Extend License Compliance entity for Pipelines and MR view

Change json payload Sort licenses alphabetically

Extend License Compliance entity for Pipelines and MR view
Change json payload Sort licenses alphabetically
f55e46b7 · Can Eldem · Rémy Coutable · 1567a6ee · f55e46b7 · f55e46b7
Commit f55e46b7 authored Sep 05, 2019 by Can Eldem Committed by Rémy Coutable Sep 05, 2019
20 changed files
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -1240,9 +1240,9 @@ class MergeRequest < ApplicationRecord
    compare_reports(Ci::CompareTestReportsService)
  end
-  def compare_reports(service_class)
+  def compare_reports(service_class, current_user = nil)
    with_reactive_cache(service_class.name) do |data|
-      unless service_class.new(project)
+      unless service_class.new(project, current_user)
        .latest?(base_pipeline, actual_head_pipeline, data)
        raise InvalidateReactiveCache
      end

--- a/ee/app/controllers/ee/projects/merge_requests_controller.rb
+++ b/ee/app/controllers/ee/projects/merge_requests_controller.rb
@@ -48,7 +48,7 @@ module EE
      end
      def license_management_reports
-        reports_response(merge_request.compare_license_management_reports)
+        reports_response(merge_request.compare_license_management_reports(current_user))
      end
      def container_scanning_reports

--- a/ee/app/controllers/ee/projects/pipelines_controller.rb
+++ b/ee/app/controllers/ee/projects/pipelines_controller.rb
@@ -31,7 +31,8 @@ module EE
          if report_exists
            format.html { render_show }
            format.json do
-              render json: LicenseManagementReportLicenseEntity.licenses_payload(pipeline.license_management_report), status: :ok
+              data = LicenseManagementReportsSerializer.new(project: project, current_user: current_user).represent(pipeline&.license_management_report&.licenses)
+              render json: data, status: :ok
            end
          else
            format.html { redirect_to pipeline_path(pipeline) }

--- a/ee/app/models/ee/merge_request.rb
+++ b/ee/app/models/ee/merge_request.rb
@@ -152,12 +152,12 @@ module EE
      compare_reports(::Ci::CompareSastReportsService)
    end
-    def compare_license_management_reports
+    def compare_license_management_reports(current_user)
      unless has_license_management_reports?
        return { status: :error, status_reason: 'This merge request does not have license management reports' }
      end
-      compare_reports(::Ci::CompareLicenseManagementReportsService)
+      compare_reports(::Ci::CompareLicenseManagementReportsService, current_user)
    end
    def has_metrics_reports?

--- a/ee/app/serializers/ee/license_management_reports_serializer.rb
+++ b/ee/app/serializers/ee/license_management_reports_serializer.rb
+# frozen_string_literal: true
+class LicenseManagementReportsSerializer < BaseSerializer
+  entity LicenseManagementReportLicenseEntity
+end
--- a/ee/app/serializers/license_management_report_license_entity.rb
+++ b/ee/app/serializers/license_management_report_license_entity.rb
 # frozen_string_literal: true
 class LicenseManagementReportLicenseEntity < Grape::Entity
+  include RequestAwareEntity
  expose :name
+  expose :classification
  expose :dependencies, using: LicenseManagementReportDependencyEntity
-  expose :count do |license|
+  expose :count
-    license.dependencies.size
+  expose :url
-  end
-  def self.licenses_payload(report)
+  def classification
-    report.licenses.empty? ? {} : self.represent(report.licenses).as_json
+    default = { id: nil, name: value_for(:name), approval_status: 'unclassified' }
+    found = SoftwareLicensePoliciesFinder.new(request&.current_user, request&.project, name: value_for(:name)).find
+    ManagedLicenseEntity.represent(found || default)
  end
 end
--- a/ee/app/services/ci/compare_license_management_reports_service.rb
+++ b/ee/app/services/ci/compare_license_management_reports_service.rb
@@ -10,6 +10,10 @@ module Ci
      LicenseManagementReportsComparerSerializer
    end
+    def serializer_params
+      { project: project, current_user: current_user }
+    end
    def get_report(pipeline)
      pipeline&.license_management_report
    end

--- a/ee/changelogs/unreleased/add-approval-status-field-lm.yml
+++ b/ee/changelogs/unreleased/add-approval-status-field-lm.yml
+---
+title: Extend License Compliance entity for Pipelines and MR view
+merge_request: 15957
+author:
+type: changed
--- a/ee/lib/gitlab/ci/parsers/license_management/license_management.rb
+++ b/ee/lib/gitlab/ci/parsers/license_management/license_management.rb
@@ -18,9 +18,11 @@ module Gitlab
                license_dependencies = root['dependencies'].select do |dependency|
                  uses_license?(dependency['license']['name'], license_name)
                end
                license_dependencies.each do |dependency|
-                  license_management_report.add_dependency(license_name, dependency['dependency']['name'])
+                  license_management_report.add_dependency(license_name,
+                                                           license_hash['count'],
+                                                           dependency['license']['url'],
+                                                           dependency['dependency']['name'])
                end
              end
            end

--- a/ee/lib/gitlab/ci/reports/license_management/license.rb
+++ b/ee/lib/gitlab/ci/reports/license_management/license.rb
@@ -5,10 +5,12 @@ module Gitlab
    module Reports
      module LicenseManagement
        class License
-          attr_reader :name, :status
+          attr_reader :name, :url, :count
-          def initialize(name)
+          def initialize(name, count, url)
            @name = name
+            @count = count
+            @url = url
            @dependencies = Set.new
          end

--- a/ee/lib/gitlab/ci/reports/license_management/report.rb
+++ b/ee/lib/gitlab/ci/reports/license_management/report.rb
@@ -5,22 +5,24 @@ module Gitlab
    module Reports
      module LicenseManagement
        class Report
+          attr_reader :found_licenses
          def initialize
            @found_licenses = {}
          end
          def licenses
-            @found_licenses.values
+            found_licenses.values.sort_by { |license| license.name.downcase }
          end
          def license_names
-            @found_licenses.values.map(&:name)
+            found_licenses.values.map(&:name)
          end
-          def add_dependency(license_name, dependency_name)
+          def add_dependency(license_name, license_count, license_url, dependency_name)
            key = license_name.upcase
-            @found_licenses[key] ||= ::Gitlab::Ci::Reports::LicenseManagement::License.new(license_name)
+            found_licenses[key] ||= ::Gitlab::Ci::Reports::LicenseManagement::License.new(license_name, license_count, license_url)
-            @found_licenses[key].add_dependency(dependency_name)
+            found_licenses[key].add_dependency(dependency_name)
          end
          def violates?(software_license_policies)

--- a/ee/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/ee/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -679,7 +679,7 @@ describe Projects::MergeRequestsController do
    before do
      allow_any_instance_of(::MergeRequest).to receive(:compare_reports)
-        .with(::Ci::CompareLicenseManagementReportsService).and_return(comparison_status)
+        .with(::Ci::CompareLicenseManagementReportsService, project.users.first).and_return(comparison_status)
    end
    context 'when comparison is being processed' do

--- a/ee/spec/controllers/projects/pipelines_controller_spec.rb
+++ b/ee/spec/controllers/projects/pipelines_controller_spec.rb
@@ -256,6 +256,9 @@ describe Projects::PipelinesController do
  describe 'GET licenses' do
    let(:licenses_with_html) {get :licenses, format: :html, params: { namespace_id: project.namespace, project_id: project, id: pipeline }}
    let(:licenses_with_json) {get :licenses, format: :json, params: { namespace_id: project.namespace, project_id: project, id: pipeline }}
+    let!(:mit_license) { create(:software_license, :mit) }
+    let!(:software_license_policy) { create(:software_license_policy, software_license: mit_license, project: project) }
    let(:payload) { JSON.parse(licenses_with_json.body) }
    context 'with a license management artifact' do
@@ -283,7 +286,19 @@ describe Projects::PipelinesController do
        it 'will return license management report in json format' do
          expect(payload.size).to eq(pipeline.license_management_report.licenses.size)
-          expect(payload.first.keys).to eq(%w(name dependencies count))
+          expect(payload.first.keys).to eq(%w(name classification dependencies count url))
+        end
+        it 'will return mit license approved status' do
+          payload_mit = payload.find { |l| l['name'] == 'MIT' }
+          expect(payload_mit['count']).to eq(pipeline.license_management_report.found_licenses['MIT'].count)
+          expect(payload_mit['url']).to eq('http://opensource.org/licenses/mit-license')
+          expect(payload_mit['classification']['approval_status']).to eq('approved')
+        end
+        it 'will return sorted by name' do
+          expect(payload.first['name']).to eq('Apache 2.0')
+          expect(payload.last['name']).to eq('unknown')
        end
      end

--- a/ee/spec/factories/ci/reports/license_management/report.rb
+++ b/ee/spec/factories/ci/reports/license_management/report.rb
@@ -4,21 +4,21 @@ FactoryBot.define do
  factory :ci_reports_license_management_report, class: ::Gitlab::Ci::Reports::LicenseManagement::Report do
    trait :report_1 do
      after(:build) do |report, evaluator|
-        report.add_dependency('MIT', 'Library1')
+        report.add_dependency('MIT', 1, 'https://opensource.org/licenses/mit', 'Library1')
-        report.add_dependency('WTFPL', 'Library2')
+        report.add_dependency('WTFPL', 1, 'https://opensource.org/licenses/wtfpl', 'Library2')
      end
    end
    trait :report_2 do
      after(:build) do |report, evaluator|
-        report.add_dependency('MIT', 'Library1')
+        report.add_dependency('MIT', 1, 'https://opensource.org/licenses/mit', 'Library1')
-        report.add_dependency('Apache 2.0', 'Library3')
+        report.add_dependency('Apache 2.0', 1, 'https://opensource.org/licenses/apache', 'Library3')
      end
    end
    trait :mit do
      after(:build) do |report, evaluator|
-        report.add_dependency('MIT', 'rails')
+        report.add_dependency('MIT', 1, 'https://opensource.org/licenses/mit', 'rails')
      end
    end
  end

--- a/ee/spec/models/ci/build_spec.rb
+++ b/ee/spec/models/ci/build_spec.rb
@@ -191,8 +191,8 @@ describe Ci::Build do
          expect { subject }.not_to raise_error
          expect(license_management_report.licenses.count).to eq(4)
-          expect(license_management_report.licenses[0].name).to eq('MIT')
+          expect(license_management_report.found_licenses['MIT'].name).to eq('MIT')
-          expect(license_management_report.licenses[0].dependencies.count).to eq(52)
+          expect(license_management_report.found_licenses['MIT'].dependencies.count).to eq(52)
        end
      end

--- a/ee/spec/models/merge_request_spec.rb
+++ b/ee/spec/models/merge_request_spec.rb
@@ -342,7 +342,7 @@ describe MergeRequest do
  end
  describe '#compare_license_management_reports' do
-    subject { merge_request.compare_license_management_reports }
+    subject { merge_request.compare_license_management_reports(project.users.first) }
    let(:project) { create(:project, :repository) }
    let(:merge_request) { create(:merge_request, source_project: project) }

--- a/ee/spec/serializers/license_management_report_license_entity_spec.rb
+++ b/ee/spec/serializers/license_management_report_license_entity_spec.rb
@@ -5,8 +5,16 @@ require 'spec_helper'
 describe LicenseManagementReportLicenseEntity do
  include LicenseManagementReportHelper
+  let(:user) { build(:user) }
+  let(:project) { build(:project, :repository) }
  let(:license) { create_license }
-  let(:entity) { described_class.new(license) }
+  let(:request) { double('request') }
+  let(:entity) { described_class.new(license, request: request) }
+  before do
+    allow(request).to receive(:current_user).and_return(user)
+    allow(request).to receive(:project).and_return(project)
+  end
  describe '#as_json' do
    subject { entity.as_json }

--- a/ee/spec/serializers/license_management_reports_comparer_entity_spec.rb
+++ b/ee/spec/serializers/license_management_reports_comparer_entity_spec.rb
@@ -5,8 +5,16 @@ require 'spec_helper'
 describe LicenseManagementReportsComparerEntity do
  include LicenseManagementReportHelper
+  let(:user) { build(:user) }
+  let(:project) { build(:project, :repository) }
+  let(:request) { double('request') }
  let(:comparer) { create_comparer }
-  let(:entity) { described_class.new(comparer) }
+  let(:entity) { described_class.new(comparer, request: request) }
+  before do
+    allow(request).to receive(:current_user).and_return(user)
+    allow(request).to receive(:project).and_return(project)
+  end
  describe '#as_json' do
    subject { entity.as_json }

--- a/ee/spec/services/ci/compare_license_management_reports_service_spec.rb
+++ b/ee/spec/services/ci/compare_license_management_reports_service_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 describe Ci::CompareLicenseManagementReportsService do
-  let(:service) { described_class.new(project) }
+  let(:service) { described_class.new(project, project.users.take) }
  let(:project) { create(:project, :repository) }
  before do

--- a/ee/spec/support/license_management_reports/license_management_report_helper.rb
+++ b/ee/spec/support/license_management_reports/license_management_report_helper.rb
@@ -5,7 +5,7 @@ module LicenseManagementReportHelper
    Gitlab::Ci::Reports::LicenseManagement::Report.new.tap do |report|
      dependencies.each do |license_name, dependencies|
        dependencies.each do |dependency_name|
-          report.add_dependency(license_name.to_s, dependency_name)
+          report.add_dependency(license_name.to_s, 1, "https://opensource.org/licenses/license1", dependency_name)
        end
      end
    end
@@ -32,7 +32,7 @@ module LicenseManagementReportHelper
  end
  def create_license
-    Gitlab::Ci::Reports::LicenseManagement::License.new('License1').tap do |license|
+    Gitlab::Ci::Reports::LicenseManagement::License.new('License1', 1, "https://opensource.org/licenses/license1").tap do |license|
      license.add_dependency('Dependency1')
      license.add_dependency('Dependency2')
    end