From 68c473d0ca2cb5a50f4981a204a3d39b3468283d Mon Sep 17 00:00:00 2001 From: samdbeckham Date: Wed, 28 Aug 2019 12:29:20 +0100 Subject: [PATCH 1/4] Adds the page for instance lvl security dashboard - Adds the route - Adds the template - Puts the above behind a feature flag --- config/routes.rb | 1 + .../javascripts/pages/security/index.js | 24 +++++++++++++++++++ ee/app/controllers/security_controller.rb | 15 ++++++++++++ ee/app/views/security/index.html.haml | 4 ++++ ee/config/routes/security.rb | 3 +++ 5 files changed, 47 insertions(+) create mode 100644 ee/app/assets/javascripts/pages/security/index.js create mode 100644 ee/app/controllers/security_controller.rb create mode 100644 ee/app/views/security/index.html.haml create mode 100644 ee/config/routes/security.rb diff --git a/config/routes.rb b/config/routes.rb index 02a405a91f8432..a622ce268da413 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -107,6 +107,7 @@ draw :instance_statistics Gitlab.ee do + draw :security draw :smartcard draw :jira_connect draw :username diff --git a/ee/app/assets/javascripts/pages/security/index.js b/ee/app/assets/javascripts/pages/security/index.js new file mode 100644 index 00000000000000..db010145eec250 --- /dev/null +++ b/ee/app/assets/javascripts/pages/security/index.js @@ -0,0 +1,24 @@ +import Vue from 'vue'; +import createStore from 'ee/security_dashboard/store'; +import router from 'ee/security_dashboard/store/router'; +import DashboardComponent from 'ee/security_dashboard/components/app.vue'; + +if (gon.features && gon.features.securityDashboard) { + document.addEventListener( + 'DOMContentLoaded', + () => + new Vue({ + el: '#js-security', + store: createStore(), + router, + components: { + DashboardComponent, + }, + render(createElement) { + return createElement(DashboardComponent, { + props: {}, + }); + }, + }), + ); +} diff --git a/ee/app/controllers/security_controller.rb b/ee/app/controllers/security_controller.rb new file mode 100644 index 00000000000000..ff8d0f596559cc --- /dev/null +++ b/ee/app/controllers/security_controller.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +class SecurityController < ApplicationController + before_action :authorize_read_security_dashboard! + before_action do + push_frontend_feature_flag(:security_dashboard, default_enabled: true) + end + + def index + end + + def authorize_read_security_dashboard! + render_404 unless can?(current_user, :read_security_dashboard) + end +end diff --git a/ee/app/views/security/index.html.haml b/ee/app/views/security/index.html.haml new file mode 100644 index 00000000000000..4d02d0c4ef86ec --- /dev/null +++ b/ee/app/views/security/index.html.haml @@ -0,0 +1,4 @@ +- page_title _('Security Dashboard') +- @hide_breadcrumbs = true + +#js-security \ No newline at end of file diff --git a/ee/config/routes/security.rb b/ee/config/routes/security.rb new file mode 100644 index 00000000000000..a40687958b8999 --- /dev/null +++ b/ee/config/routes/security.rb @@ -0,0 +1,3 @@ +# frozen_string_literal: true + +get 'security' => 'security#index' \ No newline at end of file -- GitLab From e06e5b1d7526b4a7eb61a074bfe90e77435222c3 Mon Sep 17 00:00:00 2001 From: Mark Florian Date: Mon, 2 Sep 2019 16:35:04 +0100 Subject: [PATCH 2/4] Fix static analysis linting errors --- ee/app/controllers/security_controller.rb | 2 +- ee/config/routes/security.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ee/app/controllers/security_controller.rb b/ee/app/controllers/security_controller.rb index ff8d0f596559cc..fb5b6eac761b9f 100644 --- a/ee/app/controllers/security_controller.rb +++ b/ee/app/controllers/security_controller.rb @@ -5,7 +5,7 @@ class SecurityController < ApplicationController before_action do push_frontend_feature_flag(:security_dashboard, default_enabled: true) end - + def index end diff --git a/ee/config/routes/security.rb b/ee/config/routes/security.rb index a40687958b8999..c5a263bd95f5e4 100644 --- a/ee/config/routes/security.rb +++ b/ee/config/routes/security.rb @@ -1,3 +1,3 @@ # frozen_string_literal: true -get 'security' => 'security#index' \ No newline at end of file +get 'security' => 'security#index' -- GitLab From 41ca178f45805cad439e3c9a0dac7f161439d9b6 Mon Sep 17 00:00:00 2001 From: Mark Florian Date: Mon, 2 Sep 2019 17:42:39 +0100 Subject: [PATCH 3/4] Fix another static analysis linting error --- ee/app/views/security/index.html.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/app/views/security/index.html.haml b/ee/app/views/security/index.html.haml index 4d02d0c4ef86ec..48a2c63137292d 100644 --- a/ee/app/views/security/index.html.haml +++ b/ee/app/views/security/index.html.haml @@ -1,4 +1,4 @@ - page_title _('Security Dashboard') - @hide_breadcrumbs = true -#js-security \ No newline at end of file +#js-security -- GitLab From 5e2a7d0a5c3265e2614da2c33a8e5fea477ba2d8 Mon Sep 17 00:00:00 2001 From: Mark Florian Date: Wed, 4 Sep 2019 19:52:44 +0100 Subject: [PATCH 4/4] Tweak security controller - Disable the `security_dashboard` feature flag by default - Remove superfluous index method - Guard controller on feature flag in addition to policy, as the policy hasn't been written yet --- ee/app/controllers/security_controller.rb | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/ee/app/controllers/security_controller.rb b/ee/app/controllers/security_controller.rb index fb5b6eac761b9f..95911c696c02f9 100644 --- a/ee/app/controllers/security_controller.rb +++ b/ee/app/controllers/security_controller.rb @@ -3,13 +3,11 @@ class SecurityController < ApplicationController before_action :authorize_read_security_dashboard! before_action do - push_frontend_feature_flag(:security_dashboard, default_enabled: true) - end - - def index + push_frontend_feature_flag(:security_dashboard) end def authorize_read_security_dashboard! - render_404 unless can?(current_user, :read_security_dashboard) + render_404 unless Feature.enabled?(:security_dashboard) && + can?(current_user, :read_security_dashboard) end end -- GitLab