CVE ID Request button Feature Flag removal

d538e6fe · Julian Thome · Mayra Cabrera · f21cb86d · d538e6fe · d538e6fe
Commit d538e6fe authored Sep 09, 2021 by Julian Thome Committed by Mayra Cabrera Sep 09, 2021
9 changed files
--- a/ee/app/controllers/ee/projects/issues_controller.rb
+++ b/ee/app/controllers/ee/projects/issues_controller.rb
@@ -14,10 +14,6 @@ module EE
          populate_vulnerability_id
        end
-        before_action only: :show do
-          push_frontend_feature_flag(:cve_id_request_button, project)
-        end
        before_action :redirect_if_test_case, only: [:show]
        feature_category :issue_tracking, [:delete_description_version, :description_diff]

--- a/ee/app/controllers/ee/projects_controller.rb
+++ b/ee/app/controllers/ee/projects_controller.rb
@@ -11,7 +11,6 @@ module EE
      before_action :log_unarchive_audit_event, only: [:unarchive]
      before_action only: :show do
-        push_frontend_feature_flag(:cve_id_request_button, project)
        enable_sast_entry_points_experiment
      end
@@ -82,13 +81,7 @@ module EE
    override :project_setting_attributes
    def project_setting_attributes
-      proj_setting_attrs = super + [:prevent_merge_without_jira_issue]
+      super + [:prevent_merge_without_jira_issue, :cve_id_request_enabled]
-      if ::Feature.enabled?(:cve_id_request_button, project)
-        proj_setting_attrs << :cve_id_request_enabled
-      end
-      proj_setting_attrs
    end
    def project_params_ee

--- a/ee/app/helpers/ee/projects_helper.rb
+++ b/ee/app/helpers/ee/projects_helper.rb
@@ -14,29 +14,19 @@ module EE
    override :project_permissions_settings
    def project_permissions_settings(project)
-      settings = super.merge(
+      super.merge({
-        requirementsAccessLevel: project.requirements_access_level
+        requirementsAccessLevel: project.requirements_access_level,
-      )
+        cveIdRequestEnabled: (project.public? && project.project_setting.cve_id_request_enabled?)
+      })
-      if ::Feature.enabled?(:cve_id_request_button, project)
-        settings[:cveIdRequestEnabled] = project.public? && project.project_setting.cve_id_request_enabled?
-      end
-      settings
    end
    override :project_permissions_panel_data
    def project_permissions_panel_data(project)
-      panel_data = super.merge(
+      super.merge({
-        requirementsAvailable: project.feature_available?(:requirements)
+        requirementsAvailable: project.feature_available?(:requirements),
-      )
+        requestCveAvailable: ::Gitlab.com?,
+        cveIdRequestHelpPath: help_page_path('user/application_security/cve_id_request')
-      if ::Feature.enabled?(:cve_id_request_button, project)
+      })
-        panel_data[:requestCveAvailable] = ::Gitlab.com?
-        panel_data[:cveIdRequestHelpPath] = help_page_path('user/application_security/cve_id_request')
-      end
-      panel_data
    end
    override :default_url_to_repo

--- a/ee/app/serializers/ee/issue_sidebar_basic_entity.rb
+++ b/ee/app/serializers/ee/issue_sidebar_basic_entity.rb
@@ -19,7 +19,7 @@ module EE
        end
      end
-      expose :request_cve_enabled_for_user, if: ->(issue) { ::Feature.enabled?(:cve_id_request_button, issue.project) } do |issue|
+      expose :request_cve_enabled_for_user do |issue|
        ::Gitlab.com? \
          && can?(current_user, :admin_project, issue.project) \
          && issue.project.public? \

--- a/ee/config/feature_flags/development/cve_id_request_button.yml
+++ b/ee/config/feature_flags/development/cve_id_request_button.yml
---
-name: cve_id_request_button
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/41203
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/299569
-milestone: '13.10'
-type: development
-group: group::vulnerability research
-default_enabled: false
--- a/ee/spec/controllers/projects_controller_spec.rb
+++ b/ee/spec/controllers/projects_controller_spec.rb
@@ -298,6 +298,26 @@ RSpec.describe ProjectsController do
      end
    end
+    it 'updates cve_id_request_enabled' do
+      project.project_setting.cve_id_request_enabled = false
+      project.project_setting.save!
+      params = {
+        project_setting_attributes: {
+          cve_id_request_enabled: true
+        }
+      }
+      put :update,
+        params: {
+        namespace_id: project.namespace,
+        id: project,
+        project: params
+      }
+      project.reload
+      expect(project.project_setting.cve_id_request_enabled).to eq(true)
+    end
    context 'when merge_pipelines_enabled param is specified' do
      let(:params) { { merge_pipelines_enabled: true } }
@@ -565,35 +585,6 @@ RSpec.describe ProjectsController do
        end
      end
    end
-    context 'cve_id_request_button feature flag' do
-      where(feature_flag_enabled: [true, false])
-      with_them do
-        before do
-          stub_feature_flags(cve_id_request_button: feature_flag_enabled)
-        end
-        it 'handles setting cve_id_request_enabled' do
-          project.project_setting.cve_id_request_enabled = false
-          project.project_setting.save!
-          params = {
-            project_setting_attributes: {
-              cve_id_request_enabled: true
-            }
-          }
-          put :update,
-              params: {
-                namespace_id: project.namespace,
-                id: project,
-                project: params
-              }
-          project.reload
-          expect(project.project_setting.cve_id_request_enabled).to eq(feature_flag_enabled)
-        end
-      end
-    end
  end
  describe '#download_export' do

--- a/ee/spec/features/projects/settings/issues_settings_spec.rb
+++ b/ee/spec/features/projects/settings/issues_settings_spec.rb
@@ -73,40 +73,21 @@ RSpec.describe 'Project settings > Issues', :js do
    end
  end
-  context 'when viewing CVE request settings with different :cve_id_request_button feature flag values' do
+  context 'when viewing CVE request settings' do
-    using RSpec::Parameterized::TableSyntax
+    before do
+      allow(::Gitlab).to receive(:com?).and_return(true)
-    where(:feature_flag_enabled, :should_show_toggle) do
-      true | true
-      false | false
-    end
-    with_them do
-      before do
-        stub_feature_flags(cve_id_request_button: feature_flag_enabled)
-        # setup the project so that it *should* be visible IF the feature flag
-        # were enabled
-        allow(::Gitlab).to receive(:com?).and_return(true)
-        vis_val = Gitlab::VisibilityLevel.const_get(:PUBLIC, false)
+      project.update_column(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)
-        project.visibility_level = vis_val
-        project.save!
-        project_setting = project.project_setting
+      project_setting = project.project_setting
-        project_setting.cve_id_request_enabled = true
+      project_setting.cve_id_request_enabled = true
-        project_setting.save!
+      project_setting.save!
-        visit edit_project_path(project)
+      visit edit_project_path(project)
-      end
+    end
-      it 'CVE ID Request toggle should only be visible if the feature is enabled' do
+    it 'CVE ID Request toggle should only be visible if the feature is enabled' do
-        if should_show_toggle
+      expect(page).to have_selector('[data-testid="cve_id_request_toggle"')
-          expect(page).to have_selector('[data-testid="cve_id_request_toggle"')
-        else
-          expect(page).not_to have_selector('[data-testid="cve_id_request_toggle"')
-        end
-      end
    end
  end

--- a/ee/spec/helpers/projects_helper_spec.rb
+++ b/ee/spec/helpers/projects_helper_spec.rb
@@ -318,27 +318,13 @@ RSpec.describe ProjectsHelper do
    it { is_expected.to include(expected_settings) }
    context 'cveIdRequestEnabled' do
-      context "with cve_id_request_button feature flag" do
+      where(:project_attrs, :expected) do
-        where(feature_flag_enabled: [true, false])
+        [:public]   | true
-        with_them do
+        [:internal] | false
-          before do
+        [:private]  | false
-            stub_feature_flags(cve_id_request_button: feature_flag_enabled)
-          end
-          it 'includes cveIdRequestEnabled' do
-            expect(subject.key?(:cveIdRequestEnabled)).to eq(feature_flag_enabled)
-          end
-        end
-      end
-      where(:project_attrs, :cve_enabled, :expected) do
-        [:public]   | true  | true
-        [:public]   | false | false
-        [:internal] | true  | false
-        [:private]  | true  | false
      end
      with_them do
-        let(:project) { create(:project, :with_cve_request, *project_attrs, cve_request_enabled: cve_enabled) }
+        let(:project) { create(:project, :with_cve_request, *project_attrs) }
        subject { helper.project_permissions_settings(project) }
        it 'has the correct cveIdRequestEnabled value' do
@@ -375,19 +361,6 @@ RSpec.describe ProjectsHelper do
        end
      end
    end
-    context "with cve_id_request_button feature flag" do
-      where(feature_flag_enabled: [true, false])
-      with_them do
-        before do
-          stub_feature_flags(cve_id_request_button: feature_flag_enabled)
-        end
-        it 'includes requestCveAvailable' do
-          expect(subject.key?(:requestCveAvailable)).to eq(feature_flag_enabled)
-        end
-      end
-    end
  end
  describe '#approvals_app_data' do

--- a/ee/spec/serializers/ee/issue_sidebar_basic_entity_spec.rb
+++ b/ee/spec/serializers/ee/issue_sidebar_basic_entity_spec.rb
@@ -10,7 +10,7 @@ RSpec.describe EE::IssueSidebarBasicEntity do
  let(:subject) { IssueSerializer.new(current_user: user, project: project) }
  context "When serializing" do
-    context "with the cve_id_request_button feature flag enabled" do
+    context "with the cve_id_request_button" do
      using RSpec::Parameterized::TableSyntax
      where(:is_gitlab_com, :is_public, :is_admin, :expected_value) do
@@ -25,25 +25,13 @@ RSpec.describe EE::IssueSidebarBasicEntity do
          allow(issue.project).to receive(:public?).and_return(is_public)
          issue.project.add_maintainer(user) if is_admin
          allow(Gitlab).to receive(:com?).and_return(is_gitlab_com)
-          stub_feature_flags(cve_id_request_button: true)
        end
-        it 'uses the value from request_cve_enabled_for_user when the feature flag is on' do
+        it 'uses the value from request_cve_enabled_for_user' do
          data = subject.represent(issue, serializer: 'sidebar')
          expect(data[:request_cve_enabled_for_user]).to eq(expected_value)
        end
      end
    end
-    context "with the cve_id_request_button feature flag disabled" do
-      before do
-        stub_feature_flags(cve_id_request_button: false)
-      end
-      it 'does not use the value from request_cve_enabled_for_user when the feature flag is off' do
-        data = subject.represent(issue, serializer: 'sidebar')
-        expect(data).not_to include(:request_cve_enabled_for_user)
-      end
-    end
  end
 end