From b06db674fecbeafde064afeaf69d6c230e0eab2f Mon Sep 17 00:00:00 2001
From: Alexander Turinske <aturinske@gitlab.com>
Date: Fri, 25 Oct 2024 10:41:43 -0700
Subject: [PATCH] Update alert to show warning for group branch mod
- the group branch modification setting can be an object
instead a boolean like the other settings
- the alert shows that the policy is empty if only this
setting is set
- update alert for this use case
- update tests
Changelog: changed
EE: true
---
.../scan_result/editor_component.vue | 15 +++++++++----
.../scan_result/editor_component_spec.js | 22 +++++++++++++------
2 files changed, 26 insertions(+), 11 deletions(-)
diff --git a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_result/editor_component.vue b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_result/editor_component.vue
index 227ef8d013bbd..692c43e383559 100644
--- a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_result/editor_component.vue
+++ b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/scan_result/editor_component.vue
@@ -27,6 +27,7 @@ import FallbackSection from './fallback_section.vue';
import { CLOSED } from './constants';
import {
ACTION_LISTBOX_ITEMS,
+ BLOCK_GROUP_BRANCH_MODIFICATION,
buildAction,
buildSettingsList,
createPolicyObject,
@@ -44,6 +45,7 @@ import {
humanizeInvalidBranchesError,
invalidBranchType,
BOT_MESSAGE_TYPE,
+ PERMITTED_INVALID_SETTINGS_KEY,
REQUIRE_APPROVAL_TYPE,
} from './lib';
@@ -211,11 +213,16 @@ export default {
hasEmptySettings() {
return (
isEmpty(this.policy.approval_settings) ||
- Object.values(this.policy.approval_settings).every((value) => {
- if (typeof value === 'boolean') {
- return !value;
+ Object.entries(this.policy.approval_settings).every(([key, value]) => {
+ if (key === PERMITTED_INVALID_SETTINGS_KEY) {
+ return true;
}
- return true;
+
+ if (key === BLOCK_GROUP_BRANCH_MODIFICATION && typeof value !== 'boolean') {
+ return !value.enabled;
+ }
+
+ return !value;
})
);
},
diff --git a/ee/spec/frontend/security_orchestration/components/policy_editor/scan_result/editor_component_spec.js b/ee/spec/frontend/security_orchestration/components/policy_editor/scan_result/editor_component_spec.js
index 042f1879ce69f..a8ea59f90749f 100644
--- a/ee/spec/frontend/security_orchestration/components/policy_editor/scan_result/editor_component_spec.js
+++ b/ee/spec/frontend/security_orchestration/components/policy_editor/scan_result/editor_component_spec.js
@@ -12,6 +12,7 @@ import ScanFilterSelector from 'ee/security_orchestration/components/policy_edit
import EditorLayout from 'ee/security_orchestration/components/policy_editor/editor_layout.vue';
import {
ACTION_LISTBOX_ITEMS,
+ BLOCK_GROUP_BRANCH_MODIFICATION,
BOT_MESSAGE_TYPE,
buildApprovalAction,
buildBotMessageAction,
@@ -679,6 +680,12 @@ describe('EditorComponent', () => {
describe('empty policy alert', () => {
const settingsPolicy = { approval_settings: { [BLOCK_BRANCH_MODIFICATION]: true } };
+ const groupBranchModificationSettingsPolicy = {
+ actions: [{ type: BOT_MESSAGE_TYPE, enabled: false }],
+ approval_settings: {
+ [BLOCK_GROUP_BRANCH_MODIFICATION]: { enabled: true, exceptions: ['top-level-group'] },
+ },
+ };
const disabledBotPolicy = { actions: [{ type: BOT_MESSAGE_TYPE, enabled: false }] };
const disabledBotPolicyWithSettings = {
approval_settings: { [BLOCK_BRANCH_MODIFICATION]: true },
@@ -686,13 +693,14 @@ describe('EditorComponent', () => {
};
describe.each`
- title | policy | hasActions | hasAlert | alertVariant
- ${'has require approval action and settings'} | ${settingsPolicy} | ${true} | ${false} | ${''}
- ${'has require approval action but does not have settings'} | ${{}} | ${true} | ${false} | ${''}
- ${'has settings but does not have actions'} | ${settingsPolicy} | ${false} | ${true} | ${'warning'}
- ${'does not have actions or settings'} | ${{}} | ${false} | ${true} | ${'warning'}
- ${'has disabled bot action and has settings'} | ${disabledBotPolicyWithSettings} | ${true} | ${true} | ${'warning'}
- ${'has disabled bot action but does not have settings'} | ${disabledBotPolicy} | ${true} | ${true} | ${'danger'}
+ title | policy | hasActions | hasAlert | alertVariant
+ ${'has require approval action and settings'} | ${settingsPolicy} | ${true} | ${false} | ${''}
+ ${'has require approval action but does not have settings'} | ${{}} | ${true} | ${false} | ${''}
+ ${'has settings but does not have actions'} | ${settingsPolicy} | ${false} | ${true} | ${'warning'}
+ ${'does not have actions or settings'} | ${{}} | ${false} | ${true} | ${'warning'}
+ ${'has disabled bot action and has settings'} | ${disabledBotPolicyWithSettings} | ${true} | ${true} | ${'warning'}
+ ${'has disabled bot action but does not have settings'} | ${disabledBotPolicy} | ${true} | ${true} | ${'danger'}
+ ${'has disabled bot action and group branch modification setting'} | ${groupBranchModificationSettingsPolicy} | ${true} | ${true} | ${'warning'}
`('$title', ({ policy, hasActions, hasAlert, alertVariant }) => {
beforeEach(() => {
factoryWithExistingPolicy({ policy, hasActions });
--
GitLab