DAST Scanner Profiles - Form MVC boilerplate

Creates the basic controller, route, HAML view and Vue app for the upcoming DAST Scanner Profile form.

DAST Scanner Profiles - Form MVC boilerplate
Creates the basic controller, route, HAML view and Vue app for the upcoming DAST Scanner Profile form.
b2560cae · Paul Gascou-Vaillancourt · Ezekiel Kigbo · 2fcadfb4 · b2560cae · b2560cae
Commit b2560cae authored Aug 24, 2020 by Paul Gascou-Vaillancourt Committed by Ezekiel Kigbo Aug 24, 2020
17 changed files
--- a/ee/app/assets/javascripts/dast_scanner_profiles/components/dast_scanner_profile_form.vue
+++ b/ee/app/assets/javascripts/dast_scanner_profiles/components/dast_scanner_profile_form.vue
+<script>
+export default {
+  name: 'DastScannerProfileForm',
+};
+</script>
+
+<template>
+  <h1>{{ s__('DastProfiles|New Scanner Profile') }}</h1>
+</template>
--- a/ee/app/assets/javascripts/dast_scanner_profiles/dast_scanner_profiles_bundle.js
+++ b/ee/app/assets/javascripts/dast_scanner_profiles/dast_scanner_profiles_bundle.js
+import Vue from 'vue';
+import apolloProvider from './graphql/provider';
+import DastScannerProfileForm from './components/dast_scanner_profile_form.vue';
+
+export default () => {
+  const el = document.querySelector('.js-dast-scanner-profile-form');
+  if (!el) {
+    return false;
+  }
+
+  return new Vue({
+    el,
+    apolloProvider,
+    render(h) {
+      return h(DastScannerProfileForm);
+    },
+  });
+};
--- a/ee/app/assets/javascripts/dast_scanner_profiles/graphql/provider.js
+++ b/ee/app/assets/javascripts/dast_scanner_profiles/graphql/provider.js
+import Vue from 'vue';
+import VueApollo from 'vue-apollo';
+import createDefaultClient from '~/lib/graphql';
+
+Vue.use(VueApollo);
+
+export default new VueApollo({
+  defaultClient: createDefaultClient(),
+});
--- a/ee/app/assets/javascripts/pages/projects/dast_scanner_profiles/new/index.js
+++ b/ee/app/assets/javascripts/pages/projects/dast_scanner_profiles/new/index.js
+import initDastScannerProfileForm from 'ee/dast_scanner_profiles/dast_scanner_profiles_bundle';
+
+document.addEventListener('DOMContentLoaded', initDastScannerProfileForm);
--- a/ee/app/controllers/projects/dast_profiles_controller.rb
+++ b/ee/app/controllers/projects/dast_profiles_controller.rb
@@ -6,11 +6,5 @@ module Projects

    def index
    end
-
-    private
-
-    def authorize_read_on_demand_scans!
-      access_denied! unless can?(current_user, :read_on_demand_scans, project)
-    end
  end
 end
--- a/ee/app/controllers/projects/dast_scanner_profiles_controller.rb
+++ b/ee/app/controllers/projects/dast_scanner_profiles_controller.rb
+# frozen_string_literal: true
+
+module Projects
+  class DastScannerProfilesController < Projects::ApplicationController
+    before_action :authorize_read_on_demand_scans!
+
+    def new
+    end
+  end
+end
--- a/ee/app/controllers/projects/dast_site_profiles_controller.rb
+++ b/ee/app/controllers/projects/dast_site_profiles_controller.rb
@@ -13,11 +13,5 @@ module Projects
        .with_dast_site
        .find(params[:id])
    end
-
-    private
-
-    def authorize_read_on_demand_scans!
-      access_denied! unless can?(current_user, :read_on_demand_scans, project)
-    end
  end
 end
--- a/ee/app/controllers/projects/on_demand_scans_controller.rb
+++ b/ee/app/controllers/projects/on_demand_scans_controller.rb
@@ -9,11 +9,5 @@ module Projects

    def index
    end
-
-    private
-
-    def authorize_read_on_demand_scans!
-      access_denied! unless can?(current_user, :read_on_demand_scans, project)
-    end
  end
 end
--- a/ee/app/helpers/ee/projects_helper.rb
+++ b/ee/app/helpers/ee/projects_helper.rb
@@ -163,6 +163,7 @@ module EE
        projects/on_demand_scans#index
        projects/dast_profiles#index
        projects/dast_site_profiles#new
+        projects/dast_scanner_profiles#new
        projects/dependencies#index
        projects/licenses#index
        projects/threat_monitoring#show
@@ -176,6 +177,15 @@ module EE
      ]
    end

+    def sidebar_on_demand_scans_paths
+      %w[
+        projects/on_demand_scans#index
+        projects/dast_profiles#index
+        projects/dast_site_profiles#new
+        projects/dast_scanner_profiles#new
+      ]
+    end
+
    def size_limit_message(project)
      show_lfs = project.lfs_enabled? ? 'including files in LFS' : ''


--- a/ee/app/views/layouts/nav/sidebar/_project_security_link.html.haml
+++ b/ee/app/views/layouts/nav/sidebar/_project_security_link.html.haml
@@ -22,7 +22,7 @@
            %span= _('Security Dashboard')

      - if project_nav_tab?(:on_demand_scans)
-        = nav_link(path: ['projects/on_demand_scans#index', 'projects/dast_profiles#index', 'projects/dast_site_profiles#new']) do
+        = nav_link(path: sidebar_on_demand_scans_paths) do
          = link_to project_on_demand_scans_path(@project), title: s_('OnDemandScans|On-demand Scans'), data: { qa_selector: 'on_demand_scans_link' } do
            %span= s_('OnDemandScans|On-demand Scans')


--- a/ee/app/views/projects/dast_scanner_profiles/new.html.haml
+++ b/ee/app/views/projects/dast_scanner_profiles/new.html.haml
+- add_to_breadcrumbs s_('OnDemandScans|On-demand Scans'), project_on_demand_scans_path(@project)
+- add_to_breadcrumbs s_('DastProfiles|Manage profiles'), project_profiles_path(@project)
+- breadcrumb_title s_('DastProfiles|New scanner profile')
+- page_title s_('DastProfiles|New scanner profile')
+
+.js-dast-scanner-profile-form
--- a/ee/config/routes/project.rb
+++ b/ee/config/routes/project.rb
@@ -98,6 +98,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
          scope :profiles do
            root 'dast_profiles#index', as: 'profiles'
            resources :dast_site_profiles, only: [:new, :edit]
+            resources :dast_scanner_profiles, only: [:new]
          end
        end


--- a/ee/spec/frontend/dast_scanner_profiles_form/components/dast_scanner_profiles_form_spec.js
+++ b/ee/spec/frontend/dast_scanner_profiles_form/components/dast_scanner_profiles_form_spec.js
+import merge from 'lodash/merge';
+import { shallowMount } from '@vue/test-utils';
+import DastScannerProfileForm from 'ee/dast_scanner_profiles/components/dast_scanner_profile_form.vue';
+
+const defaultProps = {};
+
+describe('DastScannerProfileForm', () => {
+  let wrapper;
+
+  const wrapperFactory = (mountFn = shallowMount) => options => {
+    wrapper = mountFn(
+      DastScannerProfileForm,
+      merge(
+        {},
+        {
+          propsData: defaultProps,
+          mocks: {
+            $apollo: {
+              mutate: jest.fn(),
+            },
+          },
+        },
+        options,
+      ),
+    );
+  };
+  const createWrapper = wrapperFactory();
+
+  afterEach(() => {
+    wrapper.destroy();
+    wrapper = null;
+  });
+
+  it('renders the title', () => {
+    createWrapper();
+    expect(wrapper.html()).toContain('<h1>New Scanner Profile</h1>');
+  });
+});
--- a/ee/spec/helpers/projects_helper_spec.rb
+++ b/ee/spec/helpers/projects_helper_spec.rb
@@ -176,6 +176,7 @@ RSpec.describe ProjectsHelper do
        projects/on_demand_scans#index
        projects/dast_profiles#index
        projects/dast_site_profiles#new
+        projects/dast_scanner_profiles#new
        projects/dependencies#index
        projects/licenses#index
        projects/threat_monitoring#show
@@ -188,6 +189,21 @@ RSpec.describe ProjectsHelper do
    it { is_expected.to eq(expected_security_paths) }
  end

+  describe '#sidebar_on_demand_scans_paths' do
+    let(:expected_on_demand_scans_paths) do
+      %w[
+        projects/on_demand_scans#index
+        projects/dast_profiles#index
+        projects/dast_site_profiles#new
+        projects/dast_scanner_profiles#new
+      ]
+    end
+
+    subject { helper.sidebar_on_demand_scans_paths }
+
+    it { is_expected.to eq(expected_on_demand_scans_paths) }
+  end
+
  describe '#get_project_nav_tabs' do
    using RSpec::Parameterized::TableSyntax


--- a/ee/spec/requests/projects/dast_scanner_profiles_controller_spec.rb
+++ b/ee/spec/requests/projects/dast_scanner_profiles_controller_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Projects::DastScannerProfilesController, type: :request do
+  let_it_be(:project) { create(:project) }
+  let_it_be(:user) { create(:user) }
+  let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
+
+  shared_context 'on-demand scans feature available' do
+    before do
+      stub_feature_flags(security_on_demand_scans_feature_flag: true)
+      stub_licensed_features(security_on_demand_scans: true)
+    end
+  end
+
+  shared_context 'user authorized' do
+    before(:all) do
+      project.add_developer(user)
+    end
+
+    before do
+      login_as(user)
+    end
+  end
+
+  shared_examples 'a GET request' do
+    context 'feature available' do
+      include_context 'on-demand scans feature available'
+
+      context 'user authorized' do
+        include_context 'user authorized'
+
+        it 'can access page' do
+          get path
+
+          expect(response).to have_gitlab_http_status(:ok)
+        end
+      end
+
+      context 'user not authorized' do
+        before do
+          project.add_guest(user)
+
+          login_as(user)
+        end
+
+        it 'sees a 404 error' do
+          get path
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
+    end
+
+    context 'feature not available' do
+      using RSpec::Parameterized::TableSyntax
+
+      include_context 'user authorized'
+
+      where(:feature_flag_enabled, :license_support) do
+        false | true
+        true  | false
+      end
+
+      with_them do
+        it 'sees a 404 error' do
+          stub_feature_flags(security_on_demand_scans_feature_flag: feature_flag_enabled)
+          stub_licensed_features(security_on_demand_scans: license_support)
+          get path
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
+    end
+  end
+
+  describe 'GET #new' do
+    it_behaves_like 'a GET request' do
+      let(:path) { new_project_dast_scanner_profile_path(project) }
+    end
+  end
+end
--- a/ee/spec/views/projects/dast_scanner_profiles/new.html.haml_spec.rb
+++ b/ee/spec/views/projects/dast_scanner_profiles/new.html.haml_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe "projects/dast_scanner_profiles/new", type: :view do
+  before do
+    @project = create(:project)
+    render
+  end
+
+  it 'renders Vue app root' do
+    expect(rendered).to have_selector('.js-dast-scanner-profile-form')
+  end
+end
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -7707,9 +7707,15 @@ msgstr ""
 msgid "DastProfiles|Manage profiles"
 msgstr ""

+msgid "DastProfiles|New Scanner Profile"
+msgstr ""
+
 msgid "DastProfiles|New Site Profile"
 msgstr ""

+msgid "DastProfiles|New scanner profile"
+msgstr ""
+
 msgid "DastProfiles|New site profile"
 msgstr ""