Use site profiles in on-demand DAST scans

- Added the ability to use existing site profiles when running new on-demand DAST scans - Updated/added specs

Use site profiles in on-demand DAST scans
- Added the ability to use existing site profiles when running new on-demand DAST scans - Updated/added specs
47ca3421 · Paul Gascou-Vaillancourt · d429e468 · 47ca3421 · 47ca3421 · 47ca3421
Commit 47ca3421 authored Jul 31, 2020 by Paul Gascou-Vaillancourt
10 changed files
--- a/ee/app/assets/javascripts/on_demand_scans/components/on_demand_scans_app.vue
+++ b/ee/app/assets/javascripts/on_demand_scans/components/on_demand_scans_app.vue
@@ -29,6 +29,14 @@ export default {
      type: String,
      required: true,
    },
+    profilesLibraryPath: {
+      type: String,
+      required: true,
+    },
+    newSiteProfilePath: {
+      type: String,
+      required: true,
+    },
  },
  data() {
    return {
@@ -46,6 +54,8 @@ export default {
        :help-page-path="helpPagePath"
        :project-path="projectPath"
        :default-branch="defaultBranch"
+        :profiles-library-path="profilesLibraryPath"
+        :new-site-profile-path="newSiteProfilePath"
        @cancel="showForm = false"
      />
      <on-demand-scans-form-old

--- a/ee/app/assets/javascripts/on_demand_scans/components/on_demand_scans_form.vue
+++ b/ee/app/assets/javascripts/on_demand_scans/components/on_demand_scans_form.vue
--- a/ee/app/assets/javascripts/on_demand_scans/graphql/dast_on_demand_scan_create.mutation.graphql
+++ b/ee/app/assets/javascripts/on_demand_scans/graphql/dast_on_demand_scan_create.mutation.graphql
+mutation dastOnDemandScanCreate($fullPath: ID!, $dastSiteProfileId: DastSiteProfileID!) {
+  dastOnDemandScanCreate(input: { fullPath: $fullPath, dastSiteProfileId: $dastSiteProfileId }) {
+    pipelineUrl
+    errors
+  }
+}
--- a/ee/app/assets/javascripts/on_demand_scans/index.js
+++ b/ee/app/assets/javascripts/on_demand_scans/index.js
@@ -5,13 +5,19 @@ import OnDemandScansApp from './components/on_demand_scans_app.vue';
 export default () => {
  const el = document.querySelector('#js-on-demand-scans-app');
  if (!el) {
-    return;
+    return null;
  }

-  const { helpPagePath, emptyStateSvgPath, projectPath, defaultBranch } = el.dataset;
+  const {
+    helpPagePath,
+    emptyStateSvgPath,
+    projectPath,
+    defaultBranch,
+    profilesLibraryPath,
+    newSiteProfilePath,
+  } = el.dataset;

-  // eslint-disable-next-line no-new
-  new Vue({
+  return new Vue({
    el,
    apolloProvider,
    render(h) {
@@ -21,6 +27,8 @@ export default () => {
          emptyStateSvgPath,
          projectPath,
          defaultBranch,
+          profilesLibraryPath,
+          newSiteProfilePath,
        },
      });
    },

--- a/ee/app/helpers/projects/on_demand_scans_helper.rb
+++ b/ee/app/helpers/projects/on_demand_scans_helper.rb
@@ -6,7 +6,9 @@ module Projects::OnDemandScansHelper
      'help-page-path' => help_page_path('user/application_security/dast/index', anchor: 'on-demand-scans'),
      'empty-state-svg-path' => image_path('illustrations/empty-state/ondemand-scan-empty.svg'),
      'default-branch' => project.default_branch,
-      'project-path' => project.path_with_namespace
+      'project-path' => project.path_with_namespace,
+      'profiles-library-path': project_profiles_path(project),
+      'new-site-profile-path': new_project_dast_site_profile_path(project)
    }
  end
 end
--- a/ee/spec/frontend/on_demand_scans/components/on_demand_scans_app_spec.js
+++ b/ee/spec/frontend/on_demand_scans/components/on_demand_scans_app_spec.js
@@ -10,6 +10,8 @@ const helpPagePath = `${TEST_HOST}/application_security/dast/index#on-demand-sca
 const projectPath = 'group/project';
 const defaultBranch = 'master';
 const emptyStateSvgPath = `${TEST_HOST}/assets/illustrations/alert-management-empty-state.svg`;
+const profilesLibraryPath = `${TEST_HOST}/${projectPath}/-/on_demand_scans/profiles`;
+const newSiteProfilePath = `${TEST_HOST}/${projectPath}/-/on_demand_scans/profiles`;

 describe('OnDemandScansApp', () => {
  let wrapper;
@@ -32,6 +34,8 @@ describe('OnDemandScansApp', () => {
            projectPath,
            defaultBranch,
            emptyStateSvgPath,
+            profilesLibraryPath,
+            newSiteProfilePath,
          },
        },
        options,

--- a/ee/spec/frontend/on_demand_scans/components/on_demand_scans_form_old_spec.js
+++ b/ee/spec/frontend/on_demand_scans/components/on_demand_scans_form_old_spec.js
 import { shallowMount } from '@vue/test-utils';
 import { GlForm } from '@gitlab/ui';
 import { TEST_HOST } from 'helpers/test_constants';
-import OnDemandScansForm from 'ee/on_demand_scans/components/on_demand_scans_form.vue';
+import OnDemandScansForm from 'ee/on_demand_scans/components/on_demand_scans_form_old.vue';
 import runDastScanMutation from 'ee/on_demand_scans/graphql/run_dast_scan.mutation.graphql';
 import createFlash from '~/flash';
 import { redirectTo } from '~/lib/utils/url_utility';

--- a/ee/spec/frontend/on_demand_scans/components/on_demand_scans_form_spec.js
+++ b/ee/spec/frontend/on_demand_scans/components/on_demand_scans_form_spec.js
--- a/ee/spec/helpers/projects/on_demand_scans_helper_spec.rb
+++ b/ee/spec/helpers/projects/on_demand_scans_helper_spec.rb
@@ -11,7 +11,9 @@ RSpec.describe Projects::OnDemandScansHelper do
        'help-page-path' => help_page_path('user/application_security/dast/index', anchor: 'on-demand-scans'),
        'empty-state-svg-path' => match_asset_path('/assets/illustrations/empty-state/ondemand-scan-empty.svg'),
        'default-branch' => project.default_branch,
-        'project-path' => project.path_with_namespace
+        'project-path' => project.path_with_namespace,
+        'profiles-library-path': project_profiles_path(project),
+        'new-site-profile-path': new_project_dast_site_profile_path(project)
      )
    end
  end

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -16655,21 +16655,33 @@ msgstr ""
 msgid "OnDemandScans|Attached branch is where the scan job runs."
 msgstr ""

+msgid "OnDemandScans|Could not fetch site profiles. Please try again."
+msgstr ""
+
 msgid "OnDemandScans|Could not run the scan. Please try again."
 msgstr ""

 msgid "OnDemandScans|Could not run the scan: %{backendErrorMessage}"
 msgstr ""

+msgid "OnDemandScans|Create a new site profile"
+msgstr ""
+
 msgid "OnDemandScans|Create new DAST scan"
 msgstr ""

 msgid "OnDemandScans|DAST will scan the target URL and any discovered sub URLs."
 msgstr ""

+msgid "OnDemandScans|Manage profiles"
+msgstr ""
+
 msgid "OnDemandScans|New on-demand DAST scan"
 msgstr ""

+msgid "OnDemandScans|No profile yet. In order to create a new scan, you need to have at least one completed site profile."
+msgstr ""
+
 msgid "OnDemandScans|On-demand Scans"
 msgstr ""

@@ -16679,24 +16691,42 @@ msgstr ""
 msgid "OnDemandScans|Only a passive scan can be performed on demand."
 msgstr ""

+msgid "OnDemandScans|Passive"
+msgstr ""
+
 msgid "OnDemandScans|Passive DAST Scan"
 msgstr ""

 msgid "OnDemandScans|Please enter a valid URL format, ex: http://www.example.com/home"
 msgstr ""

+msgid "OnDemandScans|Run scan"
+msgstr ""
+
 msgid "OnDemandScans|Run this scan"
 msgstr ""

 msgid "OnDemandScans|Scan mode"
 msgstr ""

+msgid "OnDemandScans|Scanner settings"
+msgstr ""
+
 msgid "OnDemandScans|Schedule or run scans immediately against target sites. Currently available on-demand scan type: DAST. %{helpLinkStart}More information%{helpLinkEnd}"
 msgstr ""

+msgid "OnDemandScans|Select one of the existing profiles"
+msgstr ""
+
+msgid "OnDemandScans|Site profiles"
+msgstr ""
+
 msgid "OnDemandScans|Target URL"
 msgstr ""

+msgid "OnDemandScans|Use existing site profile"
+msgstr ""
+
 msgid "Once a project is permanently deleted it %{strongStart}cannot be recovered%{strongEnd}. Permanently deleting this project will %{strongStart}immediately delete%{strongEnd} its respositories and %{strongStart}all related resources%{strongEnd} including issues, merge requests etc."
 msgstr ""