Merge branch 'add-approval-status-field-lm' into 'master'

Extend License Compliance entity for Pipelines and MR view See merge request gitlab-org/gitlab-ee!15957

Merge branch 'add-approval-status-field-lm' into 'master'
Extend License Compliance entity for Pipelines and MR view See merge request gitlab-org/gitlab-ee!15957
395dbfa0 · Rémy Coutable · 1567a6ee · f55e46b7 · 395dbfa0 · 395dbfa0
Commit 395dbfa0 authored Sep 05, 2019 by Rémy Coutable
20 changed files
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -1240,9 +1240,9 @@ class MergeRequest < ApplicationRecord
    compare_reports(Ci::CompareTestReportsService)
  end
-  def compare_reports(service_class)
+  def compare_reports(service_class, current_user = nil)
    with_reactive_cache(service_class.name) do |data|
-      unless service_class.new(project)
+      unless service_class.new(project, current_user)
        .latest?(base_pipeline, actual_head_pipeline, data)
        raise InvalidateReactiveCache
      end

--- a/ee/app/controllers/ee/projects/merge_requests_controller.rb
+++ b/ee/app/controllers/ee/projects/merge_requests_controller.rb
@@ -48,7 +48,7 @@ module EE
      end
      def license_management_reports
-        reports_response(merge_request.compare_license_management_reports)
+        reports_response(merge_request.compare_license_management_reports(current_user))
      end
      def container_scanning_reports

--- a/ee/app/controllers/ee/projects/pipelines_controller.rb
+++ b/ee/app/controllers/ee/projects/pipelines_controller.rb
@@ -31,7 +31,8 @@ module EE
          if report_exists
            format.html { render_show }
            format.json do
-              render json: LicenseManagementReportLicenseEntity.licenses_payload(pipeline.license_management_report), status: :ok
+              data = LicenseManagementReportsSerializer.new(project: project, current_user: current_user).represent(pipeline&.license_management_report&.licenses)
+              render json: data, status: :ok
            end
          else
            format.html { redirect_to pipeline_path(pipeline) }

--- a/ee/app/models/ee/merge_request.rb
+++ b/ee/app/models/ee/merge_request.rb
@@ -152,12 +152,12 @@ module EE
      compare_reports(::Ci::CompareSastReportsService)
    end
-    def compare_license_management_reports
+    def compare_license_management_reports(current_user)
      unless has_license_management_reports?
        return { status: :error, status_reason: 'This merge request does not have license management reports' }
      end
-      compare_reports(::Ci::CompareLicenseManagementReportsService)
+      compare_reports(::Ci::CompareLicenseManagementReportsService, current_user)
    end
    def has_metrics_reports?

--- a/ee/app/serializers/ee/license_management_reports_serializer.rb
+++ b/ee/app/serializers/ee/license_management_reports_serializer.rb
+# frozen_string_literal: true
+class LicenseManagementReportsSerializer < BaseSerializer
+  entity LicenseManagementReportLicenseEntity
+end
--- a/ee/app/serializers/license_management_report_license_entity.rb
+++ b/ee/app/serializers/license_management_report_license_entity.rb
 # frozen_string_literal: true
 class LicenseManagementReportLicenseEntity < Grape::Entity
+  include RequestAwareEntity
  expose :name
+  expose :classification
  expose :dependencies, using: LicenseManagementReportDependencyEntity
-  expose :count do |license|
+  expose :count
-    license.dependencies.size
+  expose :url
-  end
-  def self.licenses_payload(report)
+  def classification
-    report.licenses.empty? ? {} : self.represent(report.licenses).as_json
+    default = { id: nil, name: value_for(:name), approval_status: 'unclassified' }
+    found = SoftwareLicensePoliciesFinder.new(request&.current_user, request&.project, name: value_for(:name)).find
+    ManagedLicenseEntity.represent(found || default)
  end
 end
--- a/ee/app/services/ci/compare_license_management_reports_service.rb
+++ b/ee/app/services/ci/compare_license_management_reports_service.rb
@@ -10,6 +10,10 @@ module Ci
      LicenseManagementReportsComparerSerializer
    end
+    def serializer_params
+      { project: project, current_user: current_user }
+    end
    def get_report(pipeline)
      pipeline&.license_management_report
    end

--- a/ee/changelogs/unreleased/add-approval-status-field-lm.yml
+++ b/ee/changelogs/unreleased/add-approval-status-field-lm.yml
+---
+title: Extend License Compliance entity for Pipelines and MR view
+merge_request: 15957
+author:
+type: changed
--- a/ee/lib/gitlab/ci/parsers/license_management/license_management.rb
+++ b/ee/lib/gitlab/ci/parsers/license_management/license_management.rb
@@ -18,9 +18,11 @@ module Gitlab
                license_dependencies = root['dependencies'].select do |dependency|
                  uses_license?(dependency['license']['name'], license_name)
                end
                license_dependencies.each do |dependency|
-                  license_management_report.add_dependency(license_name, dependency['dependency']['name'])
+                  license_management_report.add_dependency(license_name,
+                                                           license_hash['count'],
+                                                           dependency['license']['url'],
+                                                           dependency['dependency']['name'])
                end
              end
            end

--- a/ee/lib/gitlab/ci/reports/license_management/license.rb
+++ b/ee/lib/gitlab/ci/reports/license_management/license.rb
@@ -5,10 +5,12 @@ module Gitlab
    module Reports
      module LicenseManagement
        class License
-          attr_reader :name, :status
+          attr_reader :name, :url, :count
-          def initialize(name)
+          def initialize(name, count, url)
            @name = name
+            @count = count
+            @url = url
            @dependencies = Set.new
          end

--- a/ee/lib/gitlab/ci/reports/license_management/report.rb
+++ b/ee/lib/gitlab/ci/reports/license_management/report.rb
@@ -5,22 +5,24 @@ module Gitlab
    module Reports
      module LicenseManagement
        class Report
+          attr_reader :found_licenses
          def initialize
            @found_licenses = {}
          end
          def licenses
-            @found_licenses.values
+            found_licenses.values.sort_by { |license| license.name.downcase }
          end
          def license_names
-            @found_licenses.values.map(&:name)
+            found_licenses.values.map(&:name)
          end
-          def add_dependency(license_name, dependency_name)
+          def add_dependency(license_name, license_count, license_url, dependency_name)
            key = license_name.upcase
-            @found_licenses[key] ||= ::Gitlab::Ci::Reports::LicenseManagement::License.new(license_name)
+            found_licenses[key] ||= ::Gitlab::Ci::Reports::LicenseManagement::License.new(license_name, license_count, license_url)
-            @found_licenses[key].add_dependency(dependency_name)
+            found_licenses[key].add_dependency(dependency_name)
          end
          def violates?(software_license_policies)

--- a/ee/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/ee/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -679,7 +679,7 @@ describe Projects::MergeRequestsController do
    before do
      allow_any_instance_of(::MergeRequest).to receive(:compare_reports)
-        .with(::Ci::CompareLicenseManagementReportsService).and_return(comparison_status)
+        .with(::Ci::CompareLicenseManagementReportsService, project.users.first).and_return(comparison_status)
    end
    context 'when comparison is being processed' do

--- a/ee/spec/controllers/projects/pipelines_controller_spec.rb
+++ b/ee/spec/controllers/projects/pipelines_controller_spec.rb
@@ -256,6 +256,9 @@ describe Projects::PipelinesController do
  describe 'GET licenses' do
    let(:licenses_with_html) {get :licenses, format: :html, params: { namespace_id: project.namespace, project_id: project, id: pipeline }}
    let(:licenses_with_json) {get :licenses, format: :json, params: { namespace_id: project.namespace, project_id: project, id: pipeline }}
+    let!(:mit_license) { create(:software_license, :mit) }
+    let!(:software_license_policy) { create(:software_license_policy, software_license: mit_license, project: project) }
    let(:payload) { JSON.parse(licenses_with_json.body) }
    context 'with a license management artifact' do
@@ -283,7 +286,19 @@ describe Projects::PipelinesController do
        it 'will return license management report in json format' do
          expect(payload.size).to eq(pipeline.license_management_report.licenses.size)
-          expect(payload.first.keys).to eq(%w(name dependencies count))
+          expect(payload.first.keys).to eq(%w(name classification dependencies count url))
+        end
+        it 'will return mit license approved status' do
+          payload_mit = payload.find { |l| l['name'] == 'MIT' }
+          expect(payload_mit['count']).to eq(pipeline.license_management_report.found_licenses['MIT'].count)
+          expect(payload_mit['url']).to eq('http://opensource.org/licenses/mit-license')
+          expect(payload_mit['classification']['approval_status']).to eq('approved')
+        end
+        it 'will return sorted by name' do
+          expect(payload.first['name']).to eq('Apache 2.0')
+          expect(payload.last['name']).to eq('unknown')
        end
      end

--- a/ee/spec/factories/ci/reports/license_management/report.rb
+++ b/ee/spec/factories/ci/reports/license_management/report.rb
@@ -4,21 +4,21 @@ FactoryBot.define do
  factory :ci_reports_license_management_report, class: ::Gitlab::Ci::Reports::LicenseManagement::Report do
    trait :report_1 do
      after(:build) do |report, evaluator|
-        report.add_dependency('MIT', 'Library1')
+        report.add_dependency('MIT', 1, 'https://opensource.org/licenses/mit', 'Library1')
-        report.add_dependency('WTFPL', 'Library2')
+        report.add_dependency('WTFPL', 1, 'https://opensource.org/licenses/wtfpl', 'Library2')
      end
    end
    trait :report_2 do
      after(:build) do |report, evaluator|
-        report.add_dependency('MIT', 'Library1')
+        report.add_dependency('MIT', 1, 'https://opensource.org/licenses/mit', 'Library1')
-        report.add_dependency('Apache 2.0', 'Library3')
+        report.add_dependency('Apache 2.0', 1, 'https://opensource.org/licenses/apache', 'Library3')
      end
    end
    trait :mit do
      after(:build) do |report, evaluator|
-        report.add_dependency('MIT', 'rails')
+        report.add_dependency('MIT', 1, 'https://opensource.org/licenses/mit', 'rails')
      end
    end
  end

--- a/ee/spec/models/ci/build_spec.rb
+++ b/ee/spec/models/ci/build_spec.rb
@@ -191,8 +191,8 @@ describe Ci::Build do
          expect { subject }.not_to raise_error
          expect(license_management_report.licenses.count).to eq(4)
-          expect(license_management_report.licenses[0].name).to eq('MIT')
+          expect(license_management_report.found_licenses['MIT'].name).to eq('MIT')
-          expect(license_management_report.licenses[0].dependencies.count).to eq(52)
+          expect(license_management_report.found_licenses['MIT'].dependencies.count).to eq(52)
        end
      end

--- a/ee/spec/models/merge_request_spec.rb
+++ b/ee/spec/models/merge_request_spec.rb
@@ -342,7 +342,7 @@ describe MergeRequest do
  end
  describe '#compare_license_management_reports' do
-    subject { merge_request.compare_license_management_reports }
+    subject { merge_request.compare_license_management_reports(project.users.first) }
    let(:project) { create(:project, :repository) }
    let(:merge_request) { create(:merge_request, source_project: project) }

--- a/ee/spec/serializers/license_management_report_license_entity_spec.rb
+++ b/ee/spec/serializers/license_management_report_license_entity_spec.rb
@@ -5,8 +5,16 @@ require 'spec_helper'
 describe LicenseManagementReportLicenseEntity do
  include LicenseManagementReportHelper
+  let(:user) { build(:user) }
+  let(:project) { build(:project, :repository) }
  let(:license) { create_license }
-  let(:entity) { described_class.new(license) }
+  let(:request) { double('request') }
+  let(:entity) { described_class.new(license, request: request) }
+  before do
+    allow(request).to receive(:current_user).and_return(user)
+    allow(request).to receive(:project).and_return(project)
+  end
  describe '#as_json' do
    subject { entity.as_json }

--- a/ee/spec/serializers/license_management_reports_comparer_entity_spec.rb
+++ b/ee/spec/serializers/license_management_reports_comparer_entity_spec.rb
@@ -5,8 +5,16 @@ require 'spec_helper'
 describe LicenseManagementReportsComparerEntity do
  include LicenseManagementReportHelper
+  let(:user) { build(:user) }
+  let(:project) { build(:project, :repository) }
+  let(:request) { double('request') }
  let(:comparer) { create_comparer }
-  let(:entity) { described_class.new(comparer) }
+  let(:entity) { described_class.new(comparer, request: request) }
+  before do
+    allow(request).to receive(:current_user).and_return(user)
+    allow(request).to receive(:project).and_return(project)
+  end
  describe '#as_json' do
    subject { entity.as_json }

--- a/ee/spec/services/ci/compare_license_management_reports_service_spec.rb
+++ b/ee/spec/services/ci/compare_license_management_reports_service_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 describe Ci::CompareLicenseManagementReportsService do
-  let(:service) { described_class.new(project) }
+  let(:service) { described_class.new(project, project.users.take) }
  let(:project) { create(:project, :repository) }
  before do

--- a/ee/spec/support/license_management_reports/license_management_report_helper.rb
+++ b/ee/spec/support/license_management_reports/license_management_report_helper.rb
@@ -5,7 +5,7 @@ module LicenseManagementReportHelper
    Gitlab::Ci::Reports::LicenseManagement::Report.new.tap do |report|
      dependencies.each do |license_name, dependencies|
        dependencies.each do |dependency_name|
-          report.add_dependency(license_name.to_s, dependency_name)
+          report.add_dependency(license_name.to_s, 1, "https://opensource.org/licenses/license1", dependency_name)
        end
      end
    end
@@ -32,7 +32,7 @@ module LicenseManagementReportHelper
  end
  def create_license
-    Gitlab::Ci::Reports::LicenseManagement::License.new('License1').tap do |license|
+    Gitlab::Ci::Reports::LicenseManagement::License.new('License1', 1, "https://opensource.org/licenses/license1").tap do |license|
      license.add_dependency('Dependency1')
      license.add_dependency('Dependency2')
    end