Add scan policies to the sidebar

- clean up page styling

Add scan policies to the sidebar
- clean up page styling
f2bc8d5d · Alexander Turinske · can eldem · 258b1d31 · f2bc8d5d · f2bc8d5d
Commit f2bc8d5d authored Feb 24, 2021 by Alexander Turinske Committed by can eldem Mar 04, 2021
7 changed files
--- a/config/feature_flags/development/security_orchestration_policies_configuration.yml
+++ b/config/feature_flags/development/security_orchestration_policies_configuration.yml
 ---
 name: security_orchestration_policies_configuration
-introduced_by_url:
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54220
 rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/321258
 milestone: '13.9'
 type: development

--- a/ee/app/controllers/projects/security/policies_controller.rb
+++ b/ee/app/controllers/projects/security/policies_controller.rb
@@ -15,9 +15,8 @@ module Projects
        render_404 unless Feature.enabled?(:security_orchestration_policies_configuration, project) && can?(current_user, :security_orchestration_policies, project)
      end

-      # arams {"utf8"=>"✓", "authenticity_token"=>"LYYIbIqd2gBMMP2Wjy+Q2JhhXZ4TFps0BW3t+cslPOadSoK7e13efQ9VFtyZxMzyJXYWtmD66mWrjbg/P3JDQQ==", "orchestration"=>{"management_project_id"=>"21"}, "controller"=>"projects/security/policies", "action"=>"assign", "namespace_id"=>"root", "project_id"=>"alpine"}
-      # Project 23
      def assign
+        # TODO: Assign project once #321531 is complete
      end
    end
  end

--- a/ee/app/helpers/ee/projects_helper.rb
+++ b/ee/app/helpers/ee/projects_helper.rb
@@ -183,6 +183,7 @@ module EE
        projects/threat_monitoring#new
        projects/threat_monitoring#edit
        projects/threat_monitoring#alert_details
+        projects/security/policies#show
        projects/audit_events#index
      ]
    end
@@ -360,6 +361,10 @@ module EE
        nav_tabs << :threat_monitoring
      end

+      if can?(current_user, :security_orchestration_policies, project)
+        nav_tabs << :security_orchestration_policies
+      end
+
      if show_audit_events?(project)
        nav_tabs << :audit_events
      end

--- a/ee/app/views/layouts/nav/sidebar/_project_security_link.html.haml
+++ b/ee/app/views/layouts/nav/sidebar/_project_security_link.html.haml
@@ -44,6 +44,11 @@
          = link_to project_threat_monitoring_path(@project), title: _('Threat Monitoring') do
            %span= _('Threat Monitoring')

+      - if project_nav_tab?(:security_orchestration_policies)
+        = nav_link(controller: ['projects/security/policies']) do
+          = link_to project_security_policy_path(@project), title: _('Scan Policies') do
+            %span= _('Scan Policies')
+
      - if project_nav_tab?(:security_configuration)
        = nav_link(path: sidebar_security_configuration_paths) do
          = link_to project_security_configuration_path(@project), title: _('Configuration'), data: { qa_selector: 'security_configuration_link'} do

--- a/ee/app/views/projects/security/policies/show.html.haml
+++ b/ee/app/views/projects/security/policies/show.html.haml
-= s_('Security|Policies')
+- breadcrumb_title _("Scan Policies")

-%body
-  = form_with url:assign_project_security_policy_url(@project), as: :cluster, html: { class: 'cluster_management_form' } do |field|
-    %h4
-      = s_('CreatePolicy|Create a policy')
-    %p
-      = project_select_tag('orchestration[management_project_id]', class: 'hidden-filter-value', toggle_class: 'js-project-search js-project-filter js-filter-submit', dropdown_class: 'dropdown-menu-selectable dropdown-menu-project js-filter-submit',
-          placeholder: _('Select project'), idAttribute: 'id', data: { order_by: 'last_activity_at', idattribute: 'id', simple_filter: true, allow_clear: true, include_groups: false, include_projects_in_subgroups: true, user_id: current_user.id }, value: 123)
-      .text-muted
-        = html_escape(s_('SecurityOrchestration|A security policy project can be used enforce policies for a given project, group, or instance. It allows you to speficy security policies that are important to you  and enforce them with every commit.')) % { code_open: '<code>'.html_safe, code_close: '</code>'.html_safe }
-        = link_to _('More information'), help_page_path('user/clusters/management_project.md'), target: '_blank'
-    = field.submit _('Save changes'), class: 'btn gl-button btn-success'
\ No newline at end of file
+%h2.gl-mb-8
+  = s_("SecurityOrchestration|Create a policy")
+= form_with url:assign_project_security_policy_url(@project), as: :policy_project, html: { class: 'gl-w-half' } do |field|
+  %h4
+    = s_('SecurityOrchestration|Security policy project')
+  %p
+    = project_select_tag('orchestration[management_project_id]', class: 'hidden-filter-value', toggle_class: 'js-project-search js-project-filter js-filter-submit', dropdown_class: 'dropdown-menu-selectable dropdown-menu-project js-filter-submit',
+        placeholder: _('Select project'), idAttribute: 'id', data: { order_by: 'last_activity_at', idattribute: 'id', simple_filter: true, allow_clear: true, include_groups: false, include_projects_in_subgroups: true, user_id: current_user.id }, value: 123)
+    .text-muted
+      = html_escape(s_('SecurityOrchestration|A security policy project can be used enforce policies for a given project, group, or instance. It allows you to speficy security policies that are important to you  and enforce them with every commit.')) % { code_open: '<code>'.html_safe, code_close: '</code>'.html_safe }
+      = link_to _('More information'), help_page_path('user/project/clusters/protect/container_network_security/quick_start_guide'), target: '_blank'
+  = field.submit _('Save changes'), class: 'btn gl-button btn-success'
--- a/ee/spec/views/projects/security/policies/show.html.haml_spec.rb
+++ b/ee/spec/views/projects/security/policies/show.html.haml_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe "projects/security/policies/show", type: :view do
+  let(:user) { project.owner }
+  let(:project) { create(:project) }
+
+  before do
+    stub_feature_flags(security_orchestration_policies_configuration: true)
+    sign_in(user)
+    render
+  end
+
+  it 'renders the default state' do
+    expect(rendered).to have_selector('h2')
+    expect(rendered).to have_selector('h4')
+    expect(rendered).to have_selector('.js-project-search')
+    expect(rendered).to have_selector('.text-muted')
+    expect(rendered).to have_selector('.gl-button')
+  end
+end
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -26170,6 +26170,9 @@ msgstr ""
 msgid "Saving project."
 msgstr ""

+msgid "Scan Policies"
+msgstr ""
+
 msgid "Scanner"
 msgstr ""

@@ -26591,6 +26594,15 @@ msgstr ""
 msgid "SecurityConfiguration|You can quickly enable all security scanning tools by enabling %{linkStart}Auto DevOps%{linkEnd}."
 msgstr ""

+msgid "SecurityOrchestration|A security policy project can be used enforce policies for a given project, group, or instance. It allows you to speficy security policies that are important to you  and enforce them with every commit."
+msgstr ""
+
+msgid "SecurityOrchestration|Create a policy"
+msgstr ""
+
+msgid "SecurityOrchestration|Security policy project"
+msgstr ""
+
 msgid "SecurityReports|%{firstProject} and %{secondProject}"
 msgstr ""

@@ -26828,9 +26840,6 @@ msgstr ""
 msgid "SecurityReports|You must sign in as an authorized user to see this report"
 msgstr ""

-msgid "Security|Policies"
-msgstr ""
-
 msgid "See GitLab's %{password_policy_guidelines}"
 msgstr ""