Commit f333eb77 authored by Ash McKenzie's avatar Ash McKenzie

Merge branch '212941-sec-tab-for-reporters' into 'master'

Hide Pipeline Security tab from reporters

See merge request gitlab-org/gitlab!29334
parents f412d4fb acf61727
......@@ -19,6 +19,8 @@ module EE
end
def expose_security_dashboard?
return false unless can?(current_user, :read_vulnerability, pipeline.project)
batch_lookup_report_artifact_for_file_type(:sast) ||
batch_lookup_report_artifact_for_file_type(:dependency_scanning) ||
batch_lookup_report_artifact_for_file_type(:dast) ||
......
---
title: Hide Pipeline Security tab from reporters
merge_request: 29334
author:
type: changed
......@@ -21,7 +21,7 @@ describe Projects::PipelinesController do
context 'with feature enabled' do
before do
stub_licensed_features(sast: true)
stub_licensed_features(sast: true, security_dashboard: true)
get :security, params: { namespace_id: project.namespace, project_id: project, id: pipeline }
end
......
......@@ -95,7 +95,7 @@ describe 'Pipeline', :js do
let(:pipeline) { create(:ci_pipeline, project: project, ref: 'master', sha: project.commit.id) }
before do
stub_licensed_features(sast: true)
stub_licensed_features(sast: true, security_dashboard: true)
end
context 'with a sast artifact' do
......@@ -121,7 +121,7 @@ describe 'Pipeline', :js do
it 'displays the pipeline graph' do
expect(current_path).to eq(pipeline_path(pipeline))
expect(page).not_to have_content('Security')
expect(page).not_to have_css('#js-tab-security')
expect(page).to have_selector('.pipeline-visualization')
end
end
......
......@@ -28,9 +28,20 @@ describe Ci::PipelinePresenter do
describe '#expose_security_dashboard?' do
subject { presenter.expose_security_dashboard? }
let(:current_user) { create(:user) }
before do
allow(presenter).to receive(:current_user) { current_user }
end
context 'with developer' do
before do
project.add_developer(current_user)
end
context 'when features are available' do
before do
stub_licensed_features(dependency_scanning: true, license_scanning: true)
stub_licensed_features(dependency_scanning: true, license_scanning: true, security_dashboard: true)
end
context 'when there is an artifact of a right type' do
......@@ -60,4 +71,16 @@ describe Ci::PipelinePresenter do
end
end
end
context 'with reporter' do
let!(:build) { create(:ee_ci_build, :dependency_scanning, pipeline: pipeline) }
before do
project.add_reporter(current_user)
stub_licensed_features(dependency_scanning: true, license_scanning: true, security_dashboard: true)
end
it { is_expected.to be_falsey }
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment