Commit 0fd20223 authored by David Pisek's avatar David Pisek Committed by Paul Slaughter

Add security configuration navigation item

This commit adds a new navigation item to the main navigation. It
sits within a project's "Security & Compliance" submenu and
links to the security configuration screen.
parent 181bb515
---
type: reference, howto
---
# Security Configuration **(ULTIMATE)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6.
## Overview
The security configuration page displays the configuration state of each of the security
features and can be accessed through a project's sidebar nav.
![Screenshot of security configuration page](../img/security_configuration_page_v12_6.png)
The page uses the project's latest default branch [CI pipeline](../../../ci/pipelines.md) to determine the configuration
state of each feature. If a job with the expected security report artifact exists in the pipeline,
the feature is considered configured.
NOTE: **Note:** if the latest pipeline used [Auto DevOps](../../../topics/autodevops/index.md),
all security features will be configured by default.
## Limitations
It is not possible to enable or disable a feature using the configuration page.
However, instructions on how to enable or disable a feature can be found through
the links next to each feature on that page.
...@@ -38,6 +38,7 @@ module EE ...@@ -38,6 +38,7 @@ module EE
if can?(current_user, :read_project_security_dashboard, @project) if can?(current_user, :read_project_security_dashboard, @project)
nav_tabs << :security nav_tabs << :security
nav_tabs << :security_configuration
end end
if can?(current_user, :read_dependencies, @project) if can?(current_user, :read_dependencies, @project)
...@@ -140,6 +141,7 @@ module EE ...@@ -140,6 +141,7 @@ module EE
def sidebar_security_paths def sidebar_security_paths
%w[ %w[
projects/security/configuration#show
projects/security/dashboard#show projects/security/dashboard#show
projects/dependencies#show projects/dependencies#show
projects/licenses#show projects/licenses#show
......
...@@ -32,3 +32,8 @@ ...@@ -32,3 +32,8 @@
= nav_link(path: 'projects/licenses#show') do = nav_link(path: 'projects/licenses#show') do
= link_to project_licenses_path(@project), title: _('License Compliance'), data: { qa_selector: 'licenses_list_link' } do = link_to project_licenses_path(@project), title: _('License Compliance'), data: { qa_selector: 'licenses_list_link' } do
%span= _('License Compliance') %span= _('License Compliance')
- if project_nav_tab?(:security_configuration)
= nav_link(path: 'projects/security/configuration#show') do
= link_to project_security_configuration_path(@project), title: _('Configuration'), data: { qa_selector: 'security_configuration_link'} do
%span= _('Configuration')
---
title: Add security configuration navigation item
merge_request: 20711
author:
type: added
...@@ -148,6 +148,10 @@ describe 'layouts/nav/sidebar/_project' do ...@@ -148,6 +148,10 @@ describe 'layouts/nav/sidebar/_project' do
expect(rendered).to have_link('Security Dashboard', href: project_security_dashboard_path(project)) expect(rendered).to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end end
it 'security configuration link is visible' do
expect(rendered).to have_link('Configuration', href: project_security_configuration_path(project))
end
it 'dependency list link is visible' do it 'dependency list link is visible' do
expect(rendered).to have_link('Dependency List', href: project_dependencies_path(project)) expect(rendered).to have_link('Dependency List', href: project_dependencies_path(project))
end end
...@@ -165,6 +169,10 @@ describe 'layouts/nav/sidebar/_project' do ...@@ -165,6 +169,10 @@ describe 'layouts/nav/sidebar/_project' do
expect(rendered).to have_link('Security Dashboard', href: project_security_dashboard_path(project)) expect(rendered).to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end end
it 'security configuration link is visible' do
expect(rendered).to have_link('Configuration', href: project_security_configuration_path(project))
end
it 'dependency list link is not visible' do it 'dependency list link is not visible' do
expect(rendered).not_to have_link('Dependency List', href: project_dependencies_path(project)) expect(rendered).not_to have_link('Dependency List', href: project_dependencies_path(project))
end end
...@@ -182,6 +190,10 @@ describe 'layouts/nav/sidebar/_project' do ...@@ -182,6 +190,10 @@ describe 'layouts/nav/sidebar/_project' do
expect(rendered).not_to have_link('Security Dashboard', href: project_security_dashboard_path(project)) expect(rendered).not_to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end end
it 'security configuration link is not visible' do
expect(rendered).not_to have_link('Configuration', href: project_security_configuration_path(project))
end
it 'dependency list link is visible' do it 'dependency list link is visible' do
expect(rendered).to have_link('Dependency List', href: project_dependencies_path(project)) expect(rendered).to have_link('Dependency List', href: project_dependencies_path(project))
end end
...@@ -199,6 +211,10 @@ describe 'layouts/nav/sidebar/_project' do ...@@ -199,6 +211,10 @@ describe 'layouts/nav/sidebar/_project' do
expect(rendered).not_to have_link('Security Dashboard', href: project_security_dashboard_path(project)) expect(rendered).not_to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end end
it 'security configuration link is not visible' do
expect(rendered).not_to have_link('Configuration', href: project_security_configuration_path(project))
end
it 'dependency list link is not visible' do it 'dependency list link is not visible' do
expect(rendered).not_to have_link('Dependency List', href: project_dependencies_path(project)) expect(rendered).not_to have_link('Dependency List', href: project_dependencies_path(project))
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment