rb
View file @
8e5f23df
...
@@ -83,14 +83,6 @@ RSpec.describe 'Query.project(fullPath).dastSiteProfile' do
...
@@ -83,14 +83,6 @@ RSpec.describe 'Query.project(fullPath).dastSiteProfile' do
end
end
end
end
context
'when on demand scan feature flag is disabled'
do
it
'returns a null dast_site_profile'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
(
dast_site_profile_response
).
to
be_nil
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'returns a null dast_site_profile'
do
it
'returns a null dast_site_profile'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/requests/api/graphql/project/dast_site_profiles_spec.rb
View file @
8e5f23df
...
@@ -106,14 +106,6 @@ RSpec.describe 'Query.project(fullPath).dastSiteProfiles' do
...
@@ -106,14 +106,6 @@ RSpec.describe 'Query.project(fullPath).dastSiteProfiles' do
end
end
end
end
context
'when on demand scan feature flag is disabled'
do
it
'returns an empty edges array'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
(
dast_site_profiles_response
[
'nodes'
]).
to
be_empty
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'returns an empty edges array'
do
it
'returns an empty edges array'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/requests/projects/on_demand_scans_controller_spec.rb
View file @
8e5f23df
...
@@ -9,7 +9,6 @@ RSpec.describe Projects::OnDemandScansController, type: :request do
...
@@ -9,7 +9,6 @@ RSpec.describe Projects::OnDemandScansController, type: :request do
describe
'GET #index'
do
describe
'GET #index'
do
context
'feature available'
do
context
'feature available'
do
before
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
stub_licensed_features
(
security_on_demand_scans:
true
)
stub_licensed_features
(
security_on_demand_scans:
true
)
end
end
...
@@ -49,16 +48,7 @@ RSpec.describe Projects::OnDemandScansController, type: :request do
...
@@ -49,16 +48,7 @@ RSpec.describe Projects::OnDemandScansController, type: :request do
login_as
(
user
)
login_as
(
user
)
end
end
it
"sees a 404 error if the feature flag is disabled"
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
stub_licensed_features
(
security_on_demand_scans:
true
)
get
project_on_demand_scans_path
(
project
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
end
it
"sees a 404 error if the license doesn't support the feature"
do
it
"sees a 404 error if the license doesn't support the feature"
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
get
project_on_demand_scans_path
(
project
)
get
project_on_demand_scans_path
(
project
)
...
...
ee/spec/requests/projects/security/dast_profiles_controller_spec.rb
View file @
8e5f23df
...
@@ -9,7 +9,6 @@ RSpec.describe Projects::Security::DastProfilesController, type: :request do
...
@@ -9,7 +9,6 @@ RSpec.describe Projects::Security::DastProfilesController, type: :request do
describe
'GET #index'
do
describe
'GET #index'
do
context
'feature available'
do
context
'feature available'
do
before
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
stub_licensed_features
(
security_on_demand_scans:
true
)
stub_licensed_features
(
security_on_demand_scans:
true
)
end
end
...
@@ -49,19 +48,8 @@ RSpec.describe Projects::Security::DastProfilesController, type: :request do
...
@@ -49,19 +48,8 @@ RSpec.describe Projects::Security::DastProfilesController, type: :request do
login_as
(
user
)
login_as
(
user
)
end
end
context
'feature flag is disabled'
do
it
'sees a 404 error'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
stub_licensed_features
(
security_on_demand_scans:
true
)
get
project_security_configuration_dast_profiles_path
(
project
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
end
end
context
'license doesnt\'t support the feature'
do
context
'license doesnt\'t support the feature'
do
it
'sees a 404 error'
do
it
'sees a 404 error'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
get
project_security_configuration_dast_profiles_path
(
project
)
get
project_security_configuration_dast_profiles_path
(
project
)
...
...
ee/spec/requests/projects/security/dast_scanner_profiles_controller_spec.rb
View file @
8e5f23df
...
@@ -9,7 +9,6 @@ RSpec.describe Projects::Security::DastScannerProfilesController, type: :request
...
@@ -9,7 +9,6 @@ RSpec.describe Projects::Security::DastScannerProfilesController, type: :request
shared_context
'on-demand scans feature available'
do
shared_context
'on-demand scans feature available'
do
before
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
stub_licensed_features
(
security_on_demand_scans:
true
)
stub_licensed_features
(
security_on_demand_scans:
true
)
end
end
end
end
...
@@ -54,26 +53,16 @@ RSpec.describe Projects::Security::DastScannerProfilesController, type: :request
...
@@ -54,26 +53,16 @@ RSpec.describe Projects::Security::DastScannerProfilesController, type: :request
end
end
context
'feature not available'
do
context
'feature not available'
do
using
RSpec
::
Parameterized
::
TableSyntax
include_context
'user authorized'
include_context
'user authorized'
where
(
:feature_flag_enabled
,
:license_support
)
do
false
|
true
true
|
false
end
with_them
do
it
'sees a 404 error'
do
it
'sees a 404 error'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
feature_flag_enabled
)
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
license_support
)
get
path
get
path
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
end
end
end
end
end
end
end
describe
'GET #new'
do
describe
'GET #new'
do
it_behaves_like
'a GET request'
do
it_behaves_like
'a GET request'
do
...
...
ee/spec/requests/projects/security/dast_site_profiles_controller_spec.rb
View file @
8e5f23df
...
@@ -8,7 +8,6 @@ RSpec.describe Projects::Security::DastSiteProfilesController, type: :request do
...
@@ -8,7 +8,6 @@ RSpec.describe Projects::Security::DastSiteProfilesController, type: :request do
let
(
:dast_site_profile
)
{
create
(
:dast_site_profile
,
project:
project
)
}
let
(
:dast_site_profile
)
{
create
(
:dast_site_profile
,
project:
project
)
}
def
with_feature_available
def
with_feature_available
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
stub_licensed_features
(
security_on_demand_scans:
true
)
stub_licensed_features
(
security_on_demand_scans:
true
)
end
end
...
@@ -55,19 +54,8 @@ RSpec.describe Projects::Security::DastSiteProfilesController, type: :request do
...
@@ -55,19 +54,8 @@ RSpec.describe Projects::Security::DastSiteProfilesController, type: :request do
with_user_authorized
with_user_authorized
end
end
context
'feature flag is disabled'
do
it
'sees a 404 error'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
stub_licensed_features
(
security_on_demand_scans:
true
)
get
path
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
end
end
context
'license doesnt\'t support the feature'
do
context
'license doesnt\'t support the feature'
do
it
'sees a 404 error'
do
it
'sees a 404 error'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
true
)
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
get
path
get
path
...
...
ee/spec/services/ci/run_dast_scan_service_spec.rb
View file @
8e5f23df
...
@@ -171,20 +171,6 @@ RSpec.describe Ci::RunDastScanService do
...
@@ -171,20 +171,6 @@ RSpec.describe Ci::RunDastScanService do
end
end
end
end
context
'when on demand scan feature is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
'returns an error status'
do
expect
(
status
).
to
eq
(
:error
)
end
it
'populates message'
do
expect
(
message
).
to
eq
(
'Insufficient permissions'
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/services/dast_scanner_profiles/create_service_spec.rb
View file @
8e5f23df
...
@@ -106,20 +106,6 @@ RSpec.describe DastScannerProfiles::CreateService do
...
@@ -106,20 +106,6 @@ RSpec.describe DastScannerProfiles::CreateService do
end
end
end
end
context
'when on demand scan feature is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
'returns an error status'
do
expect
(
status
).
to
eq
(
:error
)
end
it
'populates message'
do
expect
(
message
).
to
eq
(
'Insufficient permissions'
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/services/dast_scanner_profiles/destroy_service_spec.rb
View file @
8e5f23df
...
@@ -64,20 +64,6 @@ RSpec.describe DastScannerProfiles::DestroyService do
...
@@ -64,20 +64,6 @@ RSpec.describe DastScannerProfiles::DestroyService do
end
end
end
end
context
'when on demand scan feature is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
'returns an error status'
do
expect
(
status
).
to
eq
(
:error
)
end
it
'populates message'
do
expect
(
message
).
to
eq
(
'You are not authorized to update this scanner profile'
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/services/dast_scanner_profiles/update_service_spec.rb
View file @
8e5f23df
...
@@ -151,20 +151,6 @@ RSpec.describe DastScannerProfiles::UpdateService do
...
@@ -151,20 +151,6 @@ RSpec.describe DastScannerProfiles::UpdateService do
end
end
end
end
context
'when on demand scan feature is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
'returns an error status'
do
expect
(
status
).
to
eq
(
:error
)
end
it
'populates message'
do
expect
(
message
).
to
eq
(
'You are not authorized to update this scanner profile'
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/services/dast_site_profiles/create_service_spec.rb
View file @
8e5f23df
...
@@ -77,20 +77,6 @@ RSpec.describe DastSiteProfiles::CreateService do
...
@@ -77,20 +77,6 @@ RSpec.describe DastSiteProfiles::CreateService do
end
end
end
end
context
'when on demand scan feature is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
'returns an error status'
do
expect
(
status
).
to
eq
(
:error
)
end
it
'populates message'
do
expect
(
message
).
to
eq
(
'Insufficient permissions'
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/services/dast_site_profiles/update_service_spec.rb
View file @
8e5f23df
...
@@ -86,20 +86,6 @@ RSpec.describe DastSiteProfiles::UpdateService do
...
@@ -86,20 +86,6 @@ RSpec.describe DastSiteProfiles::UpdateService do
end
end
end
end
context
'when on demand scan feature is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it
'returns an error status'
do
expect
(
status
).
to
eq
(
:error
)
end
it
'populates message'
do
expect
(
message
).
to
eq
(
'Insufficient permissions'
)
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/services/dast_sites/find_or_create_service_spec.rb
View file @
8e5f23df
...
@@ -59,16 +59,6 @@ RSpec.describe DastSites::FindOrCreateService do
...
@@ -59,16 +59,6 @@ RSpec.describe DastSites::FindOrCreateService do
end
end
end
end
context
'when on demand scan feature is disabled'
do
it
'raises an exception'
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
expect
{
subject
}.
to
raise_error
(
DastSites
::
FindOrCreateService
::
PermissionsError
)
do
|
err
|
expect
(
err
.
message
).
to
include
(
'Insufficient permissions'
)
end
end
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
ee/spec/support/shared_examples/graphql/mutations/on_demand_scan_with_user_abilities_shared_examples.rb
View file @
8e5f23df
...
@@ -27,14 +27,6 @@ RSpec.shared_examples 'an on-demand scan mutation when user can run an on-demand
...
@@ -27,14 +27,6 @@ RSpec.shared_examples 'an on-demand scan mutation when user can run an on-demand
expect
(
mutation_response
[
"errors"
]).
to
be_empty
expect
(
mutation_response
[
"errors"
]).
to
be_empty
end
end
context
'when on demand scan feature is disabled'
do
before
do
stub_feature_flags
(
security_on_demand_scans_feature_flag:
false
)
end
it_behaves_like
'a mutation that returns a top-level access error'
end
context
'when on demand scan licensed feature is not available'
do
context
'when on demand scan licensed feature is not available'
do
before
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
stub_licensed_features
(
security_on_demand_scans:
false
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment