Merge branch 'djadmin-redirector-dast-config' into 'master'

Add DAST configuration page to DAST Profiles redirection logic See merge request gitlab-org/gitlab!63483

Merge branch 'djadmin-redirector-dast-config' into 'master'
Add DAST configuration page to DAST Profiles redirection logic See merge request gitlab-org/gitlab!63483
3ce04f18 · Kushal Pandya · 1f55d4b8 · 8340509f · 3ce04f18 · 3ce04f18
Commit 3ce04f18 authored Jun 09, 2021 by Kushal Pandya
8 changed files
--- a/ee/app/assets/javascripts/security_configuration/dast_profiles/redirect.js
+++ b/ee/app/assets/javascripts/security_configuration/dast_profiles/redirect.js
@@ -7,24 +7,23 @@ import {
 } from '~/lib/utils/url_utility';
 export const returnToPreviousPageFactory = ({
-  onDemandScansPath,
+  allowedPaths,
  profilesLibraryPath,
  urlParamKey,
 }) => ({ id } = {}) => {
-  // when previous page is not On-demand scans page
+  const redirectPath = allowedPaths.find((path) => document.referrer?.includes(path));
-  // redirect user to profiles library page
-  if (!document.referrer?.includes(onDemandScansPath)) {
-    return redirectTo(profilesLibraryPath);
-  }
-  // Otherwise, redirect them back to On-demand scans page
+  // when previous page is not an allowed path
-  // with corresponding profile id, if available
+  if (!redirectPath) return redirectTo(profilesLibraryPath);
-  // for example, /on_demand_scans?site_profile_id=35
-  const previousPagePath = id
+  // otherwise redirect to the previous page along
+  // with the given profile id
+  const redirectPathWithId = id
    ? setUrlParams(
        { [urlParamKey]: getIdFromGraphQLId(id) },
-        relativePathToAbsolute(onDemandScansPath, getBaseURL()),
+        relativePathToAbsolute(redirectPath, getBaseURL()),
      )
-    : onDemandScansPath;
+    : redirectPath;
-  return redirectTo(previousPagePath);
+  return redirectTo(redirectPathWithId);
 };
--- a/ee/app/assets/javascripts/security_configuration/dast_scanner_profiles/dast_scanner_profiles_bundle.js
+++ b/ee/app/assets/javascripts/security_configuration/dast_scanner_profiles/dast_scanner_profiles_bundle.js
@@ -10,7 +10,12 @@ export default () => {
    return false;
  }
-  const { projectFullPath, profilesLibraryPath, onDemandScansPath } = el.dataset;
+  const {
+    projectFullPath,
+    profilesLibraryPath,
+    onDemandScansPath,
+    dastConfigurationPath,
+  } = el.dataset;
  const props = {
    projectFullPath,
@@ -22,7 +27,7 @@ export default () => {
  const returnToPreviousPage = ({ id } = {}) => {
    returnToPreviousPageFactory({
-      onDemandScansPath,
+      allowedPaths: [onDemandScansPath, dastConfigurationPath],
      profilesLibraryPath,
      urlParamKey: 'scanner_profile_id',
    })(id);

--- a/ee/app/assets/javascripts/security_configuration/dast_site_profiles_form/index.js
+++ b/ee/app/assets/javascripts/security_configuration/dast_site_profiles_form/index.js
@@ -10,7 +10,7 @@ export default () => {
    return;
  }
-  const { fullPath, profilesLibraryPath, onDemandScansPath } = el.dataset;
+  const { fullPath, profilesLibraryPath, onDemandScansPath, dastConfigurationPath } = el.dataset;
  const props = {
    fullPath,
@@ -21,7 +21,7 @@ export default () => {
  }
  const factoryParams = {
-    onDemandScansPath,
+    allowedPaths: [onDemandScansPath, dastConfigurationPath],
    profilesLibraryPath,
    urlParamKey: 'site_profile_id',
  };

--- a/ee/app/views/projects/security/dast_scanner_profiles/edit.html.haml
+++ b/ee/app/views/projects/security/dast_scanner_profiles/edit.html.haml
@@ -9,4 +9,5 @@ scanner_profile: { id: @scanner_profile.to_global_id.to_s, profile_name: @scanne
 spider_timeout: @scanner_profile.spider_timeout, target_timeout: @scanner_profile.target_timeout,
 scan_type: @scanner_profile.scan_type.upcase, use_ajax_spider: @scanner_profile.use_ajax_spider,
 show_debug_messages: @scanner_profile.show_debug_messages, referenced_in_security_policies: @scanner_profile.referenced_in_security_policies }.to_json,
-on_demand_scans_path: new_project_on_demand_scan_path(@project) } }
+on_demand_scans_path: new_project_on_demand_scan_path(@project),
+dast_configuration_path: project_security_configuration_dast_path(@project) } }
--- a/ee/app/views/projects/security/dast_scanner_profiles/new.html.haml
+++ b/ee/app/views/projects/security/dast_scanner_profiles/new.html.haml
@@ -5,4 +5,5 @@
 .js-dast-scanner-profile-form{ data: { project_full_path: @project.path_with_namespace,
 profiles_library_path: project_security_configuration_dast_scans_path(@project, anchor: 'scanner-profiles'),
-on_demand_scans_path: new_project_on_demand_scan_path(@project) } }
+on_demand_scans_path: new_project_on_demand_scan_path(@project),
+dast_configuration_path: project_security_configuration_dast_path(@project) } }
--- a/ee/app/views/projects/security/dast_site_profiles/edit.html.haml
+++ b/ee/app/views/projects/security/dast_site_profiles/edit.html.haml
@@ -6,4 +6,5 @@
 .js-dast-site-profile-form{ data: { full_path: @project.path_with_namespace,
 profiles_library_path: project_security_configuration_dast_scans_path(@project, anchor: 'site-profiles'),
 site_profile: @site_profile.to_json,
-on_demand_scans_path: new_project_on_demand_scan_path(@project) } }
+on_demand_scans_path: new_project_on_demand_scan_path(@project),
+dast_configuration_path: project_security_configuration_dast_path(@project) } }
--- a/ee/app/views/projects/security/dast_site_profiles/new.html.haml
+++ b/ee/app/views/projects/security/dast_site_profiles/new.html.haml
@@ -5,4 +5,5 @@
 .js-dast-site-profile-form{ data: { full_path: @project.path_with_namespace,
 profiles_library_path: project_security_configuration_dast_scans_path(@project, anchor: 'site-profiles'),
-on_demand_scans_path: new_project_on_demand_scan_path(@project) } }
+on_demand_scans_path: new_project_on_demand_scan_path(@project),
+dast_configuration_path: project_security_configuration_dast_path(@project) } }
--- a/ee/spec/frontend/security_configuration/dast_profiles/redirect_spec.js
+++ b/ee/spec/frontend/security_configuration/dast_profiles/redirect_spec.js
@@ -5,11 +5,12 @@ import * as urlUtility from '~/lib/utils/url_utility';
 const fullPath = 'group/project';
 const profilesLibraryPath = `${TEST_HOST}/${fullPath}/-/security/configuration/dast_scans`;
 const onDemandScansPath = `${TEST_HOST}/${fullPath}/-/on_demand_scans`;
+const dastConfigPath = `${TEST_HOST}/${fullPath}/-/security/configuration/dast`;
 const urlParamKey = 'site_profile_id';
 const originalReferrer = document.referrer;
 const params = {
-  onDemandScansPath,
+  allowedPaths: [onDemandScansPath, dastConfigPath],
  profilesLibraryPath,
  urlParamKey,
 };
@@ -38,9 +39,12 @@ describe('DAST Profiles redirector', () => {
      expect(urlUtility.redirectTo).toHaveBeenCalledWith(profilesLibraryPath);
    });
-    describe('when a referrer is set', () => {
+    describe.each([
+      ['On-demand scans', onDemandScansPath],
+      ['DAST Configuration', dastConfigPath],
+    ])('when previous page is %s', (_pathName, path) => {
      beforeEach(() => {
-        setReferrer();
+        setReferrer(path);
      });
      afterEach(() => {
@@ -49,14 +53,12 @@ describe('DAST Profiles redirector', () => {
      it('redirects to previous page', () => {
        factory();
-        expect(urlUtility.redirectTo).toHaveBeenCalledWith(onDemandScansPath);
+        expect(urlUtility.redirectTo).toHaveBeenCalledWith(path);
      });
      it('redirects to previous page with id', () => {
        factory({ id: 2 });
-        expect(urlUtility.redirectTo).toHaveBeenCalledWith(
+        expect(urlUtility.redirectTo).toHaveBeenCalledWith(`${path}?site_profile_id=2`);
-          `${onDemandScansPath}?site_profile_id=2`,
-        );
      });
    });
  });