Commit a7458c87 authored by jejacks0n's avatar jejacks0n

Consolidate the logic for SAST prompt experiment

parent bb00e42d
...@@ -9,7 +9,7 @@ module EE ...@@ -9,7 +9,7 @@ module EE
include DescriptionDiffActions include DescriptionDiffActions
before_action only: [:show] do before_action only: [:show] do
if @project.licensed_feature_available?(:sast) && can?(current_user, :developer_access, @project) if can_run_sast_experiments_on?(@project)
experiment(:security_reports_mr_widget_prompt, namespace: @project.namespace).publish experiment(:security_reports_mr_widget_prompt, namespace: @project.namespace).publish
end end
...@@ -33,6 +33,11 @@ module EE ...@@ -33,6 +33,11 @@ module EE
feature_category :code_review, [:delete_description_version, :description_diff] feature_category :code_review, [:delete_description_version, :description_diff]
end end
def can_run_sast_experiments_on?(project)
project.licensed_feature_available?(:sast) &&
project.feature_available?(:security_and_compliance, current_user)
end
def license_scanning_reports def license_scanning_reports
reports_response(merge_request.compare_license_scanning_reports(current_user)) reports_response(merge_request.compare_license_scanning_reports(current_user))
end end
......
...@@ -13,12 +13,6 @@ RSpec.describe Projects::MergeRequestsController do ...@@ -13,12 +13,6 @@ RSpec.describe Projects::MergeRequestsController do
describe 'GET #show' do describe 'GET #show' do
before do before do
# To avoid adjusting this controller, we just want to allow these tests to pass. This action wasn't tested before
# these were added for the experiment, and already exceeded the threshold.
# Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/343375
# More: https://docs.gitlab.com/ee/development/query_count_limits.html#disable-query-limiting
stub_const('Gitlab::QueryLimiting::Transaction::THRESHOLD', 103)
stub_licensed_features(sast: true) stub_licensed_features(sast: true)
end end
...@@ -28,6 +22,10 @@ RSpec.describe Projects::MergeRequestsController do ...@@ -28,6 +22,10 @@ RSpec.describe Projects::MergeRequestsController do
context 'when the user has developer access' do context 'when the user has developer access' do
it 'publishes the security_reports_mr_widget_prompt experiment' do it 'publishes the security_reports_mr_widget_prompt experiment' do
# Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/343375
# More: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/73034#note_720186839
# https://docs.gitlab.com/ee/development/query_count_limits.html#disable-query-limiting
stub_const('Gitlab::QueryLimiting::Transaction::THRESHOLD', 110)
expect_next_instance_of(SecurityReportsMrWidgetPromptExperiment) do |instance| expect_next_instance_of(SecurityReportsMrWidgetPromptExperiment) do |instance|
expect(instance).to receive(:publish) expect(instance).to receive(:publish)
end end
...@@ -48,7 +46,19 @@ RSpec.describe Projects::MergeRequestsController do ...@@ -48,7 +46,19 @@ RSpec.describe Projects::MergeRequestsController do
context 'when the project is not licensed for sast' do context 'when the project is not licensed for sast' do
before do before do
expect(License).to receive(:feature_available?).with(:sast).and_return(false) stub_licensed_features(sast: false)
end
it 'does not publish the security_reports_mr_widget_prompt experiment' do
expect(SecurityReportsMrWidgetPromptExperiment).not_to receive(:new)
get_show
end
end
context 'when the project has disabled the security and compliance features' do
before do
project.project_feature.update_column(:security_and_compliance_access_level, Featurable::DISABLED)
end end
it 'does not publish the security_reports_mr_widget_prompt experiment' do it 'does not publish the security_reports_mr_widget_prompt experiment' do
...@@ -57,6 +67,18 @@ RSpec.describe Projects::MergeRequestsController do ...@@ -57,6 +67,18 @@ RSpec.describe Projects::MergeRequestsController do
get_show get_show
end end
end end
context 'when the the user is a guest' do
let(:user) { create(:user) }
it 'does not publish the security_reports_mr_widget_prompt experiment' do
project.add_guest(user)
expect(SecurityReportsMrWidgetPromptExperiment).not_to receive(:new)
get_show
end
end
end end
describe 'GET #edit' do describe 'GET #edit' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment