Merge branch '328717-remove-legacy-compliance-frameworks' into 'master'

Remove remaining legacy compliance framework code

See merge request gitlab-org/gitlab!63225

ee/app/helpers/compliance_management/compliance_framework/project_settings_helper.rb

-# frozen_string_literal: true
-
-require_dependency 'compliance_management/compliance_framework'
-
-module ComplianceManagement
-  module ComplianceFramework
-    module ProjectSettingsHelper
-      def compliance_framework_options
-        option_values = compliance_framework_option_values
-        ::ComplianceManagement::Framework::DEFAULT_FRAMEWORKS.map { |framework| [option_values.fetch(framework.identifier), framework.identifier] }
-      end
-
-      def compliance_framework_checkboxes
-        ::ComplianceManagement::Framework::DEFAULT_FRAMEWORKS.map do |framework|
-          [framework.id, compliance_framework_title_values.fetch(framework.identifier)]
-        end
-      end
-
-      def compliance_framework_description(framework)
-        compliance_framework_option_values.fetch(framework.to_sym)
-      end
-
-      def compliance_framework_title(framework)
-        compliance_framework_title_values.fetch(framework.to_sym)
-      end
-
-      def compliance_framework_color(framework)
-        compliance_framework_color_values.fetch(framework.to_sym)
-      end
-
-      def compliance_framework_tooltip(framework)
-        compliance_framework_tooltip_values.fetch(framework.to_sym)
-      end
-
-      private
-
-      def compliance_framework_option_values
-        {
-          gdpr: s_('ComplianceFramework|GDPR - General Data Protection Regulation'),
-          hipaa: s_('ComplianceFramework|HIPAA - Health Insurance Portability and Accountability Act'),
-          pci_dss: s_('ComplianceFramework|PCI-DSS - Payment Card Industry-Data Security Standard'),
-          soc_2: s_('ComplianceFramework|SOC 2 - Service Organization Control 2'),
-          sox: s_('ComplianceFramework|SOX - Sarbanes-Oxley')
-        }.freeze
-      end
-
-      def compliance_framework_title_values
-        {
-          gdpr: s_('ComplianceFramework|GDPR'),
-          hipaa: s_('ComplianceFramework|HIPAA'),
-          pci_dss: s_('ComplianceFramework|PCI-DSS'),
-          soc_2: s_('ComplianceFramework|SOC 2'),
-          sox: s_('ComplianceFramework|SOX')
-        }.freeze
-      end
-
-      def compliance_framework_color_values
-        {
-          gdpr: 'gl-bg-green-500',
-          hipaa: 'gl-bg-blue-500',
-          pci_dss: 'gl-bg-theme-indigo-500',
-          soc_2: 'gl-bg-red-500',
-          sox: 'gl-bg-orange-500'
-        }.freeze
-      end
-
-      def compliance_framework_tooltip_values
-        @compliance_framework_tooltip_values ||=
-          compliance_framework_title_values.transform_values { |v| get_compliance_framework_tooltip(v) }
-      end
-
-      def get_compliance_framework_tooltip(framework)
-        s_("ComplianceFramework|This project is regulated by %{framework}." % { framework: framework })
-      end
-    end
-  end
-end

ee/app/models/compliance_management/framework.rb

@@ -3,59 +3,9 @@
 module ComplianceManagement
   class Framework < ApplicationRecord
     include StripAttribute
-    include IgnorableColumns
-    include Gitlab::Utils::StrongMemoize
-
-    DefaultFramework = Struct.new(:name, :description, :color, :identifier, :id) do
-      def to_framework_params
-        to_h.slice(:name, :description, :color)
-      end
-    end
-
-    DEFAULT_FRAMEWORKS = [
-      DefaultFramework.new(
-        'GDPR',
-        'General Data Protection Regulation',
-        '#1aaa55',
-        :gdpr,
-        1
-      ).freeze,
-      DefaultFramework.new(
-        'HIPAA',
-        'Health Insurance Portability and Accountability Act',
-        '#1f75cb',
-        :hipaa,
-        2
-      ).freeze,
-      DefaultFramework.new(
-        'PCI-DSS',
-        'Payment Card Industry-Data Security Standard',
-        '#6666c4',
-        :pci_dss,
-        3
-      ).freeze,
-      DefaultFramework.new(
-        'SOC 2',
-        'Service Organization Control 2',
-        '#dd2b0e',
-        :soc_2,
-        4
-      ).freeze,
-      DefaultFramework.new(
-        'SOX',
-        'Sarbanes-Oxley',
-        '#fc9403',
-        :sox,
-        5
-      ).freeze
-    ].freeze
-
-    DEFAULT_FRAMEWORKS_BY_IDENTIFIER = DEFAULT_FRAMEWORKS.index_by(&:identifier).with_indifferent_access.freeze
 
     self.table_name = 'compliance_management_frameworks'
 
-    ignore_columns :group_id, remove_after: '2020-12-06', remove_with: '13.7'
-
     strip_attributes :name, :color
 
     belongs_to :namespace
@@ -72,21 +22,5 @@ module ComplianceManagement
 
     scope :with_projects, ->(project_ids) { includes(:projects).where(projects: { id: project_ids }) }
     scope :with_namespaces, ->(namespace_ids) { includes(:namespace).where(namespaces: { id: namespace_ids })}
-
-    def default_framework_definition
-      strong_memoize(:default_framework_definition) do
-        DEFAULT_FRAMEWORKS.find { |framework| framework.name.eql?(name) }
-      end
-    end
-
-    def self.find_or_create_legacy_default_framework(project, framework_identifier)
-      framework_params = ComplianceManagement::Framework::DEFAULT_FRAMEWORKS_BY_IDENTIFIER.fetch(framework_identifier).to_framework_params
-      root_namespace = project.root_namespace
-
-      # Framework is associated with the root group, there could be a case where the framework is already there.
-      ComplianceManagement::Framework
-        .create_with(framework_params)
-        .safe_find_or_create_by(namespace_id: root_namespace.id, name: framework_params[:name])
-    end
   end
 end

ee/app/models/ee/application_setting.rb

@@ -104,8 +104,6 @@ module EE
                 allow_blank: true,
                 numericality: { only_integer: true, greater_than: 0, less_than_or_equal_to: 365 }
 
-      validate :allowed_frameworks, if: :compliance_frameworks_changed?
-
       validates :new_user_signups_cap,
                 allow_blank: true,
                 numericality: { only_integer: true, greater_than: 0 }
@@ -463,11 +461,5 @@ module EE
     rescue ::Gitlab::UrlBlocker::BlockedUrlError
       errors.add(:elasticsearch_url, "only supports valid HTTP(S) URLs.")
     end
-
-    def allowed_frameworks
-      if Array.wrap(compliance_frameworks).any? { |value| !::ComplianceManagement::Framework::DEFAULT_FRAMEWORKS.map(&:id).include?(value) }
-        errors.add(:compliance_frameworks, _('must contain only valid frameworks'))
-      end
-    end
   end
 end

ee/spec/factories/compliance_management/compliance_framework/project_settings.rb

@@ -3,13 +3,10 @@
 FactoryBot.define do
   factory :compliance_framework_project_setting, class: 'ComplianceManagement::ComplianceFramework::ProjectSettings' do
     project
+    compliance_management_framework factory: :compliance_framework
 
-    gdpr
-
-    ComplianceManagement::Framework::DEFAULT_FRAMEWORKS.each do |framework|
-      trait framework.identifier do
-        compliance_management_framework { association :compliance_framework, framework.to_framework_params.merge(namespace: project.root_namespace) }
-      end
+    trait :sox do
+      association :compliance_management_framework, :sox, factory: :compliance_framework
     end
   end
 end

ee/spec/factories/compliance_management/frameworks.rb

@@ -8,5 +8,9 @@ FactoryBot.define do
     description { 'The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA).' }
     color { '#004494' }
     regulated { true }
+
+    trait :sox do
+      name { 'SOX' }
+    end
   end
 end

ee/spec/helpers/compliance_management/compliance_framework/project_settings_helper_spec.rb

-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe ComplianceManagement::ComplianceFramework::ProjectSettingsHelper do
-  describe '#compliance_framework_options' do
-    it 'has all the options' do
-      expect(helper.compliance_framework_options).to contain_exactly(
-        ['GDPR - General Data Protection Regulation', :gdpr],
-        ['HIPAA - Health Insurance Portability and Accountability Act', :hipaa],
-        ['PCI-DSS - Payment Card Industry-Data Security Standard', :pci_dss],
-        ['SOC 2 - Service Organization Control 2', :soc_2],
-        ['SOX - Sarbanes-Oxley', :sox]
-      )
-    end
-  end
-
-  describe '#compliance_framework_checkboxes' do
-    it 'has all the checkboxes' do
-      expect(helper.compliance_framework_checkboxes).to contain_exactly(
-        [1, 'GDPR'],
-        [2, 'HIPAA'],
-        [3, 'PCI-DSS'],
-        [4, 'SOC 2'],
-        [5, 'SOX']
-      )
-    end
-  end
-
-  describe '#compliance_framework_description' do
-    using RSpec::Parameterized::TableSyntax
-
-    where(:framework, :description) do
-      :gdpr | 'GDPR - General Data Protection Regulation'
-      :hipaa | 'HIPAA - Health Insurance Portability and Accountability Act'
-      :pci_dss | 'PCI-DSS - Payment Card Industry-Data Security Standard'
-      :soc_2 | 'SOC 2 - Service Organization Control 2'
-      :sox | 'SOX - Sarbanes-Oxley'
-    end
-
-    with_them do
-      it { expect(helper.compliance_framework_description(framework)).to eq(description) }
-    end
-  end
-
-  describe '#compliance_framework_title' do
-    using RSpec::Parameterized::TableSyntax
-
-    where(:framework, :title) do
-      :gdpr | 'GDPR'
-      :hipaa | 'HIPAA'
-      :pci_dss | 'PCI-DSS'
-      :soc_2 | 'SOC 2'
-      :sox | 'SOX'
-    end
-
-    with_them do
-      it { expect(helper.compliance_framework_title(framework)).to eq(title) }
-    end
-  end
-
-  describe '#compliance_framework_color' do
-    using RSpec::Parameterized::TableSyntax
-
-    where(:framework, :color) do
-      :gdpr | 'gl-bg-green-500'
-      :hipaa | 'gl-bg-blue-500'
-      :pci_dss | 'gl-bg-theme-indigo-500'
-      :soc_2 | 'gl-bg-red-500'
-      :sox | 'gl-bg-orange-500'
-    end
-
-    with_them do
-      it { expect(helper.compliance_framework_color(framework)).to eq(color) }
-    end
-  end
-
-  describe '#compliance_framework_tooltip' do
-    using RSpec::Parameterized::TableSyntax
-
-    where(:framework, :tooltip) do
-      :gdpr | 'This project is regulated by GDPR.'
-      :hipaa | 'This project is regulated by HIPAA.'
-      :pci_dss | 'This project is regulated by PCI-DSS.'
-      :soc_2 | 'This project is regulated by SOC 2.'
-      :sox | 'This project is regulated by SOX.'
-    end
-
-    with_them do
-      it { expect(helper.compliance_framework_tooltip(framework)).to eq(tooltip) }
-    end
-  end
-end

ee/spec/models/application_setting_spec.rb

@@ -166,24 +166,6 @@ RSpec.describe ApplicationSetting do
       end
     end
 
-    context 'when validating compliance_frameworks' do
-      where(:compliance_frameworks, :is_valid) do
-        [1, 2, 3, 4, 5] | true
-        nil             | true
-        1               | true
-        [2, 3, 4, 6]    | false
-        6               | false
-      end
-
-      with_them do
-        specify do
-          setting.compliance_frameworks = compliance_frameworks
-
-          expect(setting.valid?).to eq(is_valid)
-        end
-      end
-    end
-
     context 'when license presented' do
       let_it_be(:max_active_user_count) { 20 }
 

ee/spec/models/compliance_management/framework_spec.rb

@@ -26,43 +26,4 @@ RSpec.describe ComplianceManagement::Framework do
       end
     end
   end
-
-  describe '.find_or_create_legacy_default_framework' do
-    let_it_be(:group) { create(:group) }
-    let_it_be(:project_1) { create(:project, group: group) }
-    let_it_be(:project_2) { create(:project, group: group) }
-    let_it_be(:sox_framework) { create(:compliance_framework_project_setting, :sox, project: project_1).compliance_management_framework }
-
-    shared_examples 'framework sharing on the group level' do
-      it 'shares the same compliance framework on the group level' do
-        framework = described_class.find_or_create_legacy_default_framework(project_2, :sox)
-
-        expect(framework).to eq(sox_framework)
-      end
-    end
-
-    it_behaves_like 'framework sharing on the group level'
-
-    context 'when not "important" attributes differ' do
-      before do
-        sox_framework.update!(color: '#ccc')
-      end
-
-      it_behaves_like 'framework sharing on the group level'
-    end
-
-    context 'when the framework does no exist' do
-      it 'creates the new framework record' do
-        expect do
-          described_class.find_or_create_legacy_default_framework(project_2, :gdpr)
-        end.to change { ComplianceManagement::Framework.where(namespace: group).count }.from(1).to(2)
-      end
-    end
-
-    context 'when creating an unknown legacy framework' do
-      it 'raises error' do
-        expect { described_class.find_or_create_legacy_default_framework(project_2, :unknown) }.to raise_error(KeyError)
-      end
-    end
-  end
 end

locale/gitlab.pot

@@ -8319,42 +8319,9 @@ msgstr ""
 msgid "ComplianceFramework|Edit Compliance Framework"
 msgstr ""
 
-msgid "ComplianceFramework|GDPR"
-msgstr ""
-
-msgid "ComplianceFramework|GDPR - General Data Protection Regulation"
-msgstr ""
-
-msgid "ComplianceFramework|HIPAA"
-msgstr ""
-
-msgid "ComplianceFramework|HIPAA - Health Insurance Portability and Accountability Act"
-msgstr ""
-
 msgid "ComplianceFramework|New Compliance Framework"
 msgstr ""
 
-msgid "ComplianceFramework|PCI-DSS"
-msgstr ""
-
-msgid "ComplianceFramework|PCI-DSS - Payment Card Industry-Data Security Standard"
-msgstr ""
-
-msgid "ComplianceFramework|SOC 2"
-msgstr ""
-
-msgid "ComplianceFramework|SOC 2 - Service Organization Control 2"
-msgstr ""
-
-msgid "ComplianceFramework|SOX"
-msgstr ""
-
-msgid "ComplianceFramework|SOX - Sarbanes-Oxley"
-msgstr ""
-
-msgid "ComplianceFramework|This project is regulated by %{framework}."
-msgstr ""
-
 msgid "Component"
 msgstr ""
 
@@ -39282,9 +39249,6 @@ msgstr ""
 msgid "must be greater than start date"
 msgstr ""
 
-msgid "must contain only valid frameworks"
-msgstr ""
-
 msgid "my-awesome-group"
 msgstr ""