Merge branch 'secure-remove-deprecated-mr-widget-code' into 'master'

Delete inaccessible Security Report Code See merge request gitlab-org/gitlab!22153

Merge branch 'secure-remove-deprecated-mr-widget-code' into 'master'
Delete inaccessible Security Report Code See merge request gitlab-org/gitlab!22153
1aa19e0d · Mark Florian · bcf1d813 · d88b3b5d · 1aa19e0d · 1aa19e0d
Commit 1aa19e0d authored Jan 22, 2020 by Mark Florian
14 changed files
--- a/ee/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue
+++ b/ee/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue
@@ -72,10 +72,8 @@ export default {
    },
    shouldRenderSecurityReport() {
      return (
-        (this.mr.sast && this.mr.sast.head_path) ||
+        this.mr.enabledSecurityReports &&
-        (this.mr.sastContainer && this.mr.sastContainer.head_path) ||
+        Object.values(this.mr.enabledSecurityReports).some(isReportEnabled => isReportEnabled)
-        (this.mr.dast && this.mr.dast.head_path) ||
-        (this.mr.dependencyScanning && this.mr.dependencyScanning.head_path)
      );
    },
    codequalityText() {
@@ -304,17 +302,9 @@ export default {
        :target-branch="mr.targetBranch"
        :base-blob-path="mr.baseBlobPath"
        :enabled-reports="mr.enabledSecurityReports"
-        :sast-head-path="mr.sast.head_path"
-        :sast-base-path="mr.sast.base_path"
        :sast-help-path="mr.sastHelp"
-        :dast-head-path="mr.dast.head_path"
-        :dast-base-path="mr.dast.base_path"
        :dast-help-path="mr.dastHelp"
-        :sast-container-head-path="mr.sastContainer.head_path"
-        :sast-container-base-path="mr.sastContainer.base_path"
        :sast-container-help-path="mr.sastContainerHelp"
-        :dependency-scanning-head-path="mr.dependencyScanning.head_path"
-        :dependency-scanning-base-path="mr.dependencyScanning.base_path"
        :dependency-scanning-help-path="mr.dependencyScanningHelp"
        :vulnerability-feedback-path="mr.vulnerabilityFeedbackPath"
        :vulnerability-feedback-help-path="mr.vulnerabilityFeedbackHelpPath"

--- a/ee/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
+++ b/ee/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
@@ -10,10 +10,6 @@ export default class MergeRequestStore extends CEMergeRequestStore {
    const blobPath = data.blob_path || {};
    this.headBlobPath = blobPath.head_path || '';
    this.baseBlobPath = blobPath.base_path || '';
-    this.sast = data.sast || {};
-    this.sastContainer = data.sast_container || {};
-    this.dast = data.dast || {};
-    this.dependencyScanning = data.dependency_scanning || {};
    this.sastHelp = data.sast_help_path;
    this.sastContainerHelp = data.sast_container_help_path;
    this.dastHelp = data.dast_help_path;

--- a/ee/app/assets/javascripts/vue_shared/security_reports/grouped_security_reports_app.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/grouped_security_reports_app.vue
@@ -46,46 +46,6 @@ export default {
      required: false,
      default: null,
    },
-    sastHeadPath: {
-      type: String,
-      required: false,
-      default: null,
-    },
-    sastBasePath: {
-      type: String,
-      required: false,
-      default: null,
-    },
-    dastHeadPath: {
-      type: String,
-      required: false,
-      default: null,
-    },
-    dastBasePath: {
-      type: String,
-      required: false,
-      default: null,
-    },
-    sastContainerHeadPath: {
-      type: String,
-      required: false,
-      default: null,
-    },
-    sastContainerBasePath: {
-      type: String,
-      required: false,
-      default: null,
-    },
-    dependencyScanningHeadPath: {
-      type: String,
-      required: false,
-      default: null,
-    },
-    dependencyScanningBasePath: {
-      type: String,
-      required: false,
-      default: null,
-    },
    sastHelpPath: {
      type: String,
      required: false,
@@ -182,21 +142,16 @@ export default {
      return `${this.pipelinePath}/security`;
    },
    hasContainerScanningReports() {
-      const type = 'containerScanning';
+      return this.enabledReports.containerScanning;
-      if (this.isMergeRequestReportApiEnabled(type)) {
-        return this.enabledReports[type];
-      }
-      const { head, diffEndpoint } = this.sastContainer.paths;
-      return Boolean(head || diffEndpoint);
    },
    hasDependencyScanningReports() {
-      return this.hasReportsType('dependencyScanning');
+      return this.enabledReports.dependencyScanning;
    },
    hasDastReports() {
-      return this.hasReportsType('dast');
+      return this.enabledReports.dast;
    },
    hasSastReports() {
-      return this.hasReportsType('sast');
+      return this.enabledReports.sast;
    },
    subHeadingText() {
      const mrDivergedCommitsCount =
@@ -236,70 +191,36 @@ export default {
    this.setCanCreateIssuePermission(this.canCreateIssue);
    this.setCanCreateFeedbackPermission(this.canCreateFeedback);
-    const sastDiffEndpoint = gl && gl.mrWidgetData && gl.mrWidgetData.sast_comparison_path;
+    // eslint-disable-next-line camelcase
+    const sastDiffEndpoint = gl?.mrWidgetData?.sast_comparison_path;
-    if (this.isMergeRequestReportApiEnabled('sast') && sastDiffEndpoint && this.hasSastReports) {
+    if (sastDiffEndpoint && this.hasSastReports) {
      this.setSastDiffEndpoint(sastDiffEndpoint);
      this.fetchSastDiff();
-    } else if (this.sastHeadPath) {
-      this.setSastHeadPath(this.sastHeadPath);
-      if (this.sastBasePath) {
-        this.setSastBasePath(this.sastBasePath);
-      }
-      this.fetchSastReports();
    }
-    const sastContainerDiffEndpoint =
+    // eslint-disable-next-line camelcase
-      gl && gl.mrWidgetData && gl.mrWidgetData.container_scanning_comparison_path;
+    const containerScanningDiffEndpoint = gl?.mrWidgetData?.container_scanning_comparison_path;
-    if (
+    if (containerScanningDiffEndpoint && this.hasContainerScanningReports) {
-      this.isMergeRequestReportApiEnabled('containerScanning') &&
+      this.setSastContainerDiffEndpoint(containerScanningDiffEndpoint);
-      sastContainerDiffEndpoint &&
-      this.hasContainerScanningReports
-    ) {
-      this.setSastContainerDiffEndpoint(sastContainerDiffEndpoint);
      this.fetchSastContainerDiff();
-    } else if (this.sastContainerHeadPath) {
-      this.setSastContainerHeadPath(this.sastContainerHeadPath);
-      if (this.sastContainerBasePath) {
-        this.setSastContainerBasePath(this.sastContainerBasePath);
-      }
-      this.fetchSastContainerReports();
    }
-    const dastDiffEndpoint = gl && gl.mrWidgetData && gl.mrWidgetData.dast_comparison_path;
+    // eslint-disable-next-line camelcase
+    const dastDiffEndpoint = gl?.mrWidgetData?.dast_comparison_path;
-    if (this.isMergeRequestReportApiEnabled('dast') && dastDiffEndpoint && this.hasDastReports) {
+    if (dastDiffEndpoint && this.hasDastReports) {
      this.setDastDiffEndpoint(dastDiffEndpoint);
      this.fetchDastDiff();
-    } else if (this.dastHeadPath) {
-      this.setDastHeadPath(this.dastHeadPath);
-      if (this.dastBasePath) {
-        this.setDastBasePath(this.dastBasePath);
-      }
-      this.fetchDastReports();
    }
-    const dependencyScanningDiffEndpoint =
+    // eslint-disable-next-line camelcase
-      gl && gl.mrWidgetData && gl.mrWidgetData.dependency_scanning_comparison_path;
+    const dependencyScanningDiffEndpoint = gl?.mrWidgetData?.dependency_scanning_comparison_path;
-    if (
+    if (dependencyScanningDiffEndpoint && this.hasDependencyScanningReports) {
-      this.isMergeRequestReportApiEnabled('dependencyScanning') &&
-      dependencyScanningDiffEndpoint &&
-      this.hasDependencyScanningReports
-    ) {
      this.setDependencyScanningDiffEndpoint(dependencyScanningDiffEndpoint);
      this.fetchDependencyScanningDiff();
-    } else if (this.dependencyScanningHeadPath) {
-      this.setDependencyScanningHeadPath(this.dependencyScanningHeadPath);
-      if (this.dependencyScanningBasePath) {
-        this.setDependencyScanningBasePath(this.dependencyScanningBasePath);
-      }
-      this.fetchDependencyScanningReports();
    }
  },
  methods: {
@@ -308,15 +229,6 @@ export default {
      'setHeadBlobPath',
      'setBaseBlobPath',
      'setSourceBranch',
-      'setSastContainerHeadPath',
-      'setSastContainerBasePath',
-      'setDastHeadPath',
-      'setDastBasePath',
-      'setDependencyScanningHeadPath',
-      'setDependencyScanningBasePath',
-      'fetchSastContainerReports',
-      'fetchDastReports',
-      'fetchDependencyScanningReports',
      'setVulnerabilityFeedbackPath',
      'setVulnerabilityFeedbackHelpPath',
      'setCreateVulnerabilityFeedbackIssuePath',
@@ -344,22 +256,9 @@ export default {
      'setDastDiffEndpoint',
    ]),
    ...mapActions('sast', {
-      setSastHeadPath: 'setHeadPath',
-      setSastBasePath: 'setBasePath',
      setSastDiffEndpoint: 'setDiffEndpoint',
-      fetchSastReports: 'fetchReports',
      fetchSastDiff: 'fetchDiff',
    }),
-    isMergeRequestReportApiEnabled(type) {
-      return Boolean(this.glFeatures[`${type}MergeRequestReportApi`]);
-    },
-    hasReportsType(type) {
-      if (this.isMergeRequestReportApiEnabled(type)) {
-        return this.enabledReports[type];
-      }
-      const { head, diffEndpoint } = this[type].paths;
-      return Boolean(head || diffEndpoint);
-    },
  },
 };
 </script>

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/getters.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/getters.js
@@ -119,10 +119,10 @@ export const anyReportHasError = state =>
  state.dependencyScanning.hasError;
 export const noBaseInAllReports = state =>
-  !state.sast.paths.base &&
+  !state.sast.hasBaseReport &&
-  !state.dast.paths.base &&
+  !state.dast.hasBaseReport &&
-  !state.sastContainer.paths.base &&
+  !state.sastContainer.hasBaseReport &&
-  !state.dependencyScanning.paths.base;
+  !state.dependencyScanning.hasBaseReport;
 export const anyReportHasIssues = state =>
  state.sast.newIssues.length > 0 ||

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/modules/sast/mutations.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/modules/sast/mutations.js
@@ -62,12 +62,14 @@ export default {
  [types.RECEIVE_DIFF_SUCCESS](state, { diff, enrichData }) {
    const { added, fixed, existing } = parseDiff(diff, enrichData);
    const baseReportOutofDate = diff.base_report_out_of_date || false;
+    const hasBaseReport = Boolean(diff.base_report_created_at);
    state.isLoading = false;
    state.newIssues = added;
    state.resolvedIssues = fixed;
    state.allIssues = existing;
    state.baseReportOutofDate = baseReportOutofDate;
+    state.hasBaseReport = hasBaseReport;
  },
  [types.RECEIVE_DIFF_ERROR](state) {

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/modules/sast/state.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/modules/sast/state.js
@@ -12,4 +12,5 @@ export default () => ({
  resolvedIssues: [],
  allIssues: [],
  baseReportOutofDate: false,
+  hasBaseReport: false,
 });
--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/mutations.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/mutations.js
@@ -109,12 +109,14 @@ export default {
  [types.RECEIVE_SAST_CONTAINER_DIFF_SUCCESS](state, { diff, enrichData }) {
    const { added, fixed, existing } = parseDiff(diff, enrichData);
    const baseReportOutofDate = diff.base_report_out_of_date || false;
+    const hasBaseReport = Boolean(diff.base_report_created_at);
    Vue.set(state.sastContainer, 'isLoading', false);
    Vue.set(state.sastContainer, 'newIssues', added);
    Vue.set(state.sastContainer, 'resolvedIssues', fixed);
    Vue.set(state.sastContainer, 'allIssues', existing);
    Vue.set(state.sastContainer, 'baseReportOutofDate', baseReportOutofDate);
+    Vue.set(state.sastContainer, 'hasBaseReport', hasBaseReport);
  },
  [types.RECEIVE_SAST_CONTAINER_DIFF_ERROR](state) {
@@ -167,12 +169,14 @@ export default {
  [types.RECEIVE_DAST_DIFF_SUCCESS](state, { diff, enrichData }) {
    const { added, fixed, existing } = parseDiff(diff, enrichData);
    const baseReportOutofDate = diff.base_report_out_of_date || false;
+    const hasBaseReport = Boolean(diff.base_report_created_at);
    Vue.set(state.dast, 'isLoading', false);
    Vue.set(state.dast, 'newIssues', added);
    Vue.set(state.dast, 'resolvedIssues', fixed);
    Vue.set(state.dast, 'allIssues', existing);
    Vue.set(state.dast, 'baseReportOutofDate', baseReportOutofDate);
+    Vue.set(state.dast, 'hasBaseReport', hasBaseReport);
  },
  [types.RECEIVE_DAST_DIFF_ERROR](state) {
@@ -256,12 +260,14 @@ export default {
  [types.RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS](state, { diff, enrichData }) {
    const { added, fixed, existing } = parseDiff(diff, enrichData);
    const baseReportOutofDate = diff.base_report_out_of_date || false;
+    const hasBaseReport = Boolean(diff.base_report_created_at);
    Vue.set(state.dependencyScanning, 'isLoading', false);
    Vue.set(state.dependencyScanning, 'newIssues', added);
    Vue.set(state.dependencyScanning, 'resolvedIssues', fixed);
    Vue.set(state.dependencyScanning, 'allIssues', existing);
    Vue.set(state.dependencyScanning, 'baseReportOutofDate', baseReportOutofDate);
+    Vue.set(state.dependencyScanning, 'hasBaseReport', hasBaseReport);
  },
  [types.RECEIVE_DEPENDENCY_SCANNING_DIFF_ERROR](state) {

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/state.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/state.js
@@ -29,6 +29,7 @@ export default () => ({
    newIssues: [],
    resolvedIssues: [],
    baseReportOutofDate: false,
+    hasBaseReport: false,
  },
  dast: {
    paths: {
@@ -43,6 +44,7 @@ export default () => ({
    newIssues: [],
    resolvedIssues: [],
    baseReportOutofDate: false,
+    hasBaseReport: false,
  },
  dependencyScanning: {
@@ -59,6 +61,7 @@ export default () => ({
    resolvedIssues: [],
    allIssues: [],
    baseReportOutofDate: false,
+    hasBaseReport: false,
  },
  modal: {

--- a/ee/spec/frontend/vue_shared/security_reports/mock_data.js
+++ b/ee/spec/frontend/vue_shared/security_reports/mock_data.js
--- a/ee/spec/frontend/vue_shared/security_reports/store/getters_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/store/getters_spec.js
@@ -525,8 +525,8 @@ describe('Security reports getters', () => {
      expect(noBaseInAllReports(state)).toEqual(true);
    });
-    it('returns false when any of the reports has base', () => {
+    it('returns false when any of the reports has a base', () => {
-      state.dast.paths.base = BASE_PATH;
+      state.dast.hasBaseReport = true;
      expect(noBaseInAllReports(state)).toEqual(false);
    });

--- a/ee/spec/javascripts/vue_mr_widget/ee_mr_widget_options_spec.js
+++ b/ee/spec/javascripts/vue_mr_widget/ee_mr_widget_options_spec.js
--- a/ee/spec/javascripts/vue_mr_widget/mock_data.js
+++ b/ee/spec/javascripts/vue_mr_widget/mock_data.js
@@ -11,9 +11,9 @@ export default Object.assign({}, mockData, {
  },
  vulnerability_feedback_help_path: '/help/user/application_security/index',
  enabled_reports: {
-    sast: true,
+    sast: false,
    container_scanning: false,
-    dast: true,
+    dast: false,
    dependency_scanning: false,
    license_management: true,
  },

--- a/ee/spec/javascripts/vue_shared/security_reports/grouped_security_reports_app_spec.js
+++ b/ee/spec/javascripts/vue_shared/security_reports/grouped_security_reports_app_spec.js
--- a/ee/spec/javascripts/vue_shared/security_reports/mock_data.js
+++ b/ee/spec/javascripts/vue_shared/security_reports/mock_data.js
@@ -4,37 +4,22 @@ import * as mockData from '../../../frontend/vue_shared/security_reports/mock_da
 // https://gitlab.com/gitlab-org/gitlab/merge_requests/10466#note_156218753
 export const {
-  allIssuesParsed,
-  baseIssues,
  containerScanningFeedbacks,
  dast,
  dastBase,
  dastFeedbacks,
  dependencyScanningFeedbacks,
-  dependencyScanningIssues,
-  dependencyScanningIssuesBase,
-  dependencyScanningIssuesMajor2,
-  dependencyScanningIssuesOld,
  dockerBaseReport,
-  dockerNewIssues,
-  dockerOnlyHeadParsed,
  dockerReport,
  dockerReportParsed,
-  oldSastIssues,
  parsedDast,
-  parsedDastNewIssues,
-  parsedDependencyScanningBaseStore,
-  parsedDependencyScanningIssuesHead,
-  parsedDependencyScanningIssuesStore,
-  parsedSastBaseStore,
-  parsedSastContainerBaseStore,
-  parsedSastIssuesHead,
-  parsedSastIssuesStore,
-  sastBaseAllIssues,
  sastFeedbacks,
-  sastHeadAllIssues,
  sastIssues,
  sastIssuesBase,
-  sastIssuesMajor2,
  sastParsedIssues,
+  mockFindings,
+  sastDiffSuccessMock,
+  dastDiffSuccessMock,
+  containerScanningDiffSuccessMock,
+  dependencyScanningDiffSuccessMock,
 } = mockData;