Merge branch 'leipert-permissions-cleanup' into 'master'

Security Reports: Permissions cleanup See merge request gitlab-org/gitlab!15088

Merge branch 'leipert-permissions-cleanup' into 'master'
Security Reports: Permissions cleanup See merge request gitlab-org/gitlab!15088
5ec89907 · Mark Florian · 98ce07de · 7be1a94e · 5ec89907 · 5ec89907
Commit 5ec89907 authored Mar 10, 2020 by Mark Florian
12 changed files
--- a/ee/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue
+++ b/ee/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue
@@ -323,9 +323,6 @@ export default {
        :create-vulnerability-feedback-dismissal-path="mr.createVulnerabilityFeedbackDismissalPath"
        :pipeline-path="mr.pipeline.path"
        :pipeline-id="mr.securityReportsPipelineId"
-        :can-create-issue="mr.canCreateIssue"
-        :can-create-merge-request="mr.canCreateMergeRequest"
-        :can-dismiss-vulnerability="mr.canDismissVulnerability"
        :diverged-commits-count="mr.divergedCommitsCount"
        :mr-state="mr.state"
        :target-branch-tree-path="mr.targetBranchTreePath"

--- a/ee/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
+++ b/ee/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
@@ -24,10 +24,6 @@ export default class MergeRequestStore extends CEMergeRequestStore {
      data.create_vulnerability_feedback_merge_request_path;
    this.createVulnerabilityFeedbackDismissalPath =
      data.create_vulnerability_feedback_dismissal_path;
-    this.canCreateIssue = Boolean(this.createVulnerabilityFeedbackIssuePath);
-    this.canCreateMergeRequest = Boolean(this.createVulnerabilityFeedbackMergeRequestPath);
-    this.canDismissVulnerability = Boolean(this.createVulnerabilityFeedbackDismissalPath);
-    this.canCreateFeedback = data.can_create_feedback || false;
    this.visualReviewAppAvailable = Boolean(data.visual_review_app_available);
    this.appUrl = gon && gon.gitlab_url;


--- a/ee/app/assets/javascripts/vue_shared/security_reports/grouped_security_reports_app.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/grouped_security_reports_app.vue
@@ -104,18 +104,6 @@ export default {
      required: false,
      default: undefined,
    },
-    canDismissVulnerability: {
-      type: Boolean,
-      required: true,
-    },
-    canCreateMergeRequest: {
-      type: Boolean,
-      required: true,
-    },
-    canCreateIssue: {
-      type: Boolean,
-      required: true,
-    },
    divergedCommitsCount: {
      type: Number,
      required: false,
@@ -146,8 +134,6 @@ export default {
      'dependencyScanning',
      'summaryCounts',
      'modal',
-      'canCreateIssuePermission',
-      'canCreateFeedbackPermission',
    ]),
    ...mapGetters([
      'groupedSummaryText',
@@ -159,6 +145,9 @@ export default {
      'dastStatusIcon',
      'dependencyScanningStatusIcon',
      'isBaseSecurityReportOutOfDate',
+      'canCreateIssue',
+      'canCreateMergeRequest',
+      'canDismissVulnerability',
    ]),
    ...mapGetters('sast', ['groupedSastText', 'sastStatusIcon']),
    securityTab() {
@@ -198,9 +187,6 @@ export default {
    this.setCreateVulnerabilityFeedbackDismissalPath(this.createVulnerabilityFeedbackDismissalPath);
    this.setPipelineId(this.pipelineId);

-    this.setCanCreateIssuePermission(this.canCreateIssue);
-    this.setCanCreateFeedbackPermission(this.canCreateFeedback);
-
    const sastDiffEndpoint = gl?.mrWidgetData?.sast_comparison_path;

    if (sastDiffEndpoint && this.hasSastReports) {
@@ -241,8 +227,6 @@ export default {
      'setCreateVulnerabilityFeedbackMergeRequestPath',
      'setCreateVulnerabilityFeedbackDismissalPath',
      'setPipelineId',
-      'setCanCreateIssuePermission',
-      'setCanCreateFeedbackPermission',
      'dismissVulnerability',
      'revertDismissVulnerability',
      'createNewIssue',

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/actions.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/actions.js
@@ -41,12 +41,6 @@ export const setCreateVulnerabilityFeedbackDismissalPath = ({ commit }, path) =>

 export const setPipelineId = ({ commit }, id) => commit(types.SET_PIPELINE_ID, id);

-export const setCanCreateIssuePermission = ({ commit }, permission) =>
-  commit(types.SET_CAN_CREATE_ISSUE_PERMISSION, permission);
-
-export const setCanCreateFeedbackPermission = ({ commit }, permission) =>
-  commit(types.SET_CAN_CREATE_FEEDBACK_PERMISSION, permission);
-
 /**
 * CONTAINER SCANNING
 */

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/getters.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/getters.js
@@ -140,5 +140,13 @@ export const isBaseSecurityReportOutOfDate = state =>
  state.containerScanning.baseReportOutofDate ||
  state.dependencyScanning.baseReportOutofDate;

+export const canCreateIssue = state => Boolean(state.createVulnerabilityFeedbackIssuePath);
+
+export const canCreateMergeRequest = state =>
+  Boolean(state.createVulnerabilityFeedbackMergeRequestPath);
+
+export const canDismissVulnerability = state =>
+  Boolean(state.createVulnerabilityFeedbackDismissalPath);
+
 // prevent babel-plugin-rewire from generating an invalid default during karma tests
 export default () => {};
--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/mutation_types.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/mutation_types.js
@@ -10,8 +10,6 @@ export const SET_CREATE_VULNERABILITY_FEEDBACK_MERGE_REQUEST_PATH =
 export const SET_CREATE_VULNERABILITY_FEEDBACK_DISMISSAL_PATH =
  'SET_CREATE_VULNERABILITY_FEEDBACK_DISMISSAL_PATH';
 export const SET_PIPELINE_ID = 'SET_PIPELINE_ID';
-export const SET_CAN_CREATE_ISSUE_PERMISSION = 'SET_CAN_CREATE_ISSUE_PERMISSION';
-export const SET_CAN_CREATE_FEEDBACK_PERMISSION = 'SET_CAN_CREATE_FEEDBACK_PERMISSION';

 // CONTAINER SCANNING
 export const SET_CONTAINER_SCANNING_DIFF_ENDPOINT = 'SET_CONTAINER_SCANNING_DIFF_ENDPOINT';

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/mutations.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/mutations.js
@@ -40,14 +40,6 @@ export default {
    state.pipelineId = id;
  },

-  [types.SET_CAN_CREATE_ISSUE_PERMISSION](state, permission) {
-    state.canCreateIssuePermission = permission;
-  },
-
-  [types.SET_CAN_CREATE_FEEDBACK_PERMISSION](state, permission) {
-    state.canCreateFeedbackPermission = permission;
-  },
-
  // CONTAINER SCANNING
  [types.SET_CONTAINER_SCANNING_DIFF_ENDPOINT](state, path) {
    Vue.set(state.containerScanning.paths, 'diffEndpoint', path);

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/state.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/state.js
@@ -11,8 +11,6 @@ export default () => ({
  createVulnerabilityFeedbackMergeRequestPath: null,
  createVulnerabilityFeedbackDismissalPath: null,
  pipelineId: null,
-  canCreateIssuePermission: false,
-  canCreateFeedbackPermission: false,

  containerScanning: {
    paths: {

--- a/ee/spec/frontend/vue_shared/security_reports/grouped_security_reports_app_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/grouped_security_reports_app_spec.js
@@ -38,9 +38,6 @@ describe('Grouped security reports app', () => {
    vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
    vulnerabilityFeedbackHelpPath: 'path',
    pipelineId: 123,
-    canCreateIssue: true,
-    canCreateMergeRequest: true,
-    canDismissVulnerability: true,
  };

  const createWrapper = (propsData, provide = {}) => {
@@ -235,9 +232,6 @@ describe('Grouped security reports app', () => {
    beforeEach(() => {
      createWrapper({
        headBlobPath: 'path',
-        canCreateIssue: false,
-        canCreateMergeRequest: false,
-        canDismissVulnerability: false,
        pipelinePath,
      });
    });

--- a/ee/spec/frontend/vue_shared/security_reports/store/actions_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/store/actions_spec.js
@@ -5,8 +5,6 @@ import {
  setVulnerabilityFeedbackPath,
  setVulnerabilityFeedbackHelpPath,
  setPipelineId,
-  setCanCreateIssuePermission,
-  setCanCreateFeedbackPermission,
  requestContainerScanningDiff,
  requestDastDiff,
  requestDependencyScanningDiff,
@@ -194,42 +192,6 @@ describe('security reports actions', () => {
    });
  });

-  describe('setCanCreateIssuePermission', () => {
-    it('should commit set can create issue permission', done => {
-      testAction(
-        setCanCreateIssuePermission,
-        true,
-        mockedState,
-        [
-          {
-            type: types.SET_CAN_CREATE_ISSUE_PERMISSION,
-            payload: true,
-          },
-        ],
-        [],
-        done,
-      );
-    });
-  });
-
-  describe('setCanCreateFeedbackPermission', () => {
-    it('should commit set can create feedback permission', done => {
-      testAction(
-        setCanCreateFeedbackPermission,
-        true,
-        mockedState,
-        [
-          {
-            type: types.SET_CAN_CREATE_FEEDBACK_PERMISSION,
-            payload: true,
-          },
-        ],
-        [],
-        done,
-      );
-    });
-  });
-
  describe('requestContainerScanningDiff', () => {
    it('should commit request mutation', done => {
      testAction(

--- a/ee/spec/frontend/vue_shared/security_reports/store/getters_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/store/getters_spec.js
@@ -14,10 +14,14 @@ import {
  anyReportHasError,
  summaryCounts,
  isBaseSecurityReportOutOfDate,
+  canCreateIssue,
+  canCreateMergeRequest,
+  canDismissVulnerability,
 } from 'ee/vue_shared/security_reports/store/getters';

 const BASE_PATH = 'fake/base/path.json';
 const HEAD_PATH = 'fake/head/path.json';
+const MOCK_PATH = 'fake/path.json';

 describe('Security reports getters', () => {
  function removeBreakLine(data) {
@@ -542,4 +546,40 @@ describe('Security reports getters', () => {
      expect(isBaseSecurityReportOutOfDate(state)).toEqual(true);
    });
  });
+
+  describe('canCreateIssue', () => {
+    it('returns false if no feedback path is defined', () => {
+      expect(canCreateIssue(state)).toEqual(false);
+    });
+
+    it('returns true if a feedback path is defined', () => {
+      state.createVulnerabilityFeedbackIssuePath = MOCK_PATH;
+
+      expect(canCreateIssue(state)).toEqual(true);
+    });
+  });
+
+  describe('canCreateMergeRequest', () => {
+    it('returns false if no feedback path is defined', () => {
+      expect(canCreateMergeRequest(state)).toEqual(false);
+    });
+
+    it('returns true if a feedback path is defined', () => {
+      state.createVulnerabilityFeedbackMergeRequestPath = MOCK_PATH;
+
+      expect(canCreateMergeRequest(state)).toEqual(true);
+    });
+  });
+
+  describe('canDismissVulnerability', () => {
+    it('returns false if no feedback path is defined', () => {
+      expect(canDismissVulnerability(state)).toEqual(false);
+    });
+
+    it('returns true if a feedback path is defined', () => {
+      state.createVulnerabilityFeedbackDismissalPath = MOCK_PATH;
+
+      expect(canDismissVulnerability(state)).toEqual(true);
+    });
+  });
 });
--- a/ee/spec/frontend/vue_shared/security_reports/store/mutations_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/store/mutations_spec.js
@@ -55,22 +55,6 @@ describe('security reports mutations', () => {
    });
  });

-  describe('SET_CAN_CREATE_ISSUE_PERMISSION', () => {
-    it('should set permission for create issue', () => {
-      mutations[types.SET_CAN_CREATE_ISSUE_PERMISSION](stateCopy, true);
-
-      expect(stateCopy.canCreateIssuePermission).toEqual(true);
-    });
-  });
-
-  describe('SET_CAN_CREATE_FEEDBACK_PERMISSION', () => {
-    it('should set permission for create feedback', () => {
-      mutations[types.SET_CAN_CREATE_FEEDBACK_PERMISSION](stateCopy, true);
-
-      expect(stateCopy.canCreateFeedbackPermission).toEqual(true);
-    });
-  });
-
  describe('REQUEST_CONTAINER_SCANNING_DIFF', () => {
    it('should set container scanning loading flag to true', () => {
      mutations[types.REQUEST_CONTAINER_SCANNING_DIFF](stateCopy);