vulnerabilities_controller.rb 1.27 KB
Newer Older
1 2 3 4 5
# frozen_string_literal: true

module Projects
  module Security
    class VulnerabilitiesController < Projects::ApplicationController
6
      include SecurityAndCompliancePermissions
7
      include SecurityDashboardsPermissions
8 9 10
      include IssuableActions
      include RendersNotes

11 12
      before_action do
        push_frontend_feature_flag(:create_vulnerability_jira_issue_via_graphql, @project, default_enabled: :yaml)
13
        push_frontend_feature_flag(:secure_vulnerability_training, @project, default_enabled: :yaml)
14 15
      end

16 17
      before_action :vulnerability, except: [:index, :new]
      before_action :authorize_create_vulnerability!, only: :new
18 19 20

      alias_method :vulnerable, :project

21 22
      feature_category :vulnerability_management

23
      def show
Subashis's avatar
Subashis committed
24
        pipeline = vulnerability.finding.first_finding_pipeline
25
        @pipeline = pipeline if Ability.allowed?(current_user, :read_pipeline, pipeline)
26
        @gfm_form = true
27
      end
28 29 30 31 32 33 34 35 36

      private

      def vulnerability
        @issuable = @noteable = @vulnerability ||= vulnerable.vulnerabilities.find(params[:id])
      end

      alias_method :issuable, :vulnerability
      alias_method :noteable, :vulnerability
37 38 39 40

      def issue_serializer
        IssueSerializer.new(current_user: current_user)
      end
41 42 43
    end
  end
end