Merge branch '13247-dependencies-permissions' into 'master'

Update permissions for Dependencies and Dependency list

See merge request gitlab-org/gitlab!21053

ee/app/models/ee/ci/build.rb

@@ -72,7 +72,7 @@ module EE
       end
 
       def collect_dependency_list_reports!(dependency_list_report)
-        if project.feature_available?(:dependency_list)
+        if project.feature_available?(:dependency_scanning)
           dependency_list = ::Gitlab::Ci::Parsers::Security::DependencyList.new(project, sha)
 
           each_report(::Ci::JobArtifact::DEPENDENCY_LIST_REPORT_FILE_TYPES) do |file_type, blob|
@@ -84,7 +84,7 @@ module EE
       end
 
       def collect_licenses_for_dependency_list!(dependency_list_report)
-        if project.feature_available?(:dependency_list)
+        if project.feature_available?(:dependency_scanning)
           dependency_list = ::Gitlab::Ci::Parsers::Security::DependencyList.new(project, sha)
 
           each_report(::Ci::JobArtifact::LICENSE_MANAGEMENT_REPORT_FILE_TYPES) do |file_type, blob|

ee/app/models/license.rb

@@ -105,7 +105,6 @@ class License < ApplicationRecord
     cluster_health
     container_scanning
     dast
-    dependency_list
     dependency_scanning
     epics
     group_ip_restriction

ee/app/policies/ee/project_policy.rb

@@ -76,8 +76,8 @@ module EE
       end
 
       with_scope :subject
-      condition(:dependency_list_enabled) do
-        @subject.feature_available?(:dependency_list)
+      condition(:dependency_scanning_enabled) do
+        @subject.feature_available?(:dependency_scanning)
       end
 
       with_scope :subject
@@ -170,7 +170,7 @@ module EE
 
       rule { license_management_enabled & can?(:read_project) }.enable :read_software_license_policy
 
-      rule { dependency_list_enabled & can?(:download_code) }.enable :read_dependencies
+      rule { dependency_scanning_enabled & can?(:download_code) }.enable :read_dependencies
 
       rule { licenses_list_enabled & can?(:read_software_license_policy) }.enable :read_licenses_list
 

ee/spec/controllers/projects/dependencies_controller_spec.rb

@@ -19,7 +19,7 @@ describe Projects::DependenciesController do
         render_views
 
         before do
-          stub_licensed_features(dependency_list: true)
+          stub_licensed_features(dependency_scanning: true)
         end
 
         it 'renders the show template' do
@@ -52,7 +52,7 @@ describe Projects::DependenciesController do
 
       context 'when feature is available' do
         before do
-          stub_licensed_features(dependency_list: true)
+          stub_licensed_features(dependency_scanning: true)
         end
 
         it 'returns 404' do

ee/spec/controllers/projects/security/dependencies_controller_spec.rb

@@ -22,7 +22,7 @@ describe Projects::Security::DependenciesController do
 
       context 'when feature is available' do
         before do
-          stub_licensed_features(dependency_list: true, license_management: true, security_dashboard: true)
+          stub_licensed_features(dependency_scanning: true, license_management: true, security_dashboard: true)
         end
 
         context 'when usage ping is collected' do
@@ -228,7 +228,7 @@ describe Projects::Security::DependenciesController do
       let(:user) { guest }
 
       before do
-        stub_licensed_features(dependency_list: true)
+        stub_licensed_features(dependency_scanning: true)
         project.add_guest(user)
 
         get :index, params: params, format: :json

ee/spec/models/ci/build_spec.rb

@@ -240,7 +240,7 @@ describe Ci::Build do
 
     context 'with available licensed feature' do
       before do
-        stub_licensed_features(dependency_list: true)
+        stub_licensed_features(dependency_scanning: true)
       end
 
       it 'parses blobs and add the results to the report' do
@@ -277,7 +277,7 @@ describe Ci::Build do
 
     context 'with available licensed feature' do
       before do
-        stub_licensed_features(dependency_list: true)
+        stub_licensed_features(dependency_scanning: true)
       end
 
       it 'parses blobs and add found license' do

ee/spec/models/ci/pipeline_spec.rb

@@ -277,7 +277,7 @@ describe Ci::Pipeline do
     subject { pipeline.dependency_list_report }
 
     before do
-      stub_licensed_features(dependency_list: true)
+      stub_licensed_features(dependency_scanning: true)
     end
 
     context 'when pipeline has a build with dependency list reports' do

ee/spec/policies/project_policy_spec.rb

@@ -730,9 +730,9 @@ describe ProjectPolicy do
   end
 
   describe 'read_dependencies' do
-    context 'when dependency list feature available' do
+    context 'when dependency scanning feature available' do
       before do
-        stub_licensed_features(dependency_list: true)
+        stub_licensed_features(dependency_scanning: true)
       end
 
       context 'with public project' do

ee/spec/requests/api/dependencies_spec.rb

@@ -11,7 +11,7 @@ describe API::Dependencies do
     let(:params) { {} }
 
     before do
-      stub_licensed_features(dependency_list: true, security_dashboard: true)
+      stub_licensed_features(dependency_scanning: true, security_dashboard: true)
     end
 
     context 'with an authorized user with proper permissions' do

ee/spec/services/security/dependency_list_service_spec.rb

@@ -9,7 +9,7 @@ describe Security::DependencyListService do
     subject { described_class.new(pipeline: pipeline, params: params).execute }
 
     before do
-      stub_licensed_features(dependency_list: true)
+      stub_licensed_features(dependency_scanning: true)
     end
 
     context 'without params' do