Commit e0bd8382 authored by Kushal Pandya's avatar Kushal Pandya

Merge branch '295252-remove-dast-saved-scans-ff' into 'master'

Remove dast_saved_scans feature flag [RUN ALL RSPEC] [RUN AS-IF-FOSS]

See merge request gitlab-org/gitlab!56540
parents b77a2f73 2cfd0c6f
......@@ -4667,7 +4667,7 @@ An edge in a connection.
| `containerRepositories` | [`ContainerRepositoryConnection`](#containerrepositoryconnection) | Container repositories of the project. |
| `containerRepositoriesCount` | [`Int!`](#int) | Number of container repositories in the project. |
| `createdAt` | [`Time`](#time) | Timestamp of the project creation. |
| `dastProfiles` | [`DastProfileConnection`](#dastprofileconnection) | DAST Profiles associated with the project. Always returns no nodes if `dast_saved_scans` is disabled. |
| `dastProfiles` | [`DastProfileConnection`](#dastprofileconnection) | DAST Profiles associated with the project. |
| `dastScannerProfiles` | [`DastScannerProfileConnection`](#dastscannerprofileconnection) | The DAST scanner profiles associated with the project. |
| `dastSiteProfile` | [`DastSiteProfile`](#dastsiteprofile) | DAST Site Profile associated with the project. |
| `dastSiteProfiles` | [`DastSiteProfileConnection`](#dastsiteprofileconnection) | DAST Site Profiles associated with the project. |
......
......@@ -28,7 +28,6 @@ import { REF_TYPE_BRANCHES } from '~/ref/constants';
import LocalStorageSync from '~/vue_shared/components/local_storage_sync.vue';
import validation from '~/vue_shared/directives/validation';
import glFeatureFlagsMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
import dastOnDemandScanCreateMutation from '../graphql/dast_on_demand_scan_create.mutation.graphql';
import dastProfileCreateMutation from '../graphql/dast_profile_create.mutation.graphql';
import dastProfileUpdateMutation from '../graphql/dast_profile_update.mutation.graphql';
import {
......@@ -140,24 +139,19 @@ export default {
},
},
data() {
const savedScansFields = this.glFeatures.dastSavedScans
? {
form: {
showValidation: false,
state: false,
fields: {
name: initFormField({ value: this.dastScan?.name ?? '' }),
description: initFormField({
value: this.dastScan?.description ?? '',
required: false,
skipValidation: true,
}),
},
},
}
: {};
return {
...savedScansFields,
form: {
showValidation: false,
state: false,
fields: {
name: initFormField({ value: this.dastScan?.name ?? '' }),
description: initFormField({
value: this.dastScan?.description ?? '',
required: false,
skipValidation: true,
}),
},
},
scannerProfiles: [],
siteProfiles: [],
selectedBranch: this.dastScan?.branch?.name ?? this.defaultBranch,
......@@ -179,11 +173,6 @@ export default {
? s__('OnDemandScans|Edit on-demand DAST scan')
: s__('OnDemandScans|New on-demand DAST scan');
},
manageProfilesLabel() {
return this.glFeatures.dastSavedScans
? s__('OnDemandScans|Manage DAST scans')
: s__('OnDemandScans|Manage profiles');
},
selectedScannerProfile() {
return this.selectedScannerProfileId
? this.scannerProfiles.find(({ id }) => id === this.selectedScannerProfileId)
......@@ -256,32 +245,23 @@ export default {
},
methods: {
onSubmit({ runAfter = true, button = this.$options.saveAndRunScanBtnId } = {}) {
if (this.glFeatures.dastSavedScans) {
this.form.showValidation = true;
if (!this.form.state) {
return;
}
this.form.showValidation = true;
if (!this.form.state) {
return;
}
this.loading = button;
this.hideErrors();
let mutation = dastOnDemandScanCreateMutation;
let responseType = 'dastOnDemandScanCreate';
let input = {
const mutation = this.isEdit ? dastProfileUpdateMutation : dastProfileCreateMutation;
const responseType = this.isEdit ? 'dastProfileUpdate' : 'dastProfileCreate';
const input = {
fullPath: this.projectPath,
dastScannerProfileId: this.selectedScannerProfile.id,
dastSiteProfileId: this.selectedSiteProfile.id,
...(this.isEdit ? { id: this.dastScan.id } : {}),
...serializeFormObject(this.form.fields),
[this.isEdit ? 'runAfterUpdate' : 'runAfterCreate']: runAfter,
};
if (this.glFeatures.dastSavedScans) {
mutation = this.isEdit ? dastProfileUpdateMutation : dastProfileCreateMutation;
responseType = this.isEdit ? 'dastProfileUpdate' : 'dastProfileCreate';
input = {
...input,
...(this.isEdit ? { id: this.dastScan.id } : {}),
...serializeFormObject(this.form.fields),
[this.isEdit ? 'runAfterUpdate' : 'runAfterCreate']: runAfter,
};
}
if (this.glFeatures.dastBranchSelection) {
input.branchName = this.selectedBranch;
}
......@@ -299,7 +279,7 @@ export default {
if (errors?.length) {
this.showErrors(ERROR_RUN_SCAN, errors);
this.loading = false;
} else if (this.glFeatures.dastSavedScans && !runAfter) {
} else if (!runAfter) {
redirectTo(response.dastProfile.editPath);
this.clearStorage = true;
} else {
......@@ -345,7 +325,7 @@ export default {
<template>
<gl-form novalidate @submit.prevent="onSubmit()">
<local-storage-sync
v-if="glFeatures.dastSavedScans && !isEdit"
v-if="!isEdit"
as-json
:storage-key="$options.ON_DEMAND_SCANS_STORAGE_KEY"
:clear="clearStorage"
......@@ -356,7 +336,7 @@ export default {
<div class="gl-mt-6 gl-display-flex">
<h2 class="gl-flex-grow-1 gl-my-0">{{ title }}</h2>
<gl-button :href="profilesLibraryPath" data-testid="manage-profiles-link">
{{ manageProfilesLabel }}
{{ s__('OnDemandScans|Manage DAST scans') }}
</gl-button>
</div>
<p>
......@@ -391,7 +371,7 @@ export default {
</gl-alert>
<template v-if="isLoadingProfiles">
<gl-skeleton-loader v-if="glFeatures.dastSavedScans" :width="1248" :height="180">
<gl-skeleton-loader :width="1248" :height="180">
<rect x="0" y="0" width="100" height="15" rx="4" />
<rect x="0" y="24" width="460" height="32" rx="4" />
<rect x="0" y="71" width="100" height="15" rx="4" />
......@@ -412,33 +392,31 @@ export default {
</gl-card>
</template>
<template v-else-if="!failedToLoadProfiles">
<template v-if="glFeatures.dastSavedScans">
<gl-form-group
:label="s__('OnDemandScans|Scan name')"
:invalid-feedback="form.fields.name.feedback"
>
<gl-form-input
v-model="form.fields.name.value"
v-validation:[form.showValidation]
class="mw-460"
data-testid="dast-scan-name-input"
type="text"
:placeholder="s__('OnDemandScans|My daily scan')"
:state="form.fields.name.state"
name="name"
required
/>
</gl-form-group>
<gl-form-group :label="s__('OnDemandScans|Description (optional)')">
<gl-form-textarea
v-model="form.fields.description.value"
class="mw-460"
data-testid="dast-scan-description-input"
:placeholder="s__(`OnDemandScans|For example: Tests the login page for SQL injections`)"
:state="form.fields.description.state"
/>
</gl-form-group>
</template>
<gl-form-group
:label="s__('OnDemandScans|Scan name')"
:invalid-feedback="form.fields.name.feedback"
>
<gl-form-input
v-model="form.fields.name.value"
v-validation:[form.showValidation]
class="mw-460"
data-testid="dast-scan-name-input"
type="text"
:placeholder="s__('OnDemandScans|My daily scan')"
:state="form.fields.name.state"
name="name"
required
/>
</gl-form-group>
<gl-form-group :label="s__('OnDemandScans|Description (optional)')">
<gl-form-textarea
v-model="form.fields.description.value"
class="mw-460"
data-testid="dast-scan-description-input"
:placeholder="s__(`OnDemandScans|For example: Tests the login page for SQL injections`)"
:state="form.fields.description.state"
/>
</gl-form-group>
<gl-form-group v-if="glFeatures.dastBranchSelection" :label="__('Branch')">
<ref-selector
......@@ -574,14 +552,9 @@ export default {
:disabled="isSubmitButtonDisabled"
:loading="loading === $options.saveAndRunScanBtnId"
>
{{
glFeatures.dastSavedScans
? s__('OnDemandScans|Save and run scan')
: s__('OnDemandScans|Run scan')
}}
{{ s__('OnDemandScans|Save and run scan') }}
</gl-button>
<gl-button
v-if="glFeatures.dastSavedScans"
variant="success"
category="secondary"
data-testid="on-demand-scan-save-button"
......
mutation dastOnDemandScanCreate($input: DastOnDemandScanCreateInput!) {
dastOnDemandScanCreate(input: $input) {
pipelineUrl
errors
}
}
......@@ -39,7 +39,6 @@ export default {
return getProfileSettings({
createNewProfilePaths,
isDastSavedScansEnabled: this.glFeatures.dastSavedScans,
});
},
tabIndex: {
......
......@@ -10,54 +10,50 @@ import dastSiteProfilesQuery from 'ee/security_configuration/dast_profiles/graph
import dastSiteProfilesDelete from 'ee/security_configuration/dast_profiles/graphql/dast_site_profiles_delete.mutation.graphql';
import { s__ } from '~/locale';
export const getProfileSettings = ({ createNewProfilePaths, isDastSavedScansEnabled }) => ({
...(isDastSavedScansEnabled
? {
dastProfiles: {
profileType: 'dastProfiles',
createNewProfilePath: createNewProfilePaths.savedScan,
graphQL: {
query: dastProfilesQuery,
deletion: {
mutation: dastProfileDelete,
optimisticResponse: dastProfilesDeleteResponse({
mutationName: 'dastProfileDelete',
payloadTypeName: 'DastProfileDeletePayload',
}),
},
},
component: DastSavedScansList,
tableFields: [
{
label: s__('DastProfiles|Scan'),
key: 'name',
},
{
label: s__('DastProfiles|Target'),
key: 'dastSiteProfile.targetUrl',
},
{
label: s__('DastProfiles|Scan mode'),
key: 'dastScannerProfile.scanType',
},
],
i18n: {
createNewLinkText: s__('DastProfiles|DAST Scan'),
name: s__('DastProfiles|Saved Scans'),
errorMessages: {
fetchNetworkError: s__(
'DastProfiles|Could not fetch saved scans. Please refresh the page, or try again later.',
),
deletionNetworkError: s__(
'DastProfiles|Could not delete saved scan. Please refresh the page, or try again later.',
),
deletionBackendError: s__('DastProfiles|Could not delete saved scans:'),
},
noProfilesMessage: s__('DastProfiles|No scans saved yet'),
},
},
}
: {}),
export const getProfileSettings = ({ createNewProfilePaths }) => ({
dastProfiles: {
profileType: 'dastProfiles',
createNewProfilePath: createNewProfilePaths.savedScan,
graphQL: {
query: dastProfilesQuery,
deletion: {
mutation: dastProfileDelete,
optimisticResponse: dastProfilesDeleteResponse({
mutationName: 'dastProfileDelete',
payloadTypeName: 'DastProfileDeletePayload',
}),
},
},
component: DastSavedScansList,
tableFields: [
{
label: s__('DastProfiles|Scan'),
key: 'name',
},
{
label: s__('DastProfiles|Target'),
key: 'dastSiteProfile.targetUrl',
},
{
label: s__('DastProfiles|Scan mode'),
key: 'dastScannerProfile.scanType',
},
],
i18n: {
createNewLinkText: s__('DastProfiles|DAST Scan'),
name: s__('DastProfiles|Saved Scans'),
errorMessages: {
fetchNetworkError: s__(
'DastProfiles|Could not fetch saved scans. Please refresh the page, or try again later.',
),
deletionNetworkError: s__(
'DastProfiles|Could not delete saved scan. Please refresh the page, or try again later.',
),
deletionBackendError: s__('DastProfiles|Could not delete saved scans:'),
},
noProfilesMessage: s__('DastProfiles|No scans saved yet'),
},
},
siteProfiles: {
profileType: 'siteProfiles',
createNewProfilePath: createNewProfilePaths.siteProfile,
......
......@@ -6,7 +6,6 @@ module Projects
before_action do
push_frontend_feature_flag(:security_dast_site_profiles_additional_fields, @project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_saved_scans, @project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_branch_selection, @project, default_enabled: :yaml)
end
......@@ -19,12 +18,9 @@ module Projects
end
def new
not_found unless Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml)
end
def edit
not_found unless Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml)
dast_profile = Dast::ProfilesFinder.new(project_id: @project.id, id: params[:id]).execute.first! # rubocop: disable CodeReuse/ActiveRecord
@dast_profile = {
......
......@@ -7,7 +7,6 @@ module Projects
before_action do
authorize_read_on_demand_scans!
push_frontend_feature_flag(:dast_saved_scans, @project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_failed_site_validations, @project, default_enabled: :yaml)
push_frontend_feature_flag(:dast_branch_selection, @project, default_enabled: :yaml)
end
......
......@@ -59,8 +59,7 @@ module EE
field :dast_profiles,
::Types::Dast::ProfileType.connection_type,
null: true,
description: 'DAST Profiles associated with the project. Always returns no nodes ' \
'if `dast_saved_scans` is disabled.'
description: 'DAST Profiles associated with the project.'
field :dast_site_profile,
::Types::DastSiteProfileType,
......@@ -152,8 +151,6 @@ module EE
end
def dast_profiles
return Dast::Profile.none unless ::Feature.enabled?(:dast_saved_scans, object, default_enabled: :yaml)
Dast::ProfilesFinder.new(project_id: object.id).execute
end
......
......@@ -83,8 +83,7 @@ module Mutations
private
def allowed?(project)
project.feature_available?(:security_on_demand_scans) &&
Feature.enabled?(:dast_saved_scans, project, default_enabled: :yaml)
project.feature_available?(:security_on_demand_scans)
end
def feature_flagged_branch_name(project, branch_name)
......
......@@ -16,7 +16,6 @@ module Mutations
def resolve(id:)
dast_profile = authorized_find!(id)
raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless enabled?(dast_profile.project)
response = ::Dast::Profiles::DestroyService.new(
container: dast_profile.project,
......@@ -29,10 +28,6 @@ module Mutations
private
def enabled?(project)
Feature.enabled?(:dast_saved_scans, project, default_enabled: :yaml)
end
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
......
......@@ -45,8 +45,7 @@ module Mutations
private
def allowed?(project)
project.feature_available?(:security_on_demand_scans) &&
Feature.enabled?(:dast_saved_scans, project, default_enabled: :yaml)
project.feature_available?(:security_on_demand_scans)
end
def find_dast_profile(project, id)
......
......@@ -88,8 +88,7 @@ module Mutations
private
def allowed?(project)
project.feature_available?(:security_on_demand_scans) &&
Feature.enabled?(:dast_saved_scans, project, default_enabled: :yaml)
project.feature_available?(:security_on_demand_scans)
end
def as_model_id(klass, value)
......
......@@ -39,8 +39,7 @@ module Dast
private
def allowed?
container.feature_available?(:security_on_demand_scans) &&
Feature.enabled?(:dast_saved_scans, container, default_enabled: :yaml)
container.feature_available?(:security_on_demand_scans)
end
def dast_site_profile
......
......@@ -14,8 +14,7 @@ module Dast
private
def allowed?
Feature.enabled?(:dast_saved_scans, container, default_enabled: :yaml) &&
can?(current_user, :create_on_demand_dast_scan, container)
can?(current_user, :create_on_demand_dast_scan, container)
end
def unauthorized
......
......@@ -23,7 +23,6 @@ module Dast
def allowed?
container.feature_available?(:security_on_demand_scans) &&
Feature.enabled?(:dast_saved_scans, container, default_enabled: :yaml) &&
can?(current_user, :create_on_demand_dast_scan, container)
end
......
- on_demand_scans_path = Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml) ? new_project_on_demand_scan_path(@project) : project_on_demand_scans_path(@project)
- on_demand_scans_path = new_project_on_demand_scan_path(@project)
- if any_project_nav_tab?([:security, :security_configuration, :dependencies, :licenses, :audit_events])
= nav_link(path: sidebar_security_paths) do
......
......@@ -9,4 +9,4 @@ scanner_profile: { id: @scanner_profile.to_global_id.to_s, name: @scanner_profil
spider_timeout: @scanner_profile.spider_timeout, target_timeout: @scanner_profile.target_timeout,
scan_type: @scanner_profile.scan_type.upcase, use_ajax_spider: @scanner_profile.use_ajax_spider,
show_debug_messages: @scanner_profile.show_debug_messages, referenced_in_security_policies: @scanner_profile.referenced_in_security_policies }.to_json,
on_demand_scans_path: Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml) ? new_project_on_demand_scan_path(@project) : project_on_demand_scans_path(@project) } }
on_demand_scans_path: new_project_on_demand_scan_path(@project) } }
......@@ -5,4 +5,4 @@
.js-dast-scanner-profile-form{ data: { project_full_path: @project.path_with_namespace,
profiles_library_path: project_security_configuration_dast_profiles_path(@project, anchor: 'scanner-profiles'),
on_demand_scans_path: Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml) ? new_project_on_demand_scan_path(@project) : project_on_demand_scans_path(@project) } }
on_demand_scans_path: new_project_on_demand_scan_path(@project) } }
......@@ -8,4 +8,4 @@ profiles_library_path: project_security_configuration_dast_profiles_path(@projec
site_profile: { id: @site_profile.to_global_id.to_s, name: @site_profile.name, target_url: @site_profile.dast_site.url,
excluded_urls: 'https://example.com/logout', request_headers: 'new-header',
auth: { enabled: true, url: 'https://example.com', username: 'admin', usernameField: 'username', passwordField: 'password' }, referenced_in_security_policies: @site_profile.referenced_in_security_policies}.to_json,
on_demand_scans_path: Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml) ? new_project_on_demand_scan_path(@project) : project_on_demand_scans_path(@project) } }
on_demand_scans_path: new_project_on_demand_scan_path(@project) } }
......@@ -5,4 +5,4 @@
.js-dast-site-profile-form{ data: { full_path: @project.path_with_namespace,
profiles_library_path: project_security_configuration_dast_profiles_path(@project, anchor: 'site-profiles'),
on_demand_scans_path: Feature.enabled?(:dast_saved_scans, @project, default_enabled: :yaml) ? new_project_on_demand_scan_path(@project) : project_on_demand_scans_path(@project) } }
on_demand_scans_path: new_project_on_demand_scan_path(@project) } }
---
title: Remove the dast_saved_scans feature flag
merge_request: 56540
author:
type: removed
---
name: dast_saved_scans
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/50469
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/295252
milestone: '13.8'
type: development
group: group::dynamic analysis
default_enabled: true
......@@ -5,7 +5,6 @@ import VueApollo from 'vue-apollo';
import OnDemandScansForm from 'ee/on_demand_scans/components/on_demand_scans_form.vue';
import ScannerProfileSelector from 'ee/on_demand_scans/components/profile_selector/scanner_profile_selector.vue';
import SiteProfileSelector from 'ee/on_demand_scans/components/profile_selector/site_profile_selector.vue';
import dastOnDemandScanCreateMutation from 'ee/on_demand_scans/graphql/dast_on_demand_scan_create.mutation.graphql';
import dastProfileCreateMutation from 'ee/on_demand_scans/graphql/dast_profile_create.mutation.graphql';
import dastProfileUpdateMutation from 'ee/on_demand_scans/graphql/dast_profile_update.mutation.graphql';
import dastScannerProfilesQuery from 'ee/security_configuration/dast_profiles/graphql/dast_scanner_profiles.query.graphql';
......@@ -152,7 +151,6 @@ describe('OnDemandScansForm', () => {
newScannerProfilePath,
newSiteProfilePath,
glFeatures: {
dastSavedScans: true,
dastBranchSelection: true,
},
},
......@@ -464,38 +462,6 @@ describe('OnDemandScansForm', () => {
});
});
describe('dastSavedScans feature flag disabled', () => {
beforeEach(async () => {
mountShallowSubject({
provide: {
glFeatures: {
dastSavedScans: false,
},
},
});
subject.vm.$apollo.mutate.mockResolvedValue({
data: { dastOnDemandScanCreate: { pipelineUrl, errors: [] } },
});
subject.find(ScannerProfileSelector).vm.$emit('input', passiveScannerProfile.id);
subject.find(SiteProfileSelector).vm.$emit('input', nonValidatedSiteProfile.id);
submitForm();
});
it('triggers GraphQL mutation', () => {
expect(subject.vm.$apollo.mutate).toHaveBeenCalledWith({
mutation: dastOnDemandScanCreateMutation,
variables: {
input: {
branchName: defaultBranch,
dastScannerProfileId: passiveScannerProfile.id,
dastSiteProfileId: nonValidatedSiteProfile.id,
fullPath: projectPath,
},
},
});
});
});
describe.each`
description | selectedScannerProfile | selectedSiteProfile | hasConflict
${'a passive scan and a non-validated site'} | ${passiveScannerProfile} | ${nonValidatedSiteProfile} | ${false}
......
......@@ -48,11 +48,6 @@ describe('EE - DastProfiles', () => {
{
propsData: defaultProps,
mocks: defaultMocks,
provide: {
glFeatures: {
dastSavedScans: true,
},
},
},
options,
),
......@@ -240,33 +235,4 @@ describe('EE - DastProfiles', () => {
expect(mutate).toHaveBeenCalledTimes(1);
});
});
describe('dastSavedScans feature flag disabled', () => {
beforeEach(() => {
createFullComponent({
provide: {
glFeatures: {
dastSavedScans: false,
},
},
});
});
it('does not show a "DAST Scan" item in the dropdown', () => {
expect(getSiteProfilesDropdownItem('DAST Scan')).toBe(null);
});
it('shows only 2 tabs', () => {
expect(withinComponent().getAllByRole('tab')).toHaveLength(2);
});
it('"Site Profile" tab should be selected by default', () => {
const tab = getTab({
tabName: 'Site Profiles',
selected: true,
});
expect(tab).not.toBe(null);
});
});
});
......@@ -36,14 +36,6 @@ RSpec.describe Mutations::Dast::Profiles::Create do
end
context 'when the feature is licensed' do
context 'when the feature is enabled' do
it 'raises an exception' do
stub_feature_flags(dast_saved_scans: false)
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a dast scan' do
it 'returns the dast_profile' do
expect(subject[:dast_profile]).to eq(dast_profile)
......
......@@ -23,20 +23,9 @@ RSpec.describe Mutations::Dast::Profiles::Run do
)
end
context 'when the feature flag dast_saved_scans is disabled' do
it 'raises an exception' do
stub_licensed_features(security_on_demand_scans: true)
stub_feature_flags(dast_saved_scans: false)
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when on demand scan licensed feature is not available' do
it 'raises an exception' do
stub_licensed_features(security_on_demand_scans: false)
stub_feature_flags(dast_saved_scans: true)
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
......@@ -44,7 +33,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do
context 'when the feature is enabled' do
before do
stub_licensed_features(security_on_demand_scans: true)
stub_feature_flags(dast_saved_scans: true)
end
context 'when the project does not exist' do
......
......@@ -102,14 +102,6 @@ RSpec.describe Mutations::Dast::Profiles::Update do
expect(subject[:errors]).to include('Profile failed to update')
end
end
context 'when the feature is not enabled' do
before do
stub_feature_flags(dast_saved_scans: false)
end
it_behaves_like 'an unrecoverable failure'
end
end
end
end
......
......@@ -77,16 +77,6 @@ RSpec.describe 'Query.project(fullPath).dastProfiles' do
expect(graphql_data_at(:project, :dast_profiles, :nodes, 0, 'branch')).to eq('name' => 'master', 'exists' => true)
end
context 'when the feature is disabled' do
it 'returns no nodes' do
stub_feature_flags(dast_saved_scans: false)
subject
expect(graphql_data_at(:project, :dast_profiles, :nodes)).to be_empty
end
end
end
def pagination_query(arguments)
......
......@@ -24,22 +24,9 @@ RSpec.describe Dast::Profiles::CreateService do
subject { described_class.new(container: project, current_user: developer, params: params).execute }
describe 'execute' do
context 'when on demand scan feature is disabled' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: true)
stub_feature_flags(dast_saved_scans: false)
aggregate_failures do
expect(subject.status).to eq(:error)
expect(subject.message).to eq('Insufficient permissions')
end
end
end
context 'when on demand scan licensed feature is not available' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: false)
stub_feature_flags(dast_saved_scans: true)
aggregate_failures do
expect(subject.status).to eq(:error)
......@@ -51,7 +38,6 @@ RSpec.describe Dast::Profiles::CreateService do
context 'when the feature is enabled' do
before do
stub_licensed_features(security_on_demand_scans: true)
stub_feature_flags(dast_saved_scans: true)
end
it 'communicates success' do
......
......@@ -18,22 +18,9 @@ RSpec.describe Dast::Profiles::DestroyService do
end
describe '#execute' do
context 'when the feature flag dast_saved_scans is disabled' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: true)
stub_feature_flags(dast_saved_scans: false)
expect(subject).to have_attributes(
status: :error,
message: 'You are not authorized to update this profile'
)
end
end
context 'when on demand scan licensed feature is not available' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: false)
stub_feature_flags(dast_saved_scans: true)
expect(subject).to have_attributes(
status: :error,
......@@ -45,7 +32,6 @@ RSpec.describe Dast::Profiles::DestroyService do
context 'when the feature is enabled' do
before do
stub_licensed_features(security_on_demand_scans: true)
stub_feature_flags(dast_saved_scans: true)
end
context 'when the user cannot destroy a DAST profile' do
......
......@@ -31,22 +31,9 @@ RSpec.describe Dast::Profiles::UpdateService do
end
describe 'execute', :clean_gitlab_redis_shared_state do
context 'when on demand scan feature is disabled' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: true)
stub_feature_flags(dast_saved_scans: false)
aggregate_failures do
expect(subject.status).to eq(:error)
expect(subject.message).to eq('You are not authorized to update this profile')
end
end
end
context 'when on demand scan licensed feature is not available' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: false)
stub_feature_flags(dast_saved_scans: true)
aggregate_failures do
expect(subject.status).to eq(:error)
......@@ -58,7 +45,6 @@ RSpec.describe Dast::Profiles::UpdateService do
context 'when the feature is enabled' do
before do
stub_licensed_features(security_on_demand_scans: true)
stub_feature_flags(dast_saved_scans: true)
end
context 'when the user cannot run a DAST scan' do
......
......@@ -12,18 +12,6 @@ RSpec.describe DastSiteValidations::CreateService do
subject { described_class.new(container: dast_site.project, params: params).execute }
describe 'execute', :clean_gitlab_redis_shared_state do
context 'when on demand scan feature is disabled' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: false)
stub_feature_flags(dast_saved_scans: false)
aggregate_failures do
expect(subject.status).to eq(:error)
expect(subject.message).to eq('Insufficient permissions')
end
end
end
context 'when on demand scan licensed feature is not available' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: false)
......
......@@ -16,18 +16,6 @@ RSpec.describe DastSiteValidations::RevokeService do
subject { described_class.new(container: project, params: params).execute }
describe 'execute', :clean_gitlab_redis_shared_state do
context 'when on demand scan feature is disabled' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: false)
stub_feature_flags(dast_saved_scans: false)
aggregate_failures do
expect(subject.status).to eq(:error)
expect(subject.message).to eq('Insufficient permissions')
end
end
end
context 'when on demand scan licensed feature is not available' do
it 'communicates failure' do
stub_licensed_features(security_on_demand_scans: false)
......
......@@ -21284,9 +21284,6 @@ msgstr ""
msgid "OnDemandScans|Manage DAST scans"
msgstr ""
msgid "OnDemandScans|Manage profiles"
msgstr ""
msgid "OnDemandScans|Manage scanner profiles"
msgstr ""
......@@ -21311,9 +21308,6 @@ msgstr ""
msgid "OnDemandScans|On-demand scans run outside the DevOps cycle and find vulnerabilities in your projects. %{learnMoreLinkStart}Learn more%{learnMoreLinkEnd}"
msgstr ""
msgid "OnDemandScans|Run scan"
msgstr ""
msgid "OnDemandScans|Save and run scan"
msgstr ""
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment