[Backend] Add the ability to manage a default project compliance framework on groups
Problem description
This issue is an iteration in developing Group-level setting for default compliance fram... (&8815 - closed).
Proposal
Add the ability to CRUD a default compliance framework on namespaces.
Implementation plan
backend
- Update
ee/app/services/ee/projects/create_service.rb
so that whenever a new project is under a group and the group has set a default compliance framework then create a newComplianceManagement::ComplianceFramework::ProjectSettings
withproject_id
as the current project andframework_id = project.root_namespace.default_compliance_framework.id)
. We can define a methoddefault_compliance_framework
ingroup.rb
as follows:
def default_compliance_framework
default_compliance_framework_id = namespace_settings.default_compliance_framework
ComplianceManagement::Framework.where(id: default_compliance_framework_id)
end
- Whenever a framework is deleted check if it is the default framework, in case it is then prevent the deletion and show an error message to the user.
- Add a
default
field to theTypes::ComplianceManagement::ComplianceFrameworkType
, something like the diff below:
diff --git a/ee/app/graphql/types/compliance_management/compliance_framework_type.rb b/ee/app/graphql/types/compliance_management/compliance_framework_type.rb
index 7f80b916c0c0..1f4c1102ba86 100644
--- a/ee/app/graphql/types/compliance_management/compliance_framework_type.rb
+++ b/ee/app/graphql/types/compliance_management/compliance_framework_type.rb
@@ -27,6 +27,13 @@ class ComplianceFrameworkType < Types::BaseObject
null: true,
description: 'Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/.compliance-gitlab-ci.yml@compliance/hipaa` **(ULTIMATE)**.',
authorize: :manage_group_level_compliance_pipeline_config
+
+ field :default, GraphQL::Types::Boolean,
+ null: false, description: 'Default compliance framework for the group.'
+
+ def default
+ object.id == object.namespace.namespace_settings.default_compliance_framework
+ end
end
end
end
- Update the
Types::ComplianceManagement::ComplianceFrameworkInputType
to also accept an optional boolean argumentdefault
, this will be used by frontend to set and remove default compliance frameworks.
Edited by Huzaifa Iftikhar